Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Asus K53S - Zawirusowany - przeglądarka, wyskakujące okienka

voocash 20 Lis 2016 22:16 507 8
  • #1 20 Lis 2016 22:16
    voocash
    Poziom 12  

    Witam.
    Laptop mojej dziewczyny Asus K53S.
    Jakiś czas temu zaczęły się dziać dziwne rzeczy.
    Samoistnie zmienił się język w firefoxie na angielski, zmieniła się domyślna strona wyszukiwania (nie można było zmienić na inną). Czasem wyskakiwała reklama "Gratulacje użytkowniku, wygrałeś IPhona S6". Avast coś wykrywał i blokował. Przeskanowałem system Malwarebytes Anti-Malware. Wywaliło mnóstwo rzeczy, usunęło. Było dobrze ale przez jeden dzień. Później znów to samo. Więc dziś zrobiłem trochę więcej: znów scan Malwarebytes Anti-Malware, później Dr.Web, AdwCleaner i na koniec FRST. Czy to już wszystko? Proszę o pomoc. Załączam logi.
    Windows 10 Home x64

    0 8
  • CControls
  • Pomocny post
    #2 21 Lis 2016 09:03
    krzychupar
    Poziom 41  

    Odinstaluj:
    Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle) a zainstaluj to: https://ninite.com/java8/ninite.exe
    Price Metér (remove only) (HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\Price Metér) (Version: 1.1.2.7 - Price Meter) <==== UWAGA

    Otwórz notatnik systemowy i wklej:
    CustomCLSID: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    Task: {2D42277D-2E1C-487B-9F08-776E90E830EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {3ED09785-3037-48CB-9DE4-BE9C345ACF94} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {4D706C5D-09C3-4F7E-95B7-48D4C0455936} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {4E362A72-17BC-4B7C-A4BB-7DC617C73E7F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {615CBBD1-EA1D-405C-AABE-669B8ADBAE98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {6847767F-EE4F-4FF2-9E48-7DA42F97056C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {7EAEFA6A-D7DF-4FC4-BE4E-4C98970A0F7F} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\DC0FAE2B3C357D9BBC8F27FC8F5FABCD\Update\BrowserUpdate.exe <==== UWAGA
    Task: {8C7E95BF-74B3-4492-87CE-BC822E76AEE2} - System32\Tasks\{8A01ED26-92AE-4CE3-8B9C-564FB677915F} => pcalua.exe -a "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -d "C:\Program Files (x86)\DAEMON Tools Lite"
    Task: {90FF3AA2-1E9F-4BE0-BB87-DD6B1058794F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {B2F18C21-DF6E-4E9E-BE72-B27247B21182} - System32\Tasks\{C4ADF37E-09B5-49C4-86E6-ECE0E242B5FB} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.113/pl/abandon...e-chrome:notoffered;ienotdefaultbrowser2
    Task: {B9315093-D255-447B-AEBA-B0E98E636633} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA
    Task: {BC829136-F060-49F1-87C8-27D943BDB181} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {C542BC40-503A-48D4-B87C-987C1F24384B} - System32\Tasks\{F8A3D313-EAB3-468B-9166-C17832542F41} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/pl/abando...?source=lightinstaller&amp;page=tsInstall




