Reklamy w przegladarce - Omiga?

zyga435 · 28 Luty 2015 14:54

Witam,

Znajoma miała wyskakujące reklamy na swoim laptopie odinstalowałem wszystkie podejrzane programy. Wydaje się, że problem już nie występuje jednak do upewnienia się proszę o przejrzenielogów. Dziękuje za pomoc.

FRST : http://wklej.org/id/1650749/

Addition : http://wklej.org/id/1650750/

Atis · 28 Luty 2015 14:58

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3599848954-1341659389-4184408958-1002\...\Run: [EpicScale] => [X]
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150221
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150221
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
HKU\S-1-5-21-3599848954-1341659389-4184408958-1002\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp220150221
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP&q={searchTerms}
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\1b53n7qh.default\extensions\faststartff@gmail.com
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1417453736&from=cor&uid=ST1000LM014-SSHD-8GB_W381DHAPXXXXW381DHAP"
CHR Extension: (Solution Real) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obemdemamldcfdmhlohodidgomlchimk [2015-01-27]
S2 Update DigiHelp; "C:\Program Files (x86)\DigiHelp\updateDigiHelp.exe" [X]
S2 Util DigiHelp; "C:\Program Files (x86)\DigiHelp\bin\utilDigiHelp.exe" [X]
S2 51cdb72; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
R1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64; C:\Windows\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys [48792 2015-01-26] (StdLib)
R1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [48784 2015-02-04] (StdLib)
R1 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64; C:\Windows\System32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys [48792 2015-01-28] (StdLib)
R1 {a0eab6f4-c7be-497b-981b-51b21c0122f7}Gw64; C:\Windows\System32\drivers\{a0eab6f4-c7be-497b-981b-51b21c0122f7}Gw64.sys [48776 2014-12-06] (StdLib)
R1 {df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64; C:\Windows\System32\drivers\{df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64.sys [48776 2014-12-01] (StdLib)
R1 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64; C:\Windows\System32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64.sys [48784 2015-01-31] (StdLib)
S3 andnetndis; \SystemRoot\system32\DRIVERS\lgandnetndis64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2015-02-21 20:25 - 2015-02-21 20:26 - 00000000 ____ D () C:\ProgramData\EpicScale
2015-02-21 20:25 - 2015-02-21 20:25 - 00000000 ____ D () C:\Users\Lenovo\AppData\Roaming\OpenCandy
Task: {1F16BF7E-92D1-48B9-8B51-8109F5943C69} - System32\Tasks\{6A6249D2-8FBF-4ED7-AF26-76534DB07AFE} => pcalua.exe -a C:\Users\Lenovo\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Windows\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys
C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys
C:\Windows\System32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys
C:\Windows\System32\drivers\{a0eab6f4-c7be-497b-981b-51b21c0122f7}Gw64.sys
C:\Windows\System32\drivers\{df47b99d-26f5-45f4-85c5-97b4da365f21}Gw64.sys 
C:\Windows\System32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64.sys
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition.