Elektroda.pl
Elektroda.pl
X

Search our partners

Find the latest content on electronic components. Datasheets.com
Elektroda.pl
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

Asus K53S - Zawirusowany - przeglądarka, wyskakujące okienka

voocash 20 Nov 2016 22:16 825 8
  • #1
    voocash
    Level 12  
    Witam.
    Laptop mojej dziewczyny Asus K53S.
    Jakiś czas temu zaczęły się dziać dziwne rzeczy.
    Samoistnie zmienił się język w firefoxie na angielski, zmieniła się domyślna strona wyszukiwania (nie można było zmienić na inną). Czasem wyskakiwała reklama "Gratulacje użytkowniku, wygrałeś IPhona S6". Avast coś wykrywał i blokował. Przeskanowałem system Malwarebytes Anti-Malware. Wywaliło mnóstwo rzeczy, usunęło. Było dobrze ale przez jeden dzień. Później znów to samo. Więc dziś zrobiłem trochę więcej: znów scan Malwarebytes Anti-Malware, później Dr.Web, AdwCleaner i na koniec FRST. Czy to już wszystko? Proszę o pomoc. Załączam logi.
    Windows 10 Home x64
  • Helpful post
    #2
    krzychupar
    Level 43  
    Odinstaluj:
    Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle) a zainstaluj to: https://ninite.com/java8/ninite.exe
    Price Metér (remove only) (HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\Price Metér) (Version: 1.1.2.7 - Price Meter) <==== UWAGA

    Otwórz notatnik systemowy i wklej:
    CustomCLSID: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    Task: {2D42277D-2E1C-487B-9F08-776E90E830EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {3ED09785-3037-48CB-9DE4-BE9C345ACF94} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {4D706C5D-09C3-4F7E-95B7-48D4C0455936} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {4E362A72-17BC-4B7C-A4BB-7DC617C73E7F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {615CBBD1-EA1D-405C-AABE-669B8ADBAE98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {6847767F-EE4F-4FF2-9E48-7DA42F97056C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {7EAEFA6A-D7DF-4FC4-BE4E-4C98970A0F7F} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\DC0FAE2B3C357D9BBC8F27FC8F5FABCD\Update\BrowserUpdate.exe <==== UWAGA
    Task: {8C7E95BF-74B3-4492-87CE-BC822E76AEE2} - System32\Tasks\{8A01ED26-92AE-4CE3-8B9C-564FB677915F} => pcalua.exe -a "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -d "C:\Program Files (x86)\DAEMON Tools Lite"
    Task: {90FF3AA2-1E9F-4BE0-BB87-DD6B1058794F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {B2F18C21-DF6E-4E9E-BE72-B27247B21182} - System32\Tasks\{C4ADF37E-09B5-49C4-86E6-ECE0E242B5FB} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.113/pl/abandon...e-chrome:notoffered;ienotdefaultbrowser2
    Task: {B9315093-D255-447B-AEBA-B0E98E636633} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA
    Task: {BC829136-F060-49F1-87C8-27D943BDB181} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {C542BC40-503A-48D4-B87C-987C1F24384B} - System32\Tasks\{F8A3D313-EAB3-468B-9166-C17832542F41} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/pl/abando...?source=lightinstaller&amp;page=tsInstall
    Task: {C65B4A27-53B4-493F-A25A-984C078AF7C4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {DA78BD76-DCB8-4764-A635-FC07E611490D} - System32\Tasks\{2520A364-D4EE-48F5-B709-FE131BC773F3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=li...mp;ver=5.10.0.116.259&amp;LastError=12002
