Problem z przeglądarką - wyskakujące reklamy - prośba o sprawdzenie logów

szamer · 11 Maj 2015 14:15

Jak w temacie - mam problem z uciążliwymi reklamami w przeglądarce firefox. Skanowałem komputer adwcleanerem, combofixem, malwarabyte, i eset online ale reklamy nadal są.Załączam niżej logi z FSRT z prośbą o pomoc.

FRST.txt

Addition.txt

Acorus · 11 Maj 2015 16:42

Odinstaluj ESET Smart Security.Otwórz notatnik systemowy i wklej:

Task: {A2B2D20D-87B8-4DFA-BF57-456EC0DEB8AE} - System32\Tasks\{7D7C60C6-9981-4E51-8142-5B0FF7AB51AB} = pcalua.exe -a C:\Users\Szamer\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor ==== ATTENTION
HKLM\...\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] = C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253440 2013-04-23] (Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [] = [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
HKU\S-1-5-21-3019017897-917578140-2455306172-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=dsts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
HKU\S-1-5-21-3019017897-917578140-2455306172-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
HKU\S-1-5-21-3019017897-917578140-2455306172-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
HKU\S-1-5-21-3019017897-917578140-2455306172-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=dsts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
SearchScopes: HKU\.DEFAULT - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
SearchScopes: HKU\.DEFAULT - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
SearchScopes: HKU\S-1-5-21-3019017897-917578140-2455306172-1000 - DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3019017897-917578140-2455306172-1000 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3019017897-917578140-2455306172-1000 - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3019017897-917578140-2455306172-1000 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-3019017897-917578140-2455306172-1000 - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
BHO-x32: Assist Point - {dc727a8c-7582-483c-a1c2-2b885f099bb5} - C:\Program Files (x86)\Assist Point\Extensions\dc727a8c-7582-483c-a1c2-2b885f099bb5.dll [2015-04-08] ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=scts=1418943788from=coruid=SamsungXSSDX840XSeries_S19HNEAD214821E
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tabtype=bg_616_bl-is-19 __alt__ ddc_dsssyctab_bd_com
FF SelectedSearchEngine: Yahoo! Search
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddchsimp=yhs-ddc_bdtype=bg_616_bl-is-19 __alt__ ddc_dss_bd_comp={searchTerms}
FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Szamer\AppData\Roaming\Mozilla\Firefox\Profiles\96ovhxzg.default\extensions\quick_searchff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Szamer\AppData\Roaming\Mozilla\Firefox\Profiles\96ovhxzg.default\extensions\sweetsearch@gmail.com
CHR HomePage: Default - hxxp://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E
CHR RestoreOnStartup: Default - "hxxp://search.yahoo.com/?fr=hp-ddc-bdtype=bg_616_bl-is-19 __alt__ ddc_dsssyc_bd_com"
CHR StartupUrls: Default - "hxxp://www.delta-homes.com/?type=hpts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821E"
CHR DefaultSearchKeyword: Default - delta-homes
CHR DefaultSearchURL: Default - http://search.delta-homes.com/web/?type=dsts=1431073643z=fe11bf6db4fec10815ae74cg5zcc5gae3mcc1qaz8cfrom=wpm05083uid=SamsungXSSDX840XSeries_S19HNEAD214821Eq={searchTerms}
CHR Extension: (Assist Point) - C:\Users\Szamer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdbnhhmdohncpgafdllmmlekmlabeoi [2015-04-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [X]
S2 Service Mgr AssistPoint; "C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugincontainer.exe" [X]
R2 Update Mgr AssistPoint; "C:\Program Files (x86)\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56\updater.exe" [X]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service [X] ==== ATTENTION
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 WinRing0_1_2_0; \\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
2015-05-08 10:32 - 2015-05-08 10:32 - 00000000 ____ D () C:\Users\Szamer\SupTab
2015-05-08 10:27 - 2015-05-11 13:57 - 00000000 ____ D () C:\Program Files (x86)\XTab
2015-05-08 10:27 - 2015-05-08 10:27 - 00000000 ____ D () C:\ProgramData\IHProtectUpDate
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.