Lollipop i inne wyskakujące okna pomóżcie plis!

Malaguena · 13 Grudzień 2014 12:11

Hej! Pilnie potrzebuję rady bo walczę juz od 3 tyg. z tym g… Lollipop - wyskakujące okna i dużo różnego syfu. Użyty adw cleaner ale dalej nie jest ok. Robiłam też skan FRST. Wkleję zaraz raporty. Będę wdzięczna za pomoc!

Acorus · 13 Grudzień 2014 12:34

Odinstaluj Yet Another Cleaner!.Otwórz Notatnik i wklej:

Task: {BB62394D-2658-403F-93C1-022C3D5B48B2} - System32\Tasks\ROC_REG_JAN_DELETE = C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} = No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1635554969-2027401206-2674084771-1000 - (No Name) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No File
URLSearchHook: HKU\S-1-5-21-1635554969-2027401206-2674084771-1000 - (No Name) - {3303e956-2a3a-48e0-be39-2e0ef11a2f44} - No File
URLSearchHook: HKU\S-1-5-21-1635554969-2027401206-2674084771-1000 - (No Name) - {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No File
SearchScopes: HKU\S-1-5-21-1635554969-2027401206-2674084771-1000 - {6D66C829-93C6-4204-982D-346AE8C5F6E8} URL = http://search.freecause.com/search?ourmark=4fr=freecauseei=utf-8type=63263p={searchTerms}
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO-x32: No Name - {cbfb5c65-652c-3e10-9d9a-e586816d9342} - No File
Toolbar: HKU\S-1-5-21-1635554969-2027401206-2674084771-1000 - No Name - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - No File
Toolbar: HKU\S-1-5-21-1635554969-2027401206-2674084771-1000 - No Name - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - No File
FF Keyword.URL: hxxp://search.certified-toolbar.com?si=62606tid=6533ver=5.6ts=1378032999299.000008tguid=62606-6533-1378032999299-C5438E3A7C48A64C45A0176F5B86AE6Est=chromeq=
FF Extension: No Name - C:\Users\Malaguena\AppData\Roaming\Mozilla\Firefox\Profiles\w1svl0rz.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash [2010-12-13]
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Malaguena\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll No File
CHR Plugin: (McSimpleChromePlugin Dynamic Link Library) - C:\Users\Malaguena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.11.118.1\McChPlg.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [jongbaldhepiipcgeobleedccockoofh] - C:\Program Files (x86)\LyricsDroid\125.crx [Not Found]
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [49320 2014-08-06] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
2014-12-13 12:35 - 2014-12-13 12:37 - 00000000 ____ D () C:\Users\Malaguena\AppData\Roaming\isafe
2014-12-13 12:26 - 2014-12-13 12:34 - 00000000 ____ D () C:\AdwCleaner
2014-11-22 22:36 - 2014-11-22 22:36 - 00000000 ____ D () C:\Program Files\Enigma Software Group
2014-12-13 12:44 - 2014-08-26 19:01 - 00000000 ____ D () C:\Program Files (x86)\iSafe
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Malaguena · 13 Grudzień 2014 13:11

Niestety nie da się odinstalować Yet another cleaner… Chciałam też odinstalować YAC i to samo…nie wiem co jest grane

???

Acorus · 13 Grudzień 2014 13:18

Pomiń to i wykonaj resztę.Pokaż nowy log z FRST.

Malaguena · 13 Grudzień 2014 14:04

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2014

Acorus · 13 Grudzień 2014 14:30

Pokaż nowy log z FRST.

Malaguena · 13 Grudzień 2014 14:42

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2014

Acorus · 13 Grudzień 2014 14:57

Raporty umieść na http://wklej.org/ i podaj link.