    Task: {F18BA752-66FD-4B89-A368-2F9F87722519} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {89e1fe9e-9b05-11e5-ae1c-0008ca335b49} - "F:\LG_PC_Programs.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace718f5-dd9d-11e5-9be2-0008ca335b49} - "F:\Setup.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace719d7-dd9d-11e5-9be2-0008ca335b49} - "G:\RunGame.exe"
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> 054139131C074CBD80D2388CEA9481A3 URL = hxxp://isearch.avg.com/search?cid={B7D79542-7D3D-4F8A-9CD4-E6919EDC1259}&mid=5f4514e8db7d47d0850ed1418cd7b2ba-5216b92acc95859895e93290ac93c709d12ded22&lang=pl&ds=AVG&pr=fr&d=2012-12-15 22:51:30&v=14.1.0.10&pid=avg&sg=&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Brak pliku
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - Brak pliku
    Edge HomeButtonPage: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> hxxp://www.nuesearch.com/?type=hp&ts=1465...0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    FF Homepage: Firefox\Firefox\Profiles\24iwh6zb.default -> hxxp://www.searchinme.com/?type=hp&ts=147...cial&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    CHR HomePage: Default -> mysearch.avg.com/?rvt=1
    CHR StartupUrls: Default -> "hxxp://www.nuesearch.com/?type=hp&ts=1465799149&z=cf8b9e614dd284974959904gdz6q6wam8t5tdg8qft&from=wpm0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC"
    CHR HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    U3 idsvc; Brak ImagePath
    2016-11-20 20:10 - 2016-11-20 20:44 - 00000000 ____D C:\Users\Monika\Doctor Web
    2016-11-15 21:33 - 2016-11-15 21:34 - 00000000 ____D C:\Program Files (x86)\jjjpa5mg
    2016-11-15 16:07 - 2016-11-15 16:07 - 00000000 ____D C:\Program Files (x86)\yrk7xepj
    2016-11-15 14:07 - 2016-11-15 14:07 - 00000000 ____D C:\Program Files (x86)\z2h545ty
    2016-11-15 12:07 - 2016-11-15 12:07 - 00000000 ____D C:\Program Files (x86)\yzngi13i
    2016-11-12 16:36 - 2016-11-12 16:36 - 00000000 ____D C:\Program Files (x86)\d71x9e5h
    2016-11-10 00:07 - 2016-11-10 00:17 - 00000000 ____D C:\Program Files (x86)\wjbqw2tr
    2016-11-09 22:07 - 2016-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\vq0a4x3j
    2016-11-09 20:07 - 2016-11-09 20:17 - 00000000 ____D C:\Program Files (x86)\vr79hney
    2016-11-09 18:07 - 2016-11-09 18:17 - 00000000 ____D C:\Program Files (x86)\z65dd982
    2016-11-09 16:07 - 2016-11-09 16:18 - 00000000 ____D C:\Program Files (x86)\yc0xk49l
    2016-11-09 14:07 - 2016-11-09 14:07 - 00000000 ____D C:\Program Files (x86)\3q839w2o
    2016-11-09 12:07 - 2016-11-09 12:08 - 00000000 ____D C:\Program Files (x86)\jdlhqsoi
    2016-11-09 11:35 - 2016-11-09 11:36 - 00000000 ____D C:\Program Files (x86)\4wd61o6k
    2016-11-09 00:07 - 2016-11-09 00:17 - 00000000 ____D C:\Program Files (x86)\a8xb497e
    2016-11-08 22:07 - 2016-11-08 22:08 - 00000000 ____D C:\Program Files (x86)\h74v0v87
    2016-11-08 20:07 - 2016-11-08 20:08 - 00000000 ____D C:\Program Files (x86)\ks11xo12
    2016-11-08 18:07 - 2016-11-08 18:12 - 00000000 ____D C:\Program Files (x86)\g77duht5
    2016-11-08 16:07 - 2016-11-08 16:17 - 00000000 ____D C:\Program Files (x86)\ks4iial8
    2016-11-08 14:11 - 2016-11-08 14:11 - 00000000 ____D C:\Users\Monika\AppData\Local\{AD1B746F-0F0D-4C1F-BADA-CB5D35A8C8AE}
