Uprzykrzające życie reklamy Ads Strong Signal

daww13 · 21 Wrzesień 2015 19:07

Witam, mam problem z wyskakującymi reklamami.

Dołączam logi z FRST:

FRST.txt - http://wklejto.pl/235011

Addition.txt - http://www.wklejto.pl/235012

Shortcut.txt - http://www.wklejto.pl/235015

Z góry dziękuję za pomoc.

Atis · 21 Wrzesień 2015 19:34

Odinstaluj XoftSpy AntiVirus Pro.

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=agc511&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {CF49125D-FBA8-47CD-B46F-628DEEE6C6B8} URL = hxxps://startpage.com/do/search?query={searchTerms}&trackid=sp-001
SearchScopes: HKU\S-1-5-21-1745111154-892661046-2080947147-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-is __alt__ ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo Search!
FF SelectedSearchEngine: Yahoo Search!
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-is __alt__ ddc_dss_bd_com&p={searchTerms}
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-05-22] <==== UWAGA (Linkuje do pliku *.cfg)
OPR Extension: (fun coupons) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\gijpiklekffjdhakddncmmfoljbopjka [2015-04-02]
OPR Extension: (dr games) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel [2015-04-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-03]
S1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64; system32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys [X]
S1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; system32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [X]
S1 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64; system32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys [X]
S1 {4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw64; system32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw64.sys [X]
S1 {5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw64; system32\drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw64.sys [X]
S1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64; system32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw64.sys [X]
S1 {76eaa25f-d535-414d-8a8b-4bce0a94d247}Gw64; system32\drivers\{76eaa25f-d535-414d-8a8b-4bce0a94d247}Gw64.sys [X]
S1 {8d9c9462-4635-4cc0-ab2c-0e46af3a958b}Gw64; system32\drivers\{8d9c9462-4635-4cc0-ab2c-0e46af3a958b}Gw64.sys [X]
S1 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64; system32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64.sys [X]
S1 {fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64; system32\drivers\{fc8decf5-c269-4b18-87f1-c395dfcbd88f}Gw64.sys [X]
2015-09-21 18:12 - 2015-09-21 18:12 - 00001237 _____ C:\Users\Public\Desktop\XoftSpy AntiVirus Pro.lnk
2015-09-21 18:12 - 2015-09-21 18:12 - 00000000 ____ D C:\ProgramData\XoftSpy AntiVirus Pro
2015-09-21 18:12 - 2015-09-21 18:12 - 00000000 ____ D C:\ProgramData\ParetoLogic
2015-09-21 18:12 - 2015-09-21 18:12 - 00000000 ____ D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2015-09-21 18:12 - 2015-09-21 18:12 - 00000000 ____ D C:\Program Files (x86)\ParetoLogic
2015-09-21 18:10 - 2015-09-21 18:10 - 10751992 _____ (ParetoLogic, Inc.) C:\Users\user\Downloads\XoftSpy_AV_Setup.exe
2015-09-21 17:56 - 2015-09-21 18:03 - 00000000 ____ D C:\AdwCleaner
2015-09-21 17:54 - 2015-09-21 17:56 - 01662976 _____ C:\Users\user\Downloads\AdwCleaner5.exe
2015-08-22 20:18 - 2015-08-22 20:18 - 00000000 ____ D C:\ProgramData\VIPRE
2015-08-22 19:51 - 2015-09-21 18:12 - 00000000 ____ D C:\ProgramData\STOPzilla!
2015-08-22 19:50 - 2015-08-22 19:50 - 00000000 ____ D C:\Program Files (x86)\iS3
2015-08-22 19:48 - 2015-08-22 19:49 - 02042328 _____ (iS3, Inc.) C:\Users\user\Downloads\STOPzillaPRO_Downloader.exe
2015-08-23 00:12 - 2015-04-03 00:05 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\user\AppData\Roaming\6hguwb6NinaYYGxZh5E
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\user\AppData\Roaming\DJJWBUH
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\user\AppData\Roaming\GaAkXd0t
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\user\AppData\Roaming\JsWqCkgUn8itcEHFVXrBCu1Iruo
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\user\AppData\Roaming\KxmLOxhgruOF34saZq
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\user\AppData\Roaming\LBRLXT
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\user\AppData\Roaming\Ppv266Ic4
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\user\AppData\Roaming\TW9fyRI2mwE
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\user\AppData\Roaming\XMHGKmUp6mq5pYb8hXMgc
2015-01-07 13:14 - 2015-01-07 13:14 - 2005472 _____ (Object Browser) C:\Users\user\AppData\Roaming\YSISC.exe
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\user\AppData\Roaming\ZdTLrmbW8O
2015-01-06 16:09 - 2015-01-06 18:51 - 0000000 _____ () C:\ProgramData\Gpu.log
Task: {3DC7FA97-8266-432F-A020-531E60564D2D} - System32\Tasks\{A91EDDEF-AF78-47DA-B30F-FA7D949F3336} => Firefox.exe 
Task: {421C10D5-3B30-46BF-98E3-95D950CC3D20} - System32\Tasks\{8E015D8C-76AF-499A-B922-AEE88E997B78} => Firefox.exe 
Task: {6692A138-A296-46D0-8220-295443E74013} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {97D4F3CA-2057-46B4-8BC1-81A013C77AED} - System32\Tasks\{3F0B5367-B2C3-483F-8ABF-63F608E63C75} => Firefox.exe 
Task: {692F4949-D713-4C64-8300-E7057DE6FCB4} - System32\Tasks\{019346E5-6765-47F1-8733-B2696A8834AF} => C:\Users\user\Downloads\Firefox-Setup-34-0-5_PL.exe
Task: {99688727-B739-4992-8B72-C298EF28F4E1} - System32\Tasks\{65C06143-91A7-47BC-B8D2-8ED05D7D1CB9} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe"
Task: {CA087A30-050C-4FEF-919E-666A94F27DB0} - System32\Tasks\{035949B3-CEFE-422D-BF1C-BBA103194EC5} => Firefox.exe 
Task: {E2E5ABEF-C83F-4C7B-9B71-C9DD0E0E939D} - System32\Tasks\{C5A46B96-E2DB-4F8A-8D07-415CECF8382D} => pcalua.exe -a C:\Users\user\Downloads\Setup.exe -d C:\Users\user\Downloads
Task: {F6D479C1-E809-448F-9273-231ABAC11B3B} - System32\Tasks\XoftSpy AntiVirus Pro Startup => C:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\XoftSpy.exe [2014-12-02] (ParetoLogic Inc.)
Task: {FD04715F-D60B-4082-8D76-6543C1CB314F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\XoftSpy AntiVirus Pro Startup.job => C:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\XoftSpy.exe/minimize /unelevateEC:\Program Files (x86)\ParetoLogic\XoftSpy AntiVirus Pro\XoftSpy.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sbaphd => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sbapifs => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sbapifsl => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sbhips => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sbaphd => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sbapifs => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sbapifsl => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sbhips => ""=""
EmptyTemp:

Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.

Kliknij Skanuj (Scan) i pokaż nowy raport z FRST bez Addition i Shortcut.