    Task: {C65B4A27-53B4-493F-A25A-984C078AF7C4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {DA78BD76-DCB8-4764-A635-FC07E611490D} - System32\Tasks\{2520A364-D4EE-48F5-B709-FE131BC773F3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=li...mp;ver=5.10.0.116.259&amp;LastError=12002
    Task: {F18BA752-66FD-4B89-A368-2F9F87722519} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {89e1fe9e-9b05-11e5-ae1c-0008ca335b49} - "F:\LG_PC_Programs.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace718f5-dd9d-11e5-9be2-0008ca335b49} - "F:\Setup.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace719d7-dd9d-11e5-9be2-0008ca335b49} - "G:\RunGame.exe"
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> 054139131C074CBD80D2388CEA9481A3 URL = hxxp://isearch.avg.com/search?cid={B7D79542-7D3D-4F8A-9CD4-E6919EDC1259}&mid=5f4514e8db7d47d0850ed1418cd7b2ba-5216b92acc95859895e93290ac93c709d12ded22&lang=pl&ds=AVG&pr=fr&d=2012-12-15 22:51:30&v=14.1.0.10&pid=avg&sg=&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Brak pliku
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - Brak pliku
    Edge HomeButtonPage: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> hxxp://www.nuesearch.com/?type=hp&ts=1465...0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    FF Homepage: Firefox\Firefox\Profiles\24iwh6zb.default -> hxxp://www.searchinme.com/?type=hp&ts=147...cial&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    CHR HomePage: Default -> mysearch.avg.com/?rvt=1
    CHR StartupUrls: Default -> "hxxp://www.nuesearch.com/?type=hp&ts=1465799149&z=cf8b9e614dd284974959904gdz6q6wam8t5tdg8qft&from=wpm0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC"
    CHR HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    U3 idsvc; Brak ImagePath
    2016-11-20 20:10 - 2016-11-20 20:44 - 00000000 ____D C:\Users\Monika\Doctor Web
    2016-11-15 21:33 - 2016-11-15 21:34 - 00000000 ____D C:\Program Files (x86)\jjjpa5mg
    2016-11-15 16:07 - 2016-11-15 16:07 - 00000000 ____D C:\Program Files (x86)\yrk7xepj
    2016-11-15 14:07 - 2016-11-15 14:07 - 00000000 ____D C:\Program Files (x86)\z2h545ty
    2016-11-15 12:07 - 2016-11-15 12:07 - 00000000 ____D C:\Program Files (x86)\yzngi13i
    2016-11-12 16:36 - 2016-11-12 16:36 - 00000000 ____D C:\Program Files (x86)\d71x9e5h
    2016-11-10 00:07 - 2016-11-10 00:17 - 00000000 ____D C:\Program Files (x86)\wjbqw2tr
    2016-11-09 22:07 - 2016-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\vq0a4x3j
    2016-11-09 20:07 - 2016-11-09 20:17 - 00000000 ____D C:\Program Files (x86)\vr79hney
    2016-11-09 18:07 - 2016-11-09 18:17 - 00000000 ____D C:\Program Files (x86)\z65dd982
    2016-11-09 16:07 - 2016-11-09 16:18 - 00000000 ____D C:\Program Files (x86)\yc0xk49l
    2016-11-09 14:07 - 2016-11-09 14:07 - 00000000 ____D C:\Program Files (x86)\3q839w2o
    2016-11-09 12:07 - 2016-11-09 12:08 - 00000000 ____D C:\Program Files (x86)\jdlhqsoi
    2016-11-09 11:35 - 2016-11-09 11:36 - 00000000 ____D C:\Program Files (x86)\4wd61o6k
    2016-11-09 00:07 - 2016-11-09 00:17 - 00000000 ____D C:\Program Files (x86)\a8xb497e
    2016-11-08 22:07 - 2016-11-08 22:08 - 00000000 ____D C:\Program Files (x86)\h74v0v87
    2016-11-08 20:07 - 2016-11-08 20:08 - 00000000 ____D C:\Program Files (x86)\ks11xo12
    2016-11-08 18:07 - 2016-11-08 18:12 - 00000000 ____D C:\Program Files (x86)\g77duht5
    2016-11-08 16:07 - 2016-11-08 16:17 - 00000000 ____D C:\Program Files (x86)\ks4iial8
    2016-11-08 14:11 - 2016-11-08 14:11 - 00000000 ____D C:\Users\Monika\AppData\Local\{AD1B746F-0F0D-4C1F-BADA-CB5D35A8C8AE}
    2016-11-08 14:07 - 2016-11-08 14:11 - 00000000 ____D C:\Program Files (x86)\oe1oevea
    2016-11-08 12:07 - 2016-11-08 12:08 - 00000000 ____D C:\Program Files (x86)\hgylklrp
    2016-11-08 02:07 - 2016-11-08 02:07 - 00000000 ____D C:\Program Files (x86)\s3trdeix
    2016-11-08 00:07 - 2016-11-08 00:07 - 00000000 ____D C:\Program Files (x86)\vor508bs
    2016-11-07 22:07 - 2016-11-07 22:07 - 00000000 ____D C:\Program Files (x86)\zao0x15v
    2016-11-07 20:07 - 2016-11-07 20:07 - 00000000 ____D C:\Program Files (x86)\vwteltxy
    2016-11-07 18:07 - 2016-11-07 18:07 - 00000000 ____D C:\Program Files (x86)\zarrhlp2
