Wolne działanie internetu

Dla specjalistów Bezpieczeństwo
#1

Cześć,

Mam problem z powolnym działaniem internetu i komputera.
W zasadzie komputer dziewczyny, więc ciężko powiedzieć, co się w nim powyrabiało.
Załączam log z FRST
http://www.wklej.org/id/3245579/
http://www.wklej.org/id/3245580/
http://www.wklej.org/id/3245581/

PS. Czy Avast jest dobrym antywirusem?

#2

Chcesz coś dobrego za darmo ? Wybór między Kazpersky Free Antivirus (język angielski) lub Panda Protection (język polski). Avast/AVG kiepski wybór.

#3

Pobierz i uruchom AdwCleaner Kliknij Skanuj (Scan) i później Oczyść (Clean).

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist:

HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKU\S-1-5-21-973996416-432849057-2411937491-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj85MjF4OTE1RjM1RYU1OTEdRWVQMdLYNYZLMYQYOWw5Fq== /q <==== UWAGA
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
IFEO\taskmgr.exe: [Debugger] 
GroupPolicy: Ograniczenia - Chrome <==== UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Brak nazwy -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Brak pliku
FF Homepage: Mozilla\Firefox\Profiles\6znomg1a.default -> hxxp://www.luckysearch123.com?type=hp&ts=1492690059&from=36600419&uid=st500lt012-1dg142_s3pe280pxxxxs3pe280p&z=6a8a14e2e504aec714f27a3g8zctco5q4tce6e9wfg
FF NewTab: Mozilla\Firefox\Profiles\6znomg1a.default -> hxxp://www.luckysearch123.com?type=hp&ts=1492690059&from=36600419&uid=st500lt012-1dg142_s3pe280pxxxxs3pe280p&z=6a8a14e2e504aec714f27a3g8zctco5q4tce6e9wfg
FF SearchPlugin: C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\6znomg1a.default\searchplugins\luck.xml [2017-04-20]
FF SearchPlugin: C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\6znomg1a.default\searchplugins\ourluckysites.xml [2017-04-19]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\6znomg1a.default\extensions\arthurj8283@gmail.com
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2017-08-30 23:06 - 2017-08-30 23:06 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-31 16:14 - 2014-09-26 01:27 - 000000000 ____D C:\ProgramData\Temp
Task: {3A3A1956-CC2E-4640-8B5F-F0D4EF4EE93A} - System32\Tasks\{6E6B56ED-F36B-40D0-BC6A-D96204B6F635} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.18.85.112/pl/abandoninstall?page=tsProgressBar
Shortcut: C:\Users\Anna\AppData\Local\Microsoft\Windows\ConnectedSearch\History\site_3489466401_pl.lnk -> hxxp://www.windowssearch.com:80/suggestions?qry=broth&cc=PL&setlang=pl&inlang=pl-PL&adlt=moderate&scale=100&contrast=none&hw=768%2C1366&CVID=EDEBF9122741442EA99DCFA2DADE033
Shortcut: C:\Users\Anna\AppData\Local\Microsoft\Windows\ConnectedSearch\History\site_775005278_pl.lnk -> hxxp://www.windowssearch.com:80/suggestions?qry=googl&cc=PL&setlang=pl&inlang=pl-PL&adlt=moderate&scale=100&contrast=none&hw=768%2C1366&CVID=4B7713812B274758840499410506D8F
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\...\StartupApproved\Run32: => "AvgUi"
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Kliknij Skanuj (Scan) i pokaż nowy raport z FRST bez Addition i Shortcut.

#4

Zgodnie z zaleceniami:
Fixlog: www.wklej.org/id/3245758/
nowy FRST: www.wklej.org/id/3245764/

#5

Skasuj folder C:\FRST