Wyskakujące reklamy. Pomoc

zordon91 · 10 Styczeń 2015 13:46

Witam. Tak jak jest w temacie mam problem z wyskakującymi reklamami w przeglądarce Chrome. Za pomocą Combo Fix zrobiłem raport. Prosiłbym bardzo o dalszą pomoc i wyrozumiałość, ponieważ pierwszy raz coś takiego zrobiłem. link do raportu http://wklej.to/DQEeK

Miszel03 · 10 Styczeń 2015 13:52

Logi…

http://forum.dobreprogramy.pl/nowy-log-obowi%C4%85zkowy-farbar-recovery-scan-tool-t478727/

zordon91 · 10 Styczeń 2015 14:12

raport FRST http://wklej.to/SxDtf

raport Addition http://wklej.to/EG67Z

Acorus · 10 Styczeń 2015 14:42

Odinstaluj Softonic Assistant .Otwórz notatnik systemowy i wklej:

Task: C:\WINDOWS\Tasks\DLL-files.com Fixer_UPDATES.job = C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
HKU\S-1-5-21-839522115-1677128483-1614895754-500\...\Run: [SoftonicAssistant] = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\SoftonicAssistant\SoftonicAssistant.exe [1829832 2014-11-11] ()
HKU\S-1-5-21-839522115-1677128483-1614895754-500\...\Policies\Explorer: []
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-839522115-1677128483-1614895754-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" ======= ATTENTION
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-839522115-1677128483-1614895754-500 - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File []
FF Plugin HKU\S-1-5-21-839522115-1677128483-1614895754-500: www.exent.com/GameTreatWidget - C:\Program Files\Free Ride Games\npGameTreatWidget.dll No File
FF Extension: EnterDigital 1.0.1 - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\yfx5ucua.default\Extensions\{781c47fe-8e73-4938-873f-2850548c7fb4}.xpi [2014-11-30]
CHR HomePage: Default - hxxp://astromenda.com/?f=1a=ast_freeride_14_44_chcd=2XzuyEtN2Y1L1QzuyB0AyBzytCzytA0B0AtCyDtA0EtC0FtCtN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyEtC0CzzyDzy0AtGtA0CzyyEtGtDtA0AzytG0F0FtDtAtGyE0B0BzyyE0B0Bzz0BtByCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CyByC0A0DtA0CtGyBtByByEtGyE0F0EzztG0A0AyB0CtGyCtAzyzzyCzytA0E0BtByCyB2Qcr=153306374ir=
CHR StartupUrls: Default - "hxxp://astromenda.com/?f=7a=ast_freeride_14_44_chcd=2XzuyEtN2Y1L1QzuyB0AyBzytCzytA0B0AtCyDtA0EtC0FtCtN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyEtC0CzzyDzy0AtGtA0CzyyEtGtDtA0AzytG0F0FtDtAtGyE0B0BzyyE0B0Bzz0BtByCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CyByC0A0DtA0CtGyBtByByEtGyE0F0EzztG0A0AyB0CtGyCtAzyzzyCzytA0E0BtByCyB2Qcr=153306374ir=", "hxxp://astromenda.com/?f=7a=ast_ir_14_44_chcd=2XzuyEtN2Y1L1QzuyB0AyBzytCzytA0B0AtCyDtA0EtC0FtCtN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0D0DtAtD0D0BzytGtB0CtDyCtGtCyEyE0FtG0A0E0DtBtGtAyBtCtA0C0FyCyB0BtByCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CyByC0A0DtA0CtGyBtByByEtGyE0F0EzztG0A0AyB0CtGyCtAzyzzyCzytA0E0BtByCyB2Qcr=504093626ir="
CHR DefaultSearchKeyword: Default - astromenda.com
CHR DefaultSearchURL: Default - http://astromenda.com/results.php?f=4q={searchTerms}a=ast_ir_14_44_chcd=2XzuyEtN2Y1L1QzuyB0AyBzytCzytA0B0AtCyDtA0EtC0FtCtN0D0Tzu0StCtDtAyCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0D0DtAtD0D0BzytGtB0CtDyCtGtCyEyE0FtG0A0E0DtBtGtAyBtCtA0C0FyCyB0BtByCyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CyByC0A0DtA0CtGyBtByByEtGyE0F0EzztG0A0AyB0CtGyCtAzyzzyCzytA0E0BtByCyB2Qcr=504093626ir=
CHR HKLM\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\Documents and Settings\All Users\Dane aplikacji\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]
S3 asdids; system32\DRIVERS\asdids.sys [X]
S3 asdidsmp; system32\DRIVERS\asdids.sys [X]
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwhid; system32\DRIVERS\btwhid.sys [X]
R3 catchme; \\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
U3 mbr; \\C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\mbr.sys [X]
2015-01-10 14:21 - 2015-01-10 14:36 - 00000000 ____ D () C:\Qoobox
2015-01-10 14:21 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-01-10 14:21 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-01-10 14:21 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-01-10 14:21 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-01-10 14:21 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-01-10 14:21 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-01-10 14:21 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-01-10 14:21 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-01-10 14:21 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
C:\Documents and Settings\Administrator\Del1CA0.bat
C:\Documents and Settings\Default User\Del1CA0.bat
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.