Wyskakujące reklamy w Firefoxie

toldi13 · 7 Czerwiec 2014 13:32

Witam!

Od kilku dni mam problem z wyskakującymi reklamami i otwierającymi się samoistnie, niechcianymi stronami w Firefoxie.

Poniżej zamieszczam logi:

OTL: http://wklej.org/id/1385195/

Extras: http://wklej.org/id/1385197/

FRST: http://wklej.org/id/1385198/

Addition: http://wklej.org/id/1385199/

Z góry dziękuję za pomoc

Acorus · 7 Czerwiec 2014 16:24

Brak loga Addition.

toldi13 · 7 Czerwiec 2014 17:22

Brakujący log:

Addition: http://wklej.org/id/1385436/

Acorus · 7 Czerwiec 2014 17:36

Odinstaluj Lyrmix.Otwórz Notatnik i wklej:

Task: {0032CA44-1A1F-4518-99D0-DEE28A588B9B} - \RegClean Pro_UPDATES No Task File ==== ATTENTION
Task: {167DF8A0-1099-4236-9B2A-5E68198C9B40} - \Dealply No Task File ==== ATTENTION
Task: {18BCBE25-38CE-474E-8EF8-6C83314D5529} - \VuuPCUpdate No Task File ==== ATTENTION
Task: {1DBBD0F9-47A7-4442-AFB9-E084CED0C9A1} - \DealPlyLiveUpdateTaskMachineCore No Task File ==== ATTENTION
Task: {3FC099AB-3C60-4355-94CA-4D095975B399} - \VuuPCUpdateLogin No Task File ==== ATTENTION
Task: {45863C6D-7FF1-46EB-A854-61B2ABE9E6D4} - \DealPlyLiveUpdateTaskMachineUA No Task File ==== ATTENTION
Task: {8FC73FED-3532-465D-B248-E72C3FE32B2C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2286841140-1867512628-951633862-1001UA = C:\Users\Kasia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-16] (Facebook Inc.)
Task: {91568936-6182-4561-A31F-19B706F43CBB} - \Lyrmix Update No Task File ==== ATTENTION
Task: {BC2E92B5-BE25-414D-93E8-2DB50F8A6399} - \DealPlyUpdate No Task File ==== ATTENTION
Task: {D05BB1FB-EFD7-45FB-86AF-93C9C127552C} - \RegClean Pro_DEFAULT No Task File ==== ATTENTION
Task: {F8746D8B-14CD-4EB1-AE8D-2EA98F68B365} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2286841140-1867512628-951633862-1001Core = C:\Users\Kasia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-16] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2286841140-1867512628-951633862-1001Core.job = C:\Users\Kasia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2286841140-1867512628-951633862-1001UA.job = C:\Users\Kasia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Lyrmix Update.job = C:\Program Files (x86)\Lyrmix\LymxUD.exe ==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\97169941.sys = ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice = ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\97169941.sys = ""="Driver"
HKLM-x32\...\Run: [ConvertAd] = C:\Users\Kasia\AppData\Local\ConvertAd\ConvertAd.exe
HKLM-x32\...\Run: [] = [X]
HKU\S-1-5-21-2286841140-1867512628-951633862-1001\...\MountPoints2: {714354e5-3e37-11e3-88a1-08edb9d8fd40} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
FF Extension: savee on - C:\Users\Kasia\AppData\Roaming\Mozilla\Firefox\Profiles\9wao4lx0.default\Extensions\aaescp@ltsrocmqlf.co.uk [2014-05-25]
FF HKCU\...\Firefox\Extensions: [lyrmix@Lyrixsoft.co] - C:\Program Files (x86)\Lyrmix\128.xpi
S3 ALSysIO; \\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
2014-05-25 19:31 - 2014-05-28 18:55 - 00000000 ____ D () C:\ProgramData\SavE Oonn
2014-05-25 19:31 - 2014-05-28 18:54 - 00000000 ____ D () C:\ProgramData\3f9e819b606b1f68
2014-05-25 19:31 - 2014-05-28 18:54 - 00000000 ____ D () C:\Program Files (x86)\SavE Oonn
2014-05-25 19:31 - 2014-05-25 19:31 - 04210176 _____ () C:\Program Files (x86)\SO_x64.Booster
2014-05-25 19:31 - 2014-05-25 19:31 - 00002714 _____ () C:\Windows\System32\Tasks\SO.Booster-S-603818780
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\UpdatusUser\AppData\Local\Google
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Kasia\AppData\Local\Packages
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Kasia\AppData\Local\Comodo
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\HomeGroupUser$
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Gość\AppData\Local\Google
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Gość\AppData\Local\Comodo
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Gość
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Google
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-25 19:31 - 2014-05-25 19:31 - 00000000 ____ D () C:\Users\Administrator
2014-05-25 19:29 - 2014-05-28 09:02 - 00000000 ____ D () C:\ProgramData\InstallMate
2014-06-07 07:31 - 2014-05-25 19:31 - 00000468 ____ H () C:\Windows\Tasks\SO.Booster-S-603818780.job

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.

toldi13 · 7 Czerwiec 2014 18:03

Fixlog: http://wklej.org/id/1385462/

po restarcie.

Acorus · 7 Czerwiec 2014 18:08

Skasuj folder C:\FRST

Użyj http://www.bleepingcomputer.com/download/tfc/ (uruchom TFC i kliknij Start).

toldi13 · 7 Czerwiec 2014 22:03

Wielkie dzięki!

Wszystko wróciło do normalności!

Pozdrawiam i zamykam temat.