    2016-11-07 16:07 - 2016-11-07 16:07 - 00000000 ____D C:\Program Files (x86)\4wow77i6
    2016-11-07 14:07 - 2016-11-07 14:07 - 00000000 ____D C:\Program Files (x86)\zim23zb1
    2016-11-07 12:07 - 2016-11-07 12:07 - 00000000 ____D C:\Program Files (x86)\3wrfqs54
    2016-11-04 02:07 - 2016-11-04 02:07 - 00000000 ____D C:\Program Files (x86)\zivcuxry
    2016-11-04 00:07 - 2016-11-04 00:07 - 00000000 ____D C:\Program Files (x86)\vwthiqk2
    2016-11-03 22:07 - 2016-11-03 22:07 - 00000000 ____D C:\Program Files (x86)\ziyufjd5
    2016-11-03 20:07 - 2016-11-03 20:07 - 00000000 ____D C:\Program Files (x86)\45wz4c7z
    2016-11-03 18:07 - 2016-11-03 18:07 - 00000000 ____D C:\Program Files (x86)\zit5rxy3
    2016-11-03 16:07 - 2016-11-03 16:07 - 00000000 ____D C:\Program Files (x86)\45rhnqj7
    2016-11-03 14:07 - 2016-11-03 14:07 - 00000000 ____D C:\Program Files (x86)\a4wuumsx
    2016-11-03 12:07 - 2016-11-03 12:08 - 00000000 ____D C:\Program Files (x86)\acurzc6c
    2016-11-03 10:07 - 2016-11-03 10:08 - 00000000 ____D C:\Program Files (x86)\7qr5w6y8
    2016-11-03 08:07 - 2016-11-03 08:08 - 00000000 ____D C:\Program Files (x86)\acpakqqa
    2016-11-03 02:07 - 2016-11-03 02:08 - 00000000 ____D C:\Program Files (x86)\dypxs56k
    2016-11-03 01:18 - 2016-11-03 01:19 - 00000000 ____D C:\Program Files (x86)\603btspc
    2016-11-02 20:07 - 2016-11-02 20:07 - 00000000 ____D C:\Program Files (x86)\hkpk0bbl
    2016-11-02 18:07 - 2016-11-02 18:07 - 00000000 ____D C:\Program Files (x86)\l7nxx55p
    2016-11-02 16:07 - 2016-11-02 16:07 - 00000000 ____D C:\Program Files (x86)\psk3lxxs
    2016-11-02 14:07 - 2016-11-02 14:07 - 00000000 ____D C:\Program Files (x86)\k7i8iqpn
    2016-11-02 12:07 - 2016-11-02 12:07 - 00000000 ____D C:\Program Files (x86)\osnl7jiq
    2016-11-02 10:52 - 2016-11-02 10:52 - 00000000 ____D C:\Program Files (x86)\j7sdfxqu
    2016-11-02 00:16 - 2016-11-02 00:17 - 00000000 ____D C:\Program Files (x86)\l2r2lsq8
    2016-10-27 01:07 - 2016-10-27 01:07 - 00000000 ____D C:\Program Files (x86)\ns4gxty6
    2016-10-26 23:07 - 2016-10-26 23:07 - 00000000 ____D C:\Program Files (x86)\j71tlmr9
    2016-10-26 21:07 - 2016-10-26 21:07 - 00000000 ____D C:\Program Files (x86)\ns7yifjc
    2016-10-26 19:07 - 2016-10-26 19:07 - 00000000 ____D C:\Program Files (x86)\ur5bo4t4
    2016-10-26 17:07 - 2016-10-26 17:07 - 00000000 ____D C:\Program Files (x86)\us2g3t6a
    2016-10-26 15:07 - 2016-10-26 15:07 - 00000000 ____D C:\Program Files (x86)\qeylqmyd
    2016-10-26 13:07 - 2016-10-26 13:08 - 00000000 ____D C:\Program Files (x86)\u15refqg
    2016-10-26 11:07 - 2016-10-26 11:07 - 00000000 ____D C:\Program Files (x86)\ym25a9bk
    2016-10-26 09:07 - 2016-10-26 09:07 - 00000000 ____D C:\Program Files (x86)\31z0zt5n
    2016-10-25 15:07 - 2016-10-25 15:08 - 00000000 ____D C:\Program Files (x86)\ff1e8vjo
    2016-10-25 13:07 - 2016-10-25 13:07 - 00000000 ____D C:\Program Files (x86)\ggpclmw4
    2016-10-25 11:07 - 2016-10-25 11:08 - 00000000 ____D C:\Program Files (x86)\fnvwr06m
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\chuvc
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
    2016-10-21 12:46 - 2016-10-21 12:46 - 00000000 ____D C:\ProgramData\icfic
    2016-11-20 21:13 - 2014-10-24 08:14 - 00000000 ____D C:\AdwCleaner
    22016-11-16 09:32 - 2016-05-13 11:30 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Elex-tech
    2016-11-16 09:32 - 2016-05-02 20:04 - 00000000 ____D C:\ProgramData\yahoochrome
    2016-11-16 09:32 - 2016-03-29 11:08 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    2016-11-16 09:32 - 2011-10-19 23:54 - 00000000 ____D C:\WINDOWS\bg
    2015-12-05 04:32 - 2015-12-05 04:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2012-03-18 05:10 - 2012-03-18 05:11 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2012-03-18 05:09 - 2012-03-18 05:10 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2012-03-18 05:09 - 2012-03-18 05:09 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    C:\Users\Monika\ComarchOPT!MA2012221578sql.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • Pomocny post
    #3 21 Lis 2016 09:13
    Acorus 20
    Spec od komputerów