    2016-11-08 14:07 - 2016-11-08 14:11 - 00000000 ____D C:\Program Files (x86)\oe1oevea
    2016-11-08 12:07 - 2016-11-08 12:08 - 00000000 ____D C:\Program Files (x86)\hgylklrp
    2016-11-08 02:07 - 2016-11-08 02:07 - 00000000 ____D C:\Program Files (x86)\s3trdeix
    2016-11-08 00:07 - 2016-11-08 00:07 - 00000000 ____D C:\Program Files (x86)\vor508bs
    2016-11-07 22:07 - 2016-11-07 22:07 - 00000000 ____D C:\Program Files (x86)\zao0x15v
    2016-11-07 20:07 - 2016-11-07 20:07 - 00000000 ____D C:\Program Files (x86)\vwteltxy
    2016-11-07 18:07 - 2016-11-07 18:07 - 00000000 ____D C:\Program Files (x86)\zarrhlp2
    2016-11-07 16:07 - 2016-11-07 16:07 - 00000000 ____D C:\Program Files (x86)\4wow77i6
    2016-11-07 14:07 - 2016-11-07 14:07 - 00000000 ____D C:\Program Files (x86)\zim23zb1
    2016-11-07 12:07 - 2016-11-07 12:07 - 00000000 ____D C:\Program Files (x86)\3wrfqs54
    2016-11-04 02:07 - 2016-11-04 02:07 - 00000000 ____D C:\Program Files (x86)\zivcuxry
    2016-11-04 00:07 - 2016-11-04 00:07 - 00000000 ____D C:\Program Files (x86)\vwthiqk2
    2016-11-03 22:07 - 2016-11-03 22:07 - 00000000 ____D C:\Program Files (x86)\ziyufjd5
    2016-11-03 20:07 - 2016-11-03 20:07 - 00000000 ____D C:\Program Files (x86)\45wz4c7z
    2016-11-03 18:07 - 2016-11-03 18:07 - 00000000 ____D C:\Program Files (x86)\zit5rxy3
    2016-11-03 16:07 - 2016-11-03 16:07 - 00000000 ____D C:\Program Files (x86)\45rhnqj7
    2016-11-03 14:07 - 2016-11-03 14:07 - 00000000 ____D C:\Program Files (x86)\a4wuumsx
    2016-11-03 12:07 - 2016-11-03 12:08 - 00000000 ____D C:\Program Files (x86)\acurzc6c
    2016-11-03 10:07 - 2016-11-03 10:08 - 00000000 ____D C:\Program Files (x86)\7qr5w6y8
    2016-11-03 08:07 - 2016-11-03 08:08 - 00000000 ____D C:\Program Files (x86)\acpakqqa
    2016-11-03 02:07 - 2016-11-03 02:08 - 00000000 ____D C:\Program Files (x86)\dypxs56k
    2016-11-03 01:18 - 2016-11-03 01:19 - 00000000 ____D C:\Program Files (x86)\603btspc
    2016-11-02 20:07 - 2016-11-02 20:07 - 00000000 ____D C:\Program Files (x86)\hkpk0bbl
    2016-11-02 18:07 - 2016-11-02 18:07 - 00000000 ____D C:\Program Files (x86)\l7nxx55p
    2016-11-02 16:07 - 2016-11-02 16:07 - 00000000 ____D C:\Program Files (x86)\psk3lxxs
    2016-11-02 14:07 - 2016-11-02 14:07 - 00000000 ____D C:\Program Files (x86)\k7i8iqpn
    2016-11-02 12:07 - 2016-11-02 12:07 - 00000000 ____D C:\Program Files (x86)\osnl7jiq
    2016-11-02 10:52 - 2016-11-02 10:52 - 00000000 ____D C:\Program Files (x86)\j7sdfxqu
    2016-11-02 00:16 - 2016-11-02 00:17 - 00000000 ____D C:\Program Files (x86)\l2r2lsq8
    2016-10-27 01:07 - 2016-10-27 01:07 - 00000000 ____D C:\Program Files (x86)\ns4gxty6
    2016-10-26 23:07 - 2016-10-26 23:07 - 00000000 ____D C:\Program Files (x86)\j71tlmr9
    2016-10-26 21:07 - 2016-10-26 21:07 - 00000000 ____D C:\Program Files (x86)\ns7yifjc
    2016-10-26 19:07 - 2016-10-26 19:07 - 00000000 ____D C:\Program Files (x86)\ur5bo4t4
    2016-10-26 17:07 - 2016-10-26 17:07 - 00000000 ____D C:\Program Files (x86)\us2g3t6a
    2016-10-26 15:07 - 2016-10-26 15:07 - 00000000 ____D C:\Program Files (x86)\qeylqmyd
    2016-10-26 13:07 - 2016-10-26 13:08 - 00000000 ____D C:\Program Files (x86)\u15refqg
    2016-10-26 11:07 - 2016-10-26 11:07 - 00000000 ____D C:\Program Files (x86)\ym25a9bk
    2016-10-26 09:07 - 2016-10-26 09:07 - 00000000 ____D C:\Program Files (x86)\31z0zt5n
