Problem z wyskakiwaniem reklam

Witam. Posiadam mały problem z wyskakiwaniem reklam przy przeglądarkach, jest to pewnie wina jakiegoś wirusa.

Raporty:

http://www.wklej.org/id/1524129/

http://www.wklej.org/id/1524139/

Prosił bym o pomoc w odczytaniu i podaniu programów potrzebnych do usunięcia z góry wielkie dzięki.

Odinstaluj RegClean Pro.Pobierz i uruchom AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Szukaj i później Usuń.

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.

http://www.wklej.org/id/1524247/

http://www.wklej.org/id/1524249/

Oto te raporty.

Otwórz Notatnik i wklej:

GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
FF Extension: Deal Keeper - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\stmjsn79.default\Extensions\{a5b0d4ec-75a8-4454-a9c1-5675585828ec}.xpi [2014-10-17]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-11-13]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Damian\AppData\Local\newhb2.crx []
CHR HKLM\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\Damian\AppData\Local\FastDiscountz.crx []
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Damian\AppData\Local\newhb2.crx []
CHR HKLM-x32\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\Damian\AppData\Local\FastDiscountz.crx [2012-07-12]
S1 ctltifls; \\C:\Windows\system32\drivers\ctltifls.sys [X]
S3 iscFlash; \\C:\swsetup\sp60874\iscflashx64.sys [X]
S1 rbwdnoxu; \\C:\Windows\system32\drivers\rbwdnoxu.sys [X]
S1 ryqwtwhi; \\C:\Windows\system32\drivers\ryqwtwhi.sys [X]
S1 tvqjmrom; \\C:\Windows\system32\drivers\tvqjmrom.sys [X]
2014-11-16 14:13 - 2014-11-16 14:17 - 00000000 ____ D () C:\AdwCleaner
2014-11-16 14:17 - 2014-07-16 23:10 - 00000000 ____ D () C:\Program Files (x86)\Deal Keeper
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Witam ponownie. Pojawił się ponownie ten sam problem. Po aktualizacji systemu windows dalej jest problem z tymi reklamami.

A oto raporty

http://wklej.org/id/1567472/

Pomyśl jakie logi są potrzebne.

nie do końca znam się na tych sprawach ale o te chodzi?

http://wklej.org/id/1567493/

http://wklej.org/id/1567495/

Otwórz notatnik systemowy i wklej:

Task: {0CF89C44-E76F-4EFE-A4EE-884F1818B587} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 ==== ATTENTION
Task: {177EC0D1-78D7-4690-96BD-9DFDBF10822C} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 ==== ATTENTION
Task: {60ECF35A-0332-4598-B7C1-C9EB4B1EF027} - System32\Tasks\YTDownloaderUpd = C:\Program Files (x86)\YTDownloader\updater.exe ==== ATTENTION
Task: {8B68015C-3F70-488E-B42A-4F453FFD29CD} - System32\Tasks\Super Optimizer Schedule = C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
Task: {DA3D1BD7-5D74-424A-B2CE-59C899ED72D5} - System32\Tasks\{7CEC6159-DAC1-4B3F-B7A2-18D670AD5D04} = pcalua.exe -a C:\Users\Damian\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=obw
HKLM-x32\...\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
ShellIconOverlayIdentifiers: [00avast] - {472083B0-C522-11CF-8763-00608CC02F24} = No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\.DEFAULT - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: suncultsfnet - C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\stmjsn79.default\Extensions\suncult@sf.net [2014-12-26]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-12-22]
CHR HKU\S-1-5-21-2192005205-3151494616-2773464116-1001\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\Damian\AppData\Local\newhb2.crx [Not Found]
CHR HKU\S-1-5-21-2192005205-3151494616-2773464116-1001\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\Damian\AppData\Local\FastDiscountz.crx [Not Found]
R2 MaintainerSvc2.02.5636706; C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe [123632 2014-12-26] ()
2014-12-26 09:13 - 2014-12-26 09:19 - 00000000 ____ D () C:\AdwCleaner
2014-12-22 13:01 - 2014-12-22 13:03 - 00000000 ____ D () C:\Users\Damian\Downloads\FRST-OlderVersion
2014-12-22 12:52 - 2014-12-22 12:52 - 02173952 _____ () C:\Users\Damian\Downloads\adwcleaner_4.106.exe
2014-12-22 10:34 - 2014-12-22 10:34 - 00003262 _____ () C:\WINDOWS\System32\Tasks\Super Optimizer Schedule
2014-12-21 22:28 - 2014-12-21 22:28 - 00003164 _____ () C:\WINDOWS\System32\Tasks\{7CEC6159-DAC1-4B3F-B7A2-18D670AD5D04}
2014-12-21 22:22 - 2014-12-21 22:22 - 01469920 _____ (Object Browser) C:\Users\Damian\AppData\Roaming\WF.exe
2014-12-21 22:20 - 2014-12-21 22:20 - 00613057 _____ (CMI Limited) C:\Users\Damian\AppData\Local\nsf440B.tmp
2014-12-21 22:20 - 2014-12-21 22:19 - 01795552 _____ (Object Browser) C:\Users\Damian\AppData\Roaming\FRVOIK.exe
2014-12-21 22:19 - 2014-12-21 22:19 - 00003584 _____ () C:\WINDOWS\System32\Tasks\YTDownloaderUpd
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.