    Odinstaluj ASUS WebStorage, AVG 2015, AVG Web TuneUp, Java 7 Update 21, Price Metér (remove only), UvConverter. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {2D42277D-2E1C-487B-9F08-776E90E830EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {3ED09785-3037-48CB-9DE4-BE9C345ACF94} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {4D706C5D-09C3-4F7E-95B7-48D4C0455936} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {4E362A72-17BC-4B7C-A4BB-7DC617C73E7F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {615CBBD1-EA1D-405C-AABE-669B8ADBAE98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {6847767F-EE4F-4FF2-9E48-7DA42F97056C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {72C8C8A5-E66B-4DD4-9084-94D288152635} - System32\Tasks\{3B4FD6BF-3CEF-4038-8521-1BEBEAF8CF97} => Chrome.exe hxxp://www.skype.com/go/downloading?source=li...r&amp;ver=5.8.0.154&amp;LastError=404
    Task: {7EAEFA6A-D7DF-4FC4-BE4E-4C98970A0F7F} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\DC0FAE2B3C357D9BBC8F27FC8F5FABCD\Update\BrowserUpdate.exe <==== UWAGA
    Task: {90FF3AA2-1E9F-4BE0-BB87-DD6B1058794F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {AB5E3EB6-C9C2-43F7-80B3-6C2C33DD8D02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {B2F18C21-DF6E-4E9E-BE72-B27247B21182} - System32\Tasks\{C4ADF37E-09B5-49C4-86E6-ECE0E242B5FB} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.113/pl/abandon...e-chrome:notoffered;ienotdefaultbrowser2
    Task: {B9315093-D255-447B-AEBA-B0E98E636633} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA
    Task: {BC829136-F060-49F1-87C8-27D943BDB181} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {C542BC40-503A-48D4-B87C-987C1F24384B} - System32\Tasks\{F8A3D313-EAB3-468B-9166-C17832542F41} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/pl/abando...?source=lightinstaller&amp;page=tsInstall
    Task: {C65B4A27-53B4-493F-A25A-984C078AF7C4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {DA78BD76-DCB8-4764-A635-FC07E611490D} - System32\Tasks\{2520A364-D4EE-48F5-B709-FE131BC773F3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=li...mp;ver=5.10.0.116.259&amp;LastError=12002
    Task: {F18BA752-66FD-4B89-A368-2F9F87722519} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\RunOnce: [Uninstall C:\Users\Monika\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Monika\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {89e1fe9e-9b05-11e5-ae1c-0008ca335b49} - "F:\LG_PC_Programs.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace718f5-dd9d-11e5-9be2-0008ca335b49} - "F:\Setup.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace719d7-dd9d-11e5-9be2-0008ca335b49} - "G:\RunGame.exe"
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    SearchScopes: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> 054139131C074CBD80D2388CEA9481A3 URL = hxxp://isearch.avg.com/search?cid={B7D79542-7D3D-4F8A-9CD4-E6919EDC1259}&mid=5f4514e8db7d47d0850ed1418cd7b2ba-5216b92acc95859895e93290ac93c709d12ded22&lang=pl&ds=AVG&pr=fr&d=2012-12-15 22:51:30&v=14.1.0.10&pid=avg&sg=&sap=dsp&q={searchTerms}
    Edge HomeButtonPage: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> hxxp://www.nuesearch.com/?type=hp&ts=1465...0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    FF Homepage: Firefox\Firefox\Profiles\24iwh6zb.default -> hxxp://www.searchinme.com/?type=hp&ts=147...cial&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    CHR HomePage: Default -> mysearch.avg.com/?rvt=1