    2016-10-25 15:07 - 2016-10-25 15:08 - 00000000 ____D C:\Program Files (x86)\ff1e8vjo
    2016-10-25 13:07 - 2016-10-25 13:07 - 00000000 ____D C:\Program Files (x86)\ggpclmw4
    2016-10-25 11:07 - 2016-10-25 11:08 - 00000000 ____D C:\Program Files (x86)\fnvwr06m
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\chuvc
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
    2016-10-21 12:46 - 2016-10-21 12:46 - 00000000 ____D C:\ProgramData\icfic
    2016-11-20 21:13 - 2014-10-24 08:14 - 00000000 ____D C:\AdwCleaner
    22016-11-16 09:32 - 2016-05-13 11:30 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Elex-tech
    2016-11-16 09:32 - 2016-05-02 20:04 - 00000000 ____D C:\ProgramData\yahoochrome
    2016-11-16 09:32 - 2016-03-29 11:08 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    2016-11-16 09:32 - 2011-10-19 23:54 - 00000000 ____D C:\WINDOWS\bg
    2015-12-05 04:32 - 2015-12-05 04:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2012-03-18 05:10 - 2012-03-18 05:11 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2012-03-18 05:09 - 2012-03-18 05:10 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2012-03-18 05:09 - 2012-03-18 05:09 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    C:\Users\Monika\ComarchOPT!MA2012221578sql.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.
  • Helpful post
    #3
    Acorus 20
    Level 43  
    Odinstaluj ASUS WebStorage, AVG 2015, AVG Web TuneUp, Java 7 Update 21, Price Metér (remove only), UvConverter. Otwórz notatnik systemowy i wklej:

    Quote:
    Task: {2D42277D-2E1C-487B-9F08-776E90E830EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {3ED09785-3037-48CB-9DE4-BE9C345ACF94} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {4D706C5D-09C3-4F7E-95B7-48D4C0455936} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {4E362A72-17BC-4B7C-A4BB-7DC617C73E7F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {615CBBD1-EA1D-405C-AABE-669B8ADBAE98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {6847767F-EE4F-4FF2-9E48-7DA42F97056C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {72C8C8A5-E66B-4DD4-9084-94D288152635} - System32\Tasks\{3B4FD6BF-3CEF-4038-8521-1BEBEAF8CF97} => Chrome.exe hxxp://www.skype.com/go/downloading?source=li...r&amp;ver=5.8.0.154&amp;LastError=404
    Task: {7EAEFA6A-D7DF-4FC4-BE4E-4C98970A0F7F} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\DC0FAE2B3C357D9BBC8F27FC8F5FABCD\Update\BrowserUpdate.exe <==== UWAGA
    Task: {90FF3AA2-1E9F-4BE0-BB87-DD6B1058794F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {AB5E3EB6-C9C2-43F7-80B3-6C2C33DD8D02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {B2F18C21-DF6E-4E9E-BE72-B27247B21182} - System32\Tasks\{C4ADF37E-09B5-49C4-86E6-ECE0E242B5FB} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.113/pl/abandon...e-chrome:notoffered;ienotdefaultbrowser2
    Task: {B9315093-D255-447B-AEBA-B0E98E636633} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA
    Task: {BC829136-F060-49F1-87C8-27D943BDB181} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {C542BC40-503A-48D4-B87C-987C1F24384B} - System32\Tasks\{F8A3D313-EAB3-468B-9166-C17832542F41} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/pl/abando...?source=lightinstaller&amp;page=tsInstall
