Kłopot z reklamami "go save"

[nomysz]

Witam, mam problem z wrednymi reklamami typu "go save" oraz "offer by". Przeglądarka przekierowuje na jakieś strony z reklamami

[ordynat]

FoxTab PDF Creator (HKCU\...\FoxTab PDF Creator) (Version: - ) <==== ATTENTION
GoSaoVee (HKLM-x32\...\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}) (Version: 4.3.0.1139 - )
Odinstaluj te programy.

2) Użyj Adw-Cleaner http://www.programosy.pl/program,adwcleaner.html
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Daj z tego raport C:\AdwCleaner\AdwCleaner[S].txt.

3) Otwórz Notatnik i wklej w nim:

Task: {35A0150A-4116-4C4B-858D-E4F49A7267B3} - System32\Tasks\GS_Booster-S-576482620 => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION
Reg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Task: C:\Windows\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO: GoSaivve -> {200cc227-6415-41e3-acbf-b5bb80268a4d} -> C:\Program Files (x86)\GoSaivve\ESMmSbLnGCnGQo.x64.dll ()
BHO: GoSaoVee -> {6b9bbb79-6327-468e-bf6e-c927942d58bb} -> C:\Program Files (x86)\GoSaoVee\qdS29IXIgdZcmh.x64.dll ()
BHO: YoutubeAdBloCkee -> {b6e942b8-8ced-4201-ad75-847ead0ecfa9} -> C:\Program Files (x86)\YoutubeAdBloCkee\lDluGlynkTfrUe.x64.dll ()
BHO-x32: GoSaivve -> {200cc227-6415-41e3-acbf-b5bb80268a4d} -> C:\Program Files (x86)\GoSaivve\ESMmSbLnGCnGQo.dll ()
BHO-x32: GoSaoVee -> {6b9bbb79-6327-468e-bf6e-c927942d58bb} -> C:\Program Files (x86)\GoSaoVee\qdS29IXIgdZcmh.dll ()
BHO-x32: YoutubeAdBloCkee -> {b6e942b8-8ced-4201-ad75-847ead0ecfa9} -> C:\Program Files (x86)\YoutubeAdBloCkee\lDluGlynkTfrUe.dll ()
C:\Program Files (x86)\YoutubeAdBloCkee
C:\Program Files (x86)\GoSaivve
FF Extension: YoutubeAdBloCkee - C:\Users\baciuki\AppData\Roaming\Mozilla\Firefox\Profiles\polsnoe2.default\Extensions\CnR@I.net
FF Extension: GoSaivve - C:\Users\baciuki\AppData\Roaming\Mozilla\Firefox\Profiles\polsnoe2.default\Extensions\gEmF7OP@A.net
FF Extension: GoSaoVee - C:\Users\baciuki\AppData\Roaming\Mozilla\Firefox\Profiles\polsnoe2.default\Extensions\upWKHE21@UI.org
CHR Extension: (GoSaivve) - C:\Users\baciuki\AppData\Local\Google\Chrome\User Data\Default\Extensions\eacalbekdgnhgkebkdebjlnhgdbgnlgf
CHR Extension: (GoSaoVee) - C:\Users\baciuki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndpbiagchokpgjibglcjnjjcklhnkhfl
CHR Extension: (Keep Me) - C:\Users\baciuki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc
CHR Extension: (GoSaivve) - C:\Users\baciuki\AppData\Local\Google\Chrome\User Data\Default\Extensions\eacalbekdgnhgkebkdebjlnhgdbgnlgf\2.0
CHR Extension: (GoSaoVee) - C:\Users\baciuki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndpbiagchokpgjibglcjnjjcklhnkhfl\2.0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 4d349a54; c:\Program Files (x86)\GS_Booster\AssistantSvc.dll
c:\Program Files (x86)\GS_Booster
C:\ProgramData\GoSaoVee
C:\Windows\Tasks\GS_Booster-S-576482620.job
C:\Windows\System32\Tasks\GS_Booster-S-576482620
C:\Program Files (x86)\GS_Booster
C:\ProgramData\19f46d57f0b0d78d
C:\ProgramData\YoutubeAdBloCkee
C:\ProgramData\GoSaivve
EmptyTemp:

Plik zapisz pod nazwą [color="#483D8B"]fixlist.txt[/color] i umieść obok FRST. Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.

4) Zrób nowe logi z FRST.
.

[nomysz]

Plik zapisz pod nazwą [color="#483D8B"]fixlist.txt[/color] i umieść obok FRST. Uruchom FRST i kliknij przycisk Fix.
Powstanie plik fixlog.txt.
Daj ten log.
.

niestety ale FRST zawiesza się po kilku chwilach od użycia funkcji FIX

[ordynat]

Spróbuj w Trybie Awaryjnym (F8 przed startem Systemu).
.