Siema
Przez MBAM odkryłem niezłe siedlisko syfów, MBAM poniekąd coś usunął ale nie do końca, więc zwracam się do ekspertów 
OS to Windows 8.
Log z FRST FRST.txt
http://www.wklej.org/id/1627375/
Addition:
Pozdrawiam
Polecam CCleaner 
@up ja tu nie jestem po poradę odnośnie software (bo CCleaner znam i używam, po prostu też sobie nie radzi) tylko z prośbą o pomoc i sprawdzenie logów, jakbyś nie zauważył.
Otwórz notatnik systemowy i wklej:
Task: {268C32B4-3547-4ECC-9C72-410C10BA4FFF} - \Price Fountain No Task File ==== ATTENTION
Task: C:\WINDOWS\Tasks\Price Fountain.job = C:\Users\lenovo\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE ==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc = ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc = ""=""
HKLM\...\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13262480 2012-12-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1256080 2012-12-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [YouCam Tray] = C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] = C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] = "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] - {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncPending] - {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] - {A759AFF6-5851-457D-A540-F4ECED148351} = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: [SugarSyncShared] - {1574C9EF-7D58-488F-B358-8B78C1538F51} = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1421878407from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsts=1421878407from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1421878407from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsts=1421878407from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
HKU\S-1-5-21-1174287680-149104177-1762163602-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dsppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
HKU\S-1-5-21-1174287680-149104177-1762163602-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
HKU\S-1-5-21-1174287680-149104177-1762163602-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
HKU\S-1-5-21-1174287680-149104177-1762163602-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dsppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1174287680-149104177-1762163602-1002 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
SearchScopes: HKU\S-1-5-21-1174287680-149104177-1762163602-1002 - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.bing.com/search?FORM=UP97DFPC=UP97q={searchTerms}src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1174287680-149104177-1762163602-1002 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dsppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6q={searchTerms}
SearchScopes: HKU\S-1-5-21-1174287680-149104177-1762163602-1002 - {AA4F64A3-F740-48AF-A1A5-9F6B5DAA4035} URL = http://isearch.omiga-plus.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6ts=1421878522type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-1174287680-149104177-1762163602-1002 - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6ts=1421878522type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-1174287680-149104177-1762163602-1002 - {E76E130C-62C4-475E-AB04-F50ACA2C20A1} URL = http://isearch.omiga-plus.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6ts=1421878522type=defaultq={searchTerms}
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll No File
BHO-x32: PriceFountain - {b608cc98-54de-4775-96c9-097de398500c} - C:\Users\lenovo\AppData\Local\PriceFountain\PriceFountainIE.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=scts=1421878407from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
CHR StartupUrls: Default - "hxxp://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6"
CHR Extension: (Ask Search) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-02-02]
CHR Extension: (Solution Real) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\obemdemamldcfdmhlohodidgomlchimk [2015-01-26]
CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - No Path
CHR HKU\S-1-5-21-1174287680-149104177-1762163602-1002\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path
CHR HKU\S-1-5-21-1174287680-149104177-1762163602-1002\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - No Path
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-21] (SysTool PasSame LIMITED) [File not signed]
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]
S2 Util Solution Real; "C:\Program Files (x86)\Solution Real\bin\utilSolutionReal.exe" [X]
R1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64; C:\Windows\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys [48792 2015-01-25] (StdLib)
R1 {31c21995-b861-4864-ab50-4a53fbca73d4}Gw64; C:\Windows\System32\drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys [48784 2015-02-03] (StdLib)
R1 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64; C:\Windows\System32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys [48792 2015-01-28] (StdLib)
R1 {641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64; C:\Windows\System32\drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys [48792 2015-01-21] (StdLib)
R1 {df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64; C:\Windows\System32\drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64.sys [48784 2015-01-31] (StdLib)
R1 ccnfd_1_10_0_6; system32\drivers\ccnfd_1_10_0_6.sys [X]
S3 MBAMSwissArmy; \\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
2015-02-03 22:21 - 2015-02-03 12:27 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{31c21995-b861-4864-ab50-4a53fbca73d4}Gw64.sys
2015-01-31 23:21 - 2015-01-31 06:27 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{df8eec40-f909-439c-9ffe-3fee212f71b9}Gw64.sys
2015-01-29 01:29 - 2015-01-28 12:35 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys
2015-01-25 16:45 - 2015-01-25 05:45 - 00048792 _____ (StdLib) C:\WINDOWS\system32\Drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Fix zrobiony, AdwCleaner też i potem MBAM skan i chyba coś dalej siedzi.
Nowe addition i FRST.txt
FRST.txt
addition.txt
Otwórz notatnik systemowy i wklej:
SearchScopes: HKU\.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HomePage: Default - hxxp://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6
CHR StartupUrls: Default - "hxxp://isearch.omiga-plus.com/?type=hpppts=1421878463from=coruid=ST9500325AS_S2WA22X6XXXXS2WA22X6"
2015-02-07 11:30 - 2015-02-07 11:33 - 00000000 ____ D () C:\AdwCleaner
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
Fixlist zrobiony, czysto! 
Dzięki wielkie za pomoc Mistrzu