    Task: {C65B4A27-53B4-493F-A25A-984C078AF7C4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {DA78BD76-DCB8-4764-A635-FC07E611490D} - System32\Tasks\{2520A364-D4EE-48F5-B709-FE131BC773F3} => Chrome.exe hxxp://www.skype.com/go/downloading?source=li...mp;ver=5.10.0.116.259&amp;LastError=12002
    Task: {F18BA752-66FD-4B89-A368-2F9F87722519} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\RunOnce: [Uninstall C:\Users\Monika\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Monika\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {89e1fe9e-9b05-11e5-ae1c-0008ca335b49} - "F:\LG_PC_Programs.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace718f5-dd9d-11e5-9be2-0008ca335b49} - "F:\Setup.exe"
    HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\...\MountPoints2: {ace719d7-dd9d-11e5-9be2-0008ca335b49} - "G:\RunGame.exe"
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    SearchScopes: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> 054139131C074CBD80D2388CEA9481A3 URL = hxxp://isearch.avg.com/search?cid={B7D79542-7D3D-4F8A-9CD4-E6919EDC1259}&mid=5f4514e8db7d47d0850ed1418cd7b2ba-5216b92acc95859895e93290ac93c709d12ded22&lang=pl&ds=AVG&pr=fr&d=2012-12-15 22:51:30&v=14.1.0.10&pid=avg&sg=&sap=dsp&q={searchTerms}
    Edge HomeButtonPage: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002 -> hxxp://www.nuesearch.com/?type=hp&ts=1465...0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    FF Homepage: Firefox\Firefox\Profiles\24iwh6zb.default -> hxxp://www.searchinme.com/?type=hp&ts=147...cial&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC
    CHR HomePage: Default -> mysearch.avg.com/?rvt=1
    CHR StartupUrls: Default -> "hxxp://www.nuesearch.com/?type=hp&ts=1465799149&z=cf8b9e614dd284974959904gdz6q6wam8t5tdg8qft&from=wpm0613&uid=ST9500325AS_5VEQGEFCXXXX5VEQGEFC"
    CHR Extension: (AVG Secure Search) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-04-12]
    CHR HKU\S-1-5-21-3945215391-3708121725-2010571339-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
    U3 idsvc; Brak ImagePath
    2016-11-20 20:10 - 2016-11-20 20:44 - 00000000 ____D C:\Users\Monika\Doctor Web
    2016-11-15 21:33 - 2016-11-15 21:34 - 00000000 ____D C:\Program Files (x86)\jjjpa5mg
    2016-11-15 16:07 - 2016-11-15 16:07 - 00000000 ____D C:\Program Files (x86)\yrk7xepj
    2016-11-15 14:07 - 2016-11-15 14:07 - 00000000 ____D C:\Program Files (x86)\z2h545ty
    2016-11-15 12:07 - 2016-11-15 12:07 - 00000000 ____D C:\Program Files (x86)\yzngi13i
    2016-11-12 16:36 - 2016-11-12 16:36 - 00000000 ____D C:\Program Files (x86)\d71x9e5h
    2016-11-10 15:35 - 2016-11-10 15:35 - 00000000 _____ C:\temp.dat
    2016-11-10 00:07 - 2016-11-10 00:17 - 00000000 ____D C:\Program Files (x86)\wjbqw2tr
    2016-11-09 22:07 - 2016-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\vq0a4x3j
    2016-11-09 20:07 - 2016-11-09 20:17 - 00000000 ____D C:\Program Files (x86)\vr79hney
    2016-11-09 18:07 - 2016-11-09 18:17 - 00000000 ____D C:\Program Files (x86)\z65dd982
    2016-11-09 16:07 - 2016-11-09 16:18 - 00000000 ____D C:\Program Files (x86)\yc0xk49l
    2016-11-09 14:07 - 2016-11-09 14:07 - 00000000 ____D C:\Program Files (x86)\3q839w2o
    2016-11-09 12:07 - 2016-11-09 12:08 - 00000000 ____D C:\Program Files (x86)\jdlhqsoi
    2016-11-09 11:35 - 2016-11-09 11:36 - 00000000 ____D C:\Program Files (x86)\4wd61o6k