    CHR StartupUrls: Default -> "hxxp://www.nuesearch.com/?type=hp&ts=1465799149&z=cf8b9e614dd284974959904gdz6q6wam8t5tdg8qft&from=wpm0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC"
    CHR Extension: (AVG Secure Search) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-04-12]
    CHR HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
    U3 idsvc; Brak ImagePath
    2016-11-20 20:10 - 2016-11-20 20:44 - 00000000 ____D C:\Users\Monika\Doctor Web
    2016-11-15 21:33 - 2016-11-15 21:34 - 00000000 ____D C:\Program Files (x86)\jjjpa5mg
    2016-11-15 16:07 - 2016-11-15 16:07 - 00000000 ____D C:\Program Files (x86)\yrk7xepj
    2016-11-15 14:07 - 2016-11-15 14:07 - 00000000 ____D C:\Program Files (x86)\z2h545ty
    2016-11-15 12:07 - 2016-11-15 12:07 - 00000000 ____D C:\Program Files (x86)\yzngi13i
    2016-11-12 16:36 - 2016-11-12 16:36 - 00000000 ____D C:\Program Files (x86)\d71x9e5h
    2016-11-10 15:35 - 2016-11-10 15:35 - 00000000 _____ C:\temp.dat
    2016-11-10 00:07 - 2016-11-10 00:17 - 00000000 ____D C:\Program Files (x86)\wjbqw2tr
    2016-11-09 22:07 - 2016-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\vq0a4x3j
    2016-11-09 20:07 - 2016-11-09 20:17 - 00000000 ____D C:\Program Files (x86)\vr79hney
    2016-11-09 18:07 - 2016-11-09 18:17 - 00000000 ____D C:\Program Files (x86)\z65dd982
    2016-11-09 16:07 - 2016-11-09 16:18 - 00000000 ____D C:\Program Files (x86)\yc0xk49l
    2016-11-09 14:07 - 2016-11-09 14:07 - 00000000 ____D C:\Program Files (x86)\3q839w2o
    2016-11-09 12:07 - 2016-11-09 12:08 - 00000000 ____D C:\Program Files (x86)\jdlhqsoi
    2016-11-09 11:35 - 2016-11-09 11:36 - 00000000 ____D C:\Program Files (x86)\4wd61o6k
    2016-11-09 00:07 - 2016-11-09 00:17 - 00000000 ____D C:\Program Files (x86)\a8xb497e
    2016-11-08 22:07 - 2016-11-08 22:08 - 00000000 ____D C:\Program Files (x86)\h74v0v87
    2016-11-08 20:07 - 2016-11-08 20:08 - 00000000 ____D C:\Program Files (x86)\ks11xo12
    2016-11-08 18:07 - 2016-11-08 18:12 - 00000000 ____D C:\Program Files (x86)\g77duht5
    2016-11-08 16:07 - 2016-11-08 16:17 - 00000000 ____D C:\Program Files (x86)\ks4iial8
    2016-11-08 14:07 - 2016-11-08 14:11 - 00000000 ____D C:\Program Files (x86)\oe1oevea
    2016-11-08 12:07 - 2016-11-08 12:08 - 00000000 ____D C:\Program Files (x86)\hgylklrp
    2016-11-08 02:07 - 2016-11-08 02:07 - 00000000 ____D C:\Program Files (x86)\s3trdeix
    2016-11-08 00:07 - 2016-11-08 00:07 - 00000000 ____D C:\Program Files (x86)\vor508bs
    2016-11-07 22:07 - 2016-11-07 22:07 - 00000000 ____D C:\Program Files (x86)\zao0x15v
    2016-11-07 20:07 - 2016-11-07 20:07 - 00000000 ____D C:\Program Files (x86)\vwteltxy
    2016-11-07 18:07 - 2016-11-07 18:07 - 00000000 ____D C:\Program Files (x86)\zarrhlp2
    2016-11-07 16:07 - 2016-11-07 16:07 - 00000000 ____D C:\Program Files (x86)\4wow77i6
    2016-11-07 14:07 - 2016-11-07 14:07 - 00000000 ____D C:\Program Files (x86)\zim23zb1
    2016-11-07 12:07 - 2016-11-07 12:07 - 00000000 ____D C:\Program Files (x86)\3wrfqs54
    2016-11-04 02:07 - 2016-11-04 02:07 - 00000000 ____D C:\Program Files (x86)\zivcuxry
    2016-11-04 00:07 - 2016-11-04 00:07 - 00000000 ____D C:\Program Files (x86)\vwthiqk2
