Problem z wyskakującymi oknami reklamowymi


(Pawel Grzymowicz) #1

Witajcie! Mam problem z wyskakującymi oknami reklam w przeglądarce chrome. Bardzo bym prosił o pomoc. Poniżej link do raportu OTL.

 

http://wklej.org/id/1614514/


(Acorus) #2

Pobierz Farbar Recovery Scan Tool http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ zgodny z wersją systemu 32-bit lub 64-bit.


(Pawel Grzymowicz) #3

Raport Additional

 

http://wklej.org/id/1614568/

 

Raport FRST

 

http://wklej.org/id/1614570/


(Acorus) #4

Otwórz notatnik systemowy i wklej:

HKLM-x32\...\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] = [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1422478524from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1422478524from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1422478524from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1422478524from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
HKU\S-1-5-21-2691329650-2586179210-2893128745-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
HKU\S-1-5-21-2691329650-2586179210-2893128745-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX
HKU\S-1-5-21-2691329650-2586179210-2893128745-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX
HKU\S-1-5-21-2691329650-2586179210-2893128745-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
SearchScopes: HKU\S-1-5-21-2691329650-2586179210-2893128745-1001 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
SearchScopes: HKU\S-1-5-21-2691329650-2586179210-2893128745-1001 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXts=1422478573type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-2691329650-2586179210-2893128745-1001 - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXts=1422478573type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-2691329650-2586179210-2893128745-1001 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXq={searchTerms}
SearchScopes: HKU\S-1-5-21-2691329650-2586179210-2893128745-1001 - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RXts=1422478573type=defaultq={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
CHR StartupUrls: Default - "hxxp://www.trovi.com/?gd=ctid=CT3319709octid=EB_ORIGINAL_CTIDISID=M1B681FBF-5887-477C-96CF-84140BE8A388SearchSource=55CUI=UM=6UP=SP5D82D3DE-1ADB-446F-8706-FB5C155E461BSSPV=", "hxxp://www1.delta-search.com/?babsrc=HP_ssmntrId=A0FA52B7C352C0B2affID=119357tsp=4962", "hxxp://isearch.omiga-plus.com/?type=hpts=1422272031from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX", "hxxp://isearch.omiga-plus.com/?type=hpppts=1422272070from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX", "hxxp://isearch.omiga-plus.com/?type=hpts=1422478524from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX", "hxxp://isearch.omiga-plus.com/?type=hpppts=1422478548from=coruid=HGSTXHTS541010A9E680_JA10001023YG0R23YG0RX"
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-28] (SysTool PasSame LIMITED) [File not signed]
S2 Update ace race; "C:\Program Files (x86)\ace race\updateacerace.exe" [X]
S2 Util ace race; "C:\Program Files (x86)\ace race\bin\utilacerace.exe" [X]
R1 {f2944598-b89f-4e10-b544-5173761572df}Gw64; C:\Windows\System32\drivers\{f2944598-b89f-4e10-b544-5173761572df}Gw64.sys [48784 2015-01-28] (StdLib)
2015-01-28 22:01 - 2015-01-28 12:36 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{f2944598-b89f-4e10-b544-5173761572df}Gw64.sys
2015-01-28 21:55 - 2015-01-28 22:10 - 00000000 ____ D () C:\Users\M\AppData\Roaming\omiga-plus
2015-01-28 21:55 - 2015-01-28 22:08 - 00000000 ____ D () C:\Program Files (x86)\ace race
2015-01-28 21:55 - 2015-01-28 21:55 - 00000000 ____ D () C:\ProgramData\WindowsMangerProtect
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.