    2016-11-09 00:07 - 2016-11-09 00:17 - 00000000 ____D C:\Program Files (x86)\a8xb497e
    2016-11-08 22:07 - 2016-11-08 22:08 - 00000000 ____D C:\Program Files (x86)\h74v0v87
    2016-11-08 20:07 - 2016-11-08 20:08 - 00000000 ____D C:\Program Files (x86)\ks11xo12
    2016-11-08 18:07 - 2016-11-08 18:12 - 00000000 ____D C:\Program Files (x86)\g77duht5
    2016-11-08 16:07 - 2016-11-08 16:17 - 00000000 ____D C:\Program Files (x86)\ks4iial8
    2016-11-08 14:07 - 2016-11-08 14:11 - 00000000 ____D C:\Program Files (x86)\oe1oevea
    2016-11-08 12:07 - 2016-11-08 12:08 - 00000000 ____D C:\Program Files (x86)\hgylklrp
    2016-11-08 02:07 - 2016-11-08 02:07 - 00000000 ____D C:\Program Files (x86)\s3trdeix
    2016-11-08 00:07 - 2016-11-08 00:07 - 00000000 ____D C:\Program Files (x86)\vor508bs
    2016-11-07 22:07 - 2016-11-07 22:07 - 00000000 ____D C:\Program Files (x86)\zao0x15v
    2016-11-07 20:07 - 2016-11-07 20:07 - 00000000 ____D C:\Program Files (x86)\vwteltxy
    2016-11-07 18:07 - 2016-11-07 18:07 - 00000000 ____D C:\Program Files (x86)\zarrhlp2
    2016-11-07 16:07 - 2016-11-07 16:07 - 00000000 ____D C:\Program Files (x86)\4wow77i6
    2016-11-07 14:07 - 2016-11-07 14:07 - 00000000 ____D C:\Program Files (x86)\zim23zb1
    2016-11-07 12:07 - 2016-11-07 12:07 - 00000000 ____D C:\Program Files (x86)\3wrfqs54
    2016-11-04 02:07 - 2016-11-04 02:07 - 00000000 ____D C:\Program Files (x86)\zivcuxry
    2016-11-04 00:07 - 2016-11-04 00:07 - 00000000 ____D C:\Program Files (x86)\vwthiqk2
    2016-11-03 22:07 - 2016-11-03 22:07 - 00000000 ____D C:\Program Files (x86)\ziyufjd5
    2016-11-03 20:07 - 2016-11-03 20:07 - 00000000 ____D C:\Program Files (x86)\45wz4c7z
    2016-11-03 18:07 - 2016-11-03 18:07 - 00000000 ____D C:\Program Files (x86)\zit5rxy3
    2016-11-03 16:07 - 2016-11-03 16:07 - 00000000 ____D C:\Program Files (x86)\45rhnqj7
    2016-11-03 14:07 - 2016-11-03 14:07 - 00000000 ____D C:\Program Files (x86)\a4wuumsx
    2016-11-03 12:07 - 2016-11-03 12:08 - 00000000 ____D C:\Program Files (x86)\acurzc6c
    2016-11-03 10:07 - 2016-11-03 10:08 - 00000000 ____D C:\Program Files (x86)\7qr5w6y8
    2016-11-03 08:07 - 2016-11-03 08:08 - 00000000 ____D C:\Program Files (x86)\acpakqqa
    2016-11-03 02:07 - 2016-11-03 02:08 - 00000000 ____D C:\Program Files (x86)\dypxs56k
    2016-11-03 01:18 - 2016-11-03 01:19 - 00000000 ____D C:\Program Files (x86)\603btspc
    2016-11-02 20:07 - 2016-11-02 20:07 - 00000000 ____D C:\Program Files (x86)\hkpk0bbl
    2016-11-02 18:07 - 2016-11-02 18:07 - 00000000 ____D C:\Program Files (x86)\l7nxx55p
    2016-11-02 16:07 - 2016-11-02 16:07 - 00000000 ____D C:\Program Files (x86)\psk3lxxs
    2016-11-02 14:07 - 2016-11-02 14:07 - 00000000 ____D C:\Program Files (x86)\k7i8iqpn
    2016-11-02 12:07 - 2016-11-02 12:07 - 00000000 ____D C:\Program Files (x86)\osnl7jiq
    2016-11-02 10:52 - 2016-11-02 10:52 - 00000000 ____D C:\Program Files (x86)\j7sdfxqu
    2016-11-02 00:16 - 2016-11-02 00:17 - 00000000 ____D C:\Program Files (x86)\l2r2lsq8
    2016-10-27 01:07 - 2016-10-27 01:07 - 00000000 ____D C:\Program Files (x86)\ns4gxty6
    2016-10-26 23:07 - 2016-10-26 23:07 - 00000000 ____D C:\Program Files (x86)\j71tlmr9
    2016-10-26 21:07 - 2016-10-26 21:07 - 00000000 ____D C:\Program Files (x86)\ns7yifjc
    2016-10-26 19:07 - 2016-10-26 19:07 - 00000000 ____D C:\Program Files (x86)\ur5bo4t4
