Omiga po raz kolejny

Superplus · 26 Styczeń 2015 18:25

Witam, otóż mam problem gdyż władanie moją przeglądarką objęła znaa pewnie wszystkim Omiga. Wertująć tematy forumowe na ten temat usunąłem z panelu sterowania wszystkie dziwne programy przeskanowałem adwcleanerem ale gdy otwieram przeglądarkę oprócz google otwierają mi się 3 inne strony 2 z nich to omiga jedna yahoo search. Załączam log z FRST jakby ktoś był skory pomóc byłby mega wdzięczny.log.txt

Acorus · 26 Styczeń 2015 18:58

Brak loga Addition.txt

Superplus · 26 Styczeń 2015 19:08

To ten log po wykonaniu czyszczenia adwcleanerem?

EDIT:

Addition.txt

Acorus · 26 Styczeń 2015 19:27

Otwórz notatnik systemowy i wklej:

Task: {5D40D291-15B5-4679-BF0B-B138C13FF806} - System32\Tasks\SMZPXCCH = C:\Users\Kuba\AppData\Roaming\SMZPXCCH.exe [2015-01-26] (Sense+) ==== ATTENTION
Task: {6EA31022-CB3C-46F9-8EE4-AC03530D40B8} - System32\Tasks\ISKSPO = C:\Users\Kuba\AppData\Roaming\ISKSPO.exe [2015-01-26] (HQ CinemaV26.01) ==== ATTENTION
Task: {84D1831C-973D-485C-954B-70EFA792EE41} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 ==== ATTENTION
Task: {F190B96A-7BE4-48B4-8253-668A09CAEC80} - System32\Tasks\{C0740CD3-314D-453A-9C79-A474DD8E2C80} = pcalua.exe -a C:\Users\Kuba\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=obw ==== ATTENTION
Task: {F7C71120-36D9-4F0C-AE6B-3E7A68A9FF42} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 = Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 ==== ATTENTION
Task: C:\Windows\Tasks\ISKSPO.job = C:\Users\Kuba\AppData\Roaming\ISKSPO.exe ==== ATTENTION
Task: C:\Windows\Tasks\SMZPXCCH.job = C:\Users\Kuba\AppData\Roaming\SMZPXCCH.exe ==== ATTENTION
HKLM-x32\...\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] = [X]
HKU\S-1-5-21-749093899-3745086912-148286728-1001\...\Run: [AdobeBridge] = [X]
HKU\S-1-5-21-749093899-3745086912-148286728-1001\...\Run: [Akamai NetSession Interface] = C:\Users\Kuba\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR StartupUrls: Default - "hxxp://www.google.com/", "hxxp://rts.dsrlte.com?affID=pr_4bd8d58e-1b93-42b8-a301-96143c88de94", "hxxp://isearch.omiga-plus.com/?type=hpts=1422291659from=obwuid=ST1000LM024XHN-M101MBB_S2U5J9GCB08447", "hxxp://isearch.omiga-plus.com/?type=hpppts=1422291676from=obwuid=ST1000LM024XHN-M101MBB_S2U5J9GCB08447"
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 vm331avs; System32\Drivers\vm331avs.sys [X]
S3 xhunter1; \\C:\Windows\xhunter1.sys [X]
2015-01-26 18:27 - 2015-01-26 18:27 - 00003136 _____ () C:\Windows\System32\Tasks\{C0740CD3-314D-453A-9C79-A474DD8E2C80}
2015-01-26 18:09 - 2015-01-26 18:10 - 02962156 _____ () C:\Users\Kuba\Downloads\SpyHunter-Installer.exe
2015-01-26 18:05 - 2015-01-26 18:05 - 00004352 _____ () C:\Windows\System32\Tasks\ISKSPO
2015-01-26 18:05 - 2015-01-26 18:05 - 00000000 ____ D () C:\Program Files (x86)\b70f46c8-2a82-4f15-869e-f88a4f18aa36
2015-01-26 18:04 - 2015-01-26 18:52 - 00001682 _____ () C:\Windows\Tasks\SMZPXCCH.job
2015-01-26 18:04 - 2015-01-26 18:51 - 00001334 _____ () C:\Windows\Tasks\ISKSPO.job
2015-01-26 18:04 - 2015-01-26 18:11 - 00000000 ____ D () C:\Program Files (x86)\7bc0db8c-1edb-4e22-86ec-bb22af5f79e3
2015-01-26 18:04 - 2015-01-26 18:04 - 01832936 _____ (Sense+) C:\Users\Kuba\AppData\Roaming\SMZPXCCH.exe
2015-01-26 18:04 - 2015-01-26 18:04 - 01832936 _____ (HQ CinemaV26.01) C:\Users\Kuba\AppData\Roaming\ISKSPO.exe
2015-01-26 18:04 - 2015-01-26 18:04 - 00004700 _____ () C:\Windows\System32\Tasks\SMZPXCCH
2015-01-26 18:03 - 2015-01-26 18:03 - 00000000 ____ D () C:\Users\Public\Documents\ShopperPro
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Kuba\AppData\Roaming\SMZPXCCH
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Kuba\AppData\Roaming\ISKSPO
2015-01-22 10:55 - 2015-01-26 19:04 - 00000000 ____ D () C:\AdwCleaner
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.