Prosím o kontrolu logu - LuckyStarting

[Jokerko]

Ahojte. V prílohe prikladám FRST log na kontrolu. Ako vyhľadávací nástroj v Chrome mám LuckyStarting a neviem to pomocou žiadneho programu odstrániť. Help pls!

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Jokerko]

S ním som už robil. Ale tak dal som ešte raz. Aj MBAM s ním mal velké problémy odstrániť ten bordel, stále zamŕzal a nereagoval, ale potom sa mi to nejako podarilo odstrániť a už je to asi OK. Ale tak predsa si dám po sebe radšej skontrolovať vám lebo ja som len amatér

# AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 05 22:27:33 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

Deleted: C:\Users\Public\Documents\\temp.dat


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKLM\SOFTWARE\ompndb
Deleted: [Key] - HKLM\SOFTWARE\ecb`nl


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [7617 B] - [2017/8/3 8:3:44]
C:/AdwCleaner/AdwCleaner[S0].txt - [8511 B] - [2017/8/3 8:3:11]
C:/AdwCleaner/AdwCleaner[S1].txt - [1349 B] - [2017/8/3 10:51:8]
C:/AdwCleaner/AdwCleaner[S2].txt - [1314 B] - [2017/8/5 22:27:10]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

ĎAKUJEM!!

[Rudy]

Dejte nový log FRST.

[Jokerko]

Dal som do prílohy aj s Addition.txt lebo sa kvôli znakom nezmestí. Ďakujem.

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
GroupPolicy: Restriction <==== ATTENTION
CHR StartupUrls: ChromeDefaultData -> "hxxps://start-pagesearch.com/?s=acer&m=start&brw=ch"
CHR Profile: C:\Users\monik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-07] <==== ATTENTION
CHR Profile: C:\Users\monik\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-03]
HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Boxfat\Application\chrome.exe <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001Core
C:\ProgramData\DP45977C.lfl
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour

EmptyTemp:
End

Uložte do C:\Users\monik\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Jokerko]

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-08-2017
Ran by monik (08-08-2017 17:10:16) Run:1
Running from C:\Users\monik\Downloads
Loaded Profiles: monik (Available Profiles: monik & joker)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
GroupPolicy: Restriction <==== ATTENTION
CHR StartupUrls: ChromeDefaultData -> "hxxps://start-pagesearch.com/?s=acer&m=start&brw=ch"
CHR Profile: C:\Users\monik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-07] <==== ATTENTION
CHR Profile: C:\Users\monik\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-03]
HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Boxfat\Application\chrome.exe <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001Core
C:\ProgramData\DP45977C.lfl
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour

EmptyTemp:
End
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
Chrome StartupUrls => removed successfully
C:\Users\monik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
C:\Users\monik\AppData\Local\Google\Chrome\User Data\System Profile => moved successfully
HKU\S-1-5-21-1334476022-1534162846-687786227-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001UA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001Core => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Program Files\Bonjour => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35919698 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 89158 B
Edge => 308 B
Chrome => 370688 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 8688 B
monik => 48564212 B
joker => 1223987 B

RecycleBin => 0 B
EmptyTemp: => 88.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:10:19 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Jokerko]

Áno. Chrome už pracuje ako má. A hlavne že ten bordel z neho zmizol. Ďakujem za pomoc

[Rudy]

Nemáte zač!