    2016-10-26 17:07 - 2016-10-26 17:07 - 00000000 ____D C:\Program Files (x86)\us2g3t6a
    2016-10-26 15:07 - 2016-10-26 15:07 - 00000000 ____D C:\Program Files (x86)\qeylqmyd
    2016-10-26 13:07 - 2016-10-26 13:08 - 00000000 ____D C:\Program Files (x86)\u15refqg
    2016-10-26 11:07 - 2016-10-26 11:07 - 00000000 ____D C:\Program Files (x86)\ym25a9bk
    2016-10-26 09:07 - 2016-10-26 09:07 - 00000000 ____D C:\Program Files (x86)\31z0zt5n
    2016-10-25 15:07 - 2016-10-25 15:08 - 00000000 ____D C:\Program Files (x86)\ff1e8vjo
    2016-10-25 13:07 - 2016-10-25 13:07 - 00000000 ____D C:\Program Files (x86)\ggpclmw4
    2016-10-25 11:07 - 2016-10-25 11:08 - 00000000 ____D C:\Program Files (x86)\fnvwr06m
    2016-10-24 15:29 - 2016-10-31 11:15 - 00000000 ____D C:\Program Files (x86)\InterHop
    2016-10-21 13:12 - 2016-11-09 16:37 - 00000000 ____D C:\Program Files (x86)\UvConverter
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\chuvc
    2016-10-21 12:46 - 2016-10-21 12:47 - 00000000 ____D C:\ProgramData\BaofengUpdate_U
    2016-10-21 12:46 - 2016-10-21 12:46 - 00000000 ____D C:\ProgramData\icfic
    2016-11-20 21:13 - 2014-10-24 08:14 - 00000000 ____D C:\AdwCleaner
    2016-11-16 09:32 - 2016-05-13 11:30 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Elex-tech
    2016-11-16 09:32 - 2016-03-29 11:08 - 00000000 ____D C:\Program Files (x86)\Elex-tech
    C:\Users\Monika\ComarchOPT!MA2012221578sql.exe
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
  • #4
    voocash
    Level 12  
    Usunąłem Java 7 Update 21 i zainstalowałem Java 8. Odinstalowałem ASUS WebStorage i Price Metér (remove only) a AVG 2015, AVG Web TuneUp i UvConverter usunąłem ręcznie z dysku bo nie działały deinstalatory. Nowy problem się pojawił: nie działa Menu Start :/ Zrobiłem fixa od Acorus 20. Załączam log po naprawianiu.
    A i nadal firefox jest po angielsku. Przestawiam w menu "content" "languages" z angielskiego na polski ale wciąż jest po angielsku.
  • #6
    Acorus 20
    Level 43  
    Pokaż nowe logi z FRST.
  • #7
    voocash
    Level 12  
    Zaktualizowałem firefoxa do najnowszej wersji i zauważyłem pewną rzecz. Miałem dwa skróty, jeden na pulpicie a drugi na pasku. Na pulpicie był po polsku a na pasku po angielsku. Okazało się że są dwie lokalizacje. Na dysku C miałem >Mozilla Firefox oraz >Firefox. Usunąłem ten drugi. Teraz jest tylko jeden po polsku :) Nowe logi z FRST
  • #8
    Acorus 20
    Level 43  
    Otwórz notatnik systemowy i wklej:

    Quote:
    CustomCLSID: HKU\S-1-5-21-3945215391-3708121725-2010571339-1002_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku
    FirewallRules: [{D2B5A9C2-6957-4D54-BD58-27C0251EEBB6}] => (Allow) C:\Program Files (x86)\Guntony\Guntony\chrome.exe
    FirewallRules: [{A34B0755-1CBC-48A5-A8F7-0FBF60303DD8}] => (Allow) C:\Program Files (x86)\Guntony\Guntony\bin\Guntony_server.exe
    FirewallRules: [{1B2D5AF8-764A-474C-9AD6-51D6ACFFAE0B}] => (Allow) C:\ProgramData\Guntony\protect\protect.exe
    SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
    FF SearchPlugin: C:\Users\Monika\AppData\Roaming\Firefox\Firefox\Profiles\24iwh6zb.default\searchplugins\searchinme.xml [2016-11-21]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-05-17]
    S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.