Malaguena · 13 Grudzień 2014 15:13

http://wklej.org/id/1556745/

http://wklej.org/id/1556741/

Acorus · 13 Grudzień 2014 17:13

Wykonaj w trybie awaryjnym.Otwórz Notatnik i wklej:

Task: {0B729EDD-2EF9-4D07-9B40-2210CDAEBF30} - System32\Tasks\{08CD7D0C-386C-4158-BC16-EA4D1222D4C5} = C:\Program Files (x86)\iSafe\appstore\uninstall.exe [2014-07-18] (Elex do Brasil Participações Ltda)
Task: {2E8911BE-DB61-4549-BFD7-C81F50D5E77F} - System32\Tasks\{4839240E-693E-4475-9AF8-AC78138C1B4E} = C:\Program Files (x86)\iSafe\appstore\uninstall.exe [2014-07-18] (Elex do Brasil Participações Ltda)
Task: {56D095D2-A5E3-4A9E-A68B-AE57859A433A} - System32\Tasks\{A2A43FD0-7C4F-4256-B43E-CB3D54348D81} = C:\Program Files (x86)\iSafe\appstore\uninstall.exe [2014-07-18] (Elex do Brasil Participações Ltda)
Task: {79AF6729-3399-4F33-B257-657A2842511B} - System32\Tasks\{ADB3FC18-3974-46A4-8683-997190DED1DA} = C:\Program Files (x86)\iSafe\appstore\uninstall.exe [2014-07-18] (Elex do Brasil Participações Ltda)
Task: {E4935E3B-A83D-4129-956E-1C68AE495814} - System32\Tasks\{52B17C0F-141E-492D-8CDD-7FBAF2BF616A} = C:\Program Files (x86)\iSafe\appstore\uninstall.exe [2014-07-18] (Elex do Brasil Participações Ltda)
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job = C:\ProgramData\AVG January 2013 Campaign\ROC.exe
FF Keyword.URL: hxxp://search.certified-toolbar.com?si=62606tid=6533ver=5.6ts=1378032999299.000008tguid=62606-6533-1378032999299-C5438E3A7C48A64C45A0176F5B86AE6Est=chromeq=
CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Malaguena\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll No File
CHR Plugin: (McSimpleChromePlugin Dynamic Link Library) - C:\Users\Malaguena\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.11.118.1\McChPlg.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [247488 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [78016 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [65216 2014-08-08] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [49320 2014-08-06] (Elex do Brasil Participações Ltda)
2014-12-13 14:32 - 2014-12-13 14:32 - 00000000 ____ D () C:\Users\Malaguena\AppData\Roaming\isafe
2014-12-13 14:21 - 2014-12-13 14:21 - 00002968 _____ () C:\Windows\System32\Tasks\{52B17C0F-141E-492D-8CDD-7FBAF2BF616A}
2014-12-13 14:19 - 2014-12-13 14:19 - 00002968 _____ () C:\Windows\System32\Tasks\{ADB3FC18-3974-46A4-8683-997190DED1DA}
2014-12-13 14:19 - 2014-12-13 14:19 - 00002968 _____ () C:\Windows\System32\Tasks\{08CD7D0C-386C-4158-BC16-EA4D1222D4C5}
2014-12-13 14:13 - 2014-12-13 14:13 - 00002968 _____ () C:\Windows\System32\Tasks\{A2A43FD0-7C4F-4256-B43E-CB3D54348D81}
2014-12-13 14:13 - 2014-12-13 14:13 - 00002968 _____ () C:\Windows\System32\Tasks\{4839240E-693E-4475-9AF8-AC78138C1B4E}
2014-12-13 11:59 - 2014-08-26 20:27 - 00000000 ____ D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC App Store
Reboot:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Malaguena · 13 Grudzień 2014 19:15

wykonaNE

Acorus · 14 Grudzień 2014 08:36

W jakiej przeglądarce?

Reset Chrome: https://support.google.com/chrome/answer/3296214?hl=pl

Reset Firefoxa: Pomoc-Informacje dla pomocy technicznej-Zresetuj program Firefox

Malaguena · 14 Grudzień 2014 12:19

Mam Firefoxa