Wyskakujace okna IE z reklamami i grami

[iloand79]

Witam.
Proszę o pomoc i od razu tez o wyrozumiałość - jestem zielona w tych skomplikowanych sprawach komputerowych.
Logi:
OLT: Dostępne tylko dla zarejestrowanych użytkowników
EXTRAS : Dostępne tylko dla zarejestrowanych użytkowników

Będę wdzięczna za sprawdzenie.

[kominekl]

"{177586E7-E42E-4F38-83D1-D15B4AF5B714}" = Delta Chrome Toolbar
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"ASUS WebStorage" = ASUS WebStorage
"Bandoo" = Bandoo
"delta" = Delta toolbar
"Searchqu Toolbar" = Windows Searchqu Toolbar
"StartNow Toolbar" = StartNow Toolbar
"tuto4pc_pl_5_is1" = tuto4pc_pl_5
"Wincore MediaBar" = Wincore MediaBar
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar

Odