Prośba o pomoc - uciążliwe wyskakujące reklamy

Witam. Jak zwykle zwracam się do Was o pomoc, gdyż jesteście niezawodni :slight_smile: Mam problem z ciągle wyskakującymi reklamami na nowych kartach lub w nowym oknie. HELP!

 

FRST  http://www.wklej.org/id/1630194/

Addition    http://www.wklej.org/id/1630199/

 

Z góry dziękuję!

Odinstaluj omiga-plus uninstall.Otwórz notatnik systemowy i wklej:

ShellIconOverlayIdentifiers: [SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = No File
ShellIconOverlayIdentifiers: [SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = No File
ShellIconOverlayIdentifiers: [SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = No File
ShellIconOverlayIdentifiers: [GGDriveOverlay1] - {E68D0A50-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] - {E68D0A51-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] - {E68D0A52-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] - {E68D0A53-3C40-4712-B90D-DCFA93FF2534} = C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File
ShellIconOverlayIdentifiers-x32: [SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = No File
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2T
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2T
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
HKU\S-1-5-21-3175980398-1786098934-1743275967-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ORJ-SPEo=APN11406pf=V7trgb=IEp2=%5EBBE%5EOSJ000%5EYY%5EPLgct=hpapn_ptnrs=BBEapn_dtid=%5EOSJ000%5EYY%5EPLapn_dbr=ieapn_uid=8D2EA61A-AD8C-40D2-A623-04DE42F02845itbv=12.21.0.114doi=2014-12-18psv=pt=tb
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1422903185from=coruid=TOSHIBAXMK6475GSX_92LUT4R2TXX92LUT4R2Tq={searchTerms}
SearchScopes: HKU\S-1-5-21-3175980398-1786098934-1743275967-1004 - DefaultScope {A71B2DF2-DA35-4702-B3D5-11388458DEA5} URL =
SearchScopes: HKU\S-1-5-21-3175980398-1786098934-1743275967-1004 - {877D11BB-1C54-4819-804F-C9E45822F096} URL = http://www.search.ask.com/web?tpid=ORJ-SPEo=APN11406pf=V7p2=^BBE^OSJ000^YY^PLgct=itbv=12.21.0.114apn_uid=8D2EA61A-AD8C-40D2-A623-04DE42F02845apn_ptnrs=BBEapn_dtid=^OSJ000^YY^PLapn_dbr=iedoi=2014-12-18trgb=IEq={searchTerms}psv=pt=tb
SearchScopes: HKU\S-1-5-21-3175980398-1786098934-1743275967-1004 - {A71B2DF2-DA35-4702-B3D5-11388458DEA5} URL =
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Arkadiusz\AppData\Roaming\Mozilla\Firefox\Profiles\v300xawl.default\extensions\fftoolbar2014@etech.com
FF Extension: FF Toolbar - C:\Users\Arkadiusz\AppData\Roaming\Mozilla\Firefox\Profiles\v300xawl.default\extensions\fftoolbar2014@etech.com [2015-02-02]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Arkadiusz\AppData\Roaming\Mozilla\Firefox\Profiles\v300xawl.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\Arkadiusz\AppData\Roaming\Mozilla\Firefox\Profiles\v300xawl.default\extensions\faststartff@gmail.com [2015-02-02]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
OPR Extension: (RelevantKnowledge) - C:\Users\Malwina\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2014-12-19]
2015-02-02 19:55 - 2015-02-02 19:55 - 00000000 ____ D () C:\ProgramData\WindowsMangerProtect
2015-02-02 19:55 - 2015-02-02 19:55 - 00000000 ____ D () C:\Program Files (x86)\XTab
2015-02-02 19:53 - 2015-02-02 19:53 - 00000000 ____ D () C:\Users\Arkadiusz\AppData\Roaming\omiga-plus
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Nie ma w tym programie opcji Szukaj, wcisnęłam SCAN i Cleaning. Niestety reklamy nadal wyskakują.

W najnowszej wersji AdwCleaner nie ma języka polskiego.

Żeby wszystko usunąć musisz zalogować się jako administrator.

Uruchomiłam AdwCleaner z konta administratora, wcisnęłam Scan, potem Cleaning. Nadal nic. Z resztą program nic nie znalazł.

Pokaż nowe logi z FRST.

tutaj fixlog  http://wklej.org/id/1630745/

a tutaj log FRST  http://wklej.org/id/1630746/

Przecież napisałem, że FRST nie usunie wszystkiego bez uprawnień administratora.

Poza tym zainstaluj µBlock.

Firefox: https://github.com/gorhill/uBlock/releases/tag/0.8.7.0

Chrome: https://chrome.google.com/webstore/detail/µblock/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=pl

Opera: https://addons.opera.com/pl/extensions/details/ublock/?display=pl

FRST  http://wklej.org/id/1630798/

Addition http://wklej.org/id/1630799/

Otwórz notatnik systemowy i wklej:

ShellIconOverlayIdentifiers: [SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = No File
ShellIconOverlayIdentifiers: [SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = No File
ShellIconOverlayIdentifiers: [SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} = No File
ShellIconOverlayIdentifiers-x32: [SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524} = No File
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3175980398-1786098934-1743275967-1001 - {A71B2DF2-DA35-4702-B3D5-11388458DEA5} URL =
FF Extension: Techgile 1.0.1 - C:\Users\Arkadiusz\AppData\Roaming\Mozilla\Firefox\Profiles\v300xawl.default\Extensions\{0dd9a828-65e1-4c37-98c6-d39c76a89715}.xpi [2014-12-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
2015-02-09 21:44 - 2015-02-10 10:08 - 00000000 ____ D () C:\AdwCleaner

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

Pomogło, wielkie dzięki!

Skasuj folder C:\FRST