    2016-11-03 22:07 - 2016-11-03 22:07 - 00000000 ____D C:\Program Files (x86)\ziyufjd5
    2016-11-03 20:07 - 2016-11-03 20:07 - 00000000 ____D C:\Program Files (x86)\45wz4c7z
    2016-11-03 18:07 - 2016-11-03 18:07 - 00000000 ____D C:\Program Files (x86)\zit5rxy3
    2016-11-03 16:07 - 2016-11-03 16:07 - 00000000 ____D C:\Program Files (x86)\45rhnqj7
    2016-11-03 14:07 - 2016-11-03 14:07 - 00000000 ____D C:\Program Files (x86)\a4wuumsx
    2016-11-03 12:07 - 2016-11-03 12:08 - 00000000 ____D C:\Program Files (x86)\acurzc6c
    2016-11-03 10:07 - 2016-11-03 10:08 - 00000000 ____D C:\Program Files (x86)\7qr5w6y8
    2016-11-03 08:07 - 2016-11-03 08:08 - 00000000 ____D C:\Program Files (x86)\acpakqqa
    2016-11-03 02:07 - 2016-11-03 02:08 - 00000000 ____D C:\Program Files (x86)\dypxs56k
    2016-11-03 01:18 - 2016-11-03 01:19 - 00000000 ____D C:\Program Files (x86)\603btspc
    2016-11-02 20:07 - 2016-11-02 20:07 - 00000000 ____D C:\Program Files (x86)\hkpk0bbl
    2016-11-02 18:07 - 2016-11-02 18:07 - 00000000 ____D C:\Program Files (x86)\l7nxx55p
    2016-11-02 16:07 - 2016-11-02 16:07 - 00000000 ____D C:\Program Files (x86)\psk3lxxs
    2016-11-02 14:07 - 2016-11-02 14:07 - 00000000 ____D C:\Program Files (x86)\k7i8iqpn
    2016-11-02 12:07 - 2016-11-02 12:07 - 00000000 ____D C:\Program Files (x86)\osnl7jiq
    2016-11-02 10:52 - 2016-11-02 10:52 - 00000000 ____D C:\Program Files (x86)\j7sdfxqu
    2016-11-02 00:16 - 2016-11-02 00:17 - 00000000 ____D C:\Program Files (x86)\l2r2lsq8
    2016-10-27 01:07 - 2016-10-27 01:07 - 00000000 ____D C:\Program Files (x86)\ns4gxty6
    2016-10-26 23:07 - 2016-10-26 23:07 - 00000000 ____D C:\Program Files (x86)\j71tlmr9
    2016-10-26 21:07 - 2016-10-26 21:07 - 00000000 ____D C:\Program Files (x86)\ns7yifjc
    2016-10-26 19:07 - 2016-10-26 19:07 - 00000000 ____D C:\Program Files (x86)\ur5bo4t4
    2016-10-26 17:07 - 2016-10-26 17:07 - 00000000 ____D C:\Program Files (x86)\us2g3t6a
    2016-10-26 15:07 - 2016-10-26 15:07 - 00000000 ____D C:\Program Files (x86)\qeylqmyd
    2016-10-26 13:07 - 2016-10-26 13:08 - 00000000 ____D C:\Program Files (x86)\u15refqg
    2016-10-26 11:07 - 2016-10-26 11:07 - 00000000 ____D C:\Program Files (x86)\ym25a9bk
    2016-10-26 09:07 - 2016-10-26 09:07 - 00000000 ____D C:\Program Files (x86)\31z0zt5n
    2016-10-25 15:07 - 2016-10-25 15:08 - 00000000 ____D C:\Program Files (x86)\ff1e8vjo
    2016-10-25 13:07 - 2016-10-25 13:07 - 00000000 ____D C:\Program Files (x86)\ggpclmw4
    2016-10-25 11:07 - 2016-10-25 11:08 - 00000000 ____D C:\Program Files (x86)\fnvwr06m
    2016-10-24 15:29 - 2016-10-31 11:15 - 00000000 ____D C:\Program Files (x86)\InterHop
    2016-10-21 13:12 - 2016-11-09 16:37 - 00000000 ____D C:\Program Files (x86)\UvConverter
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\chuvc
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
    2016-10-21 12:46 - 2016-10-21 12:46 - 00000000 ____D C:\ProgramData\icfic
    2016-11-20 21:13 - 2014-10-24 08:14 - 00000000 ____D C:\AdwCleaner
    2016-11-16 09:32 - 2016-05-13 11:30 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Elex-tech
    2016-11-16 09:32 - 2016-03-29 11:08 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    C:\Users\Monika\ComarchOPT!MA2012221578sql.exe
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • #4 21 Lis 2016 22:21
    voocash
    Poziom 12  

    Usunąłem Java 7 Update 21 i zainstalowałem Java 8. Odinstalowałem ASUS WebStorage i Price Metér (remove only) a AVG 2015, AVG Web TuneUp i UvConverter usunąłem ręcznie z dysku bo nie działały deinstalatory. Nowy problem się pojawił: nie działa Menu Start :/ Zrobiłem fixa od Acorus 20. Załączam log po naprawianiu.
    A i nadal firefox jest po angielsku. Przestawiam w menu "content" "languages" z angielskiego na polski ale wciąż jest po angielsku.

    0
  • #5 21 Lis 2016 23:43
    krzychupar
    Poziom 41  

    Pobierz najnowszą wersję FF i przeinstaluj przeglądarkę albo spróbuj zaktualizować ją do najnowszej wersji.

    0
  • #6 22 Lis 2016 08:33
    Acorus 20
    Spec od komputerów

    Pokaż nowe logi z FRST.

    0
  • #7 22 Lis 2016 10:01
    voocash
    Poziom 12  

    Zaktualizowałem firefoxa do najnowszej wersji i zauważyłem pewną rzecz. Miałem dwa skróty, jeden na pulpicie a drugi na pasku. Na pulpicie był po polsku a na pasku po angielsku. Okazało się że są dwie lokalizacje. Na dysku C miałem >Mozilla Firefox oraz >Firefox. Usunąłem ten drugi. Teraz jest tylko jeden po polsku :) Nowe logi z FRST

    0
  • #8 22 Lis 2016 10:16
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    CustomCLSID: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    FirewallRules: [{D2B5A9C2-6957-4D54-BD58-27C0251EEBB6}] => (Allow) C:\Program Files (x86)\Guntony\Guntony\chrome.exe
    FirewallRules: [{A34B0755-1CBC-48A5-A8F7-0FBF60303DD8}] => (Allow) C:\Program Files (x86)\Guntony\Guntony\bin\Guntony_server.exe
    FirewallRules: [{1B2D5AF8-764A-474C-9AD6-51D6ACFFAE0B}] => (Allow) C:\ProgramData\Guntony\protect\protect.exe
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Firefox\Firefox\Profiles\24iwh6zb.default\searchplugins\searchinme.xml [2016-11-21]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-05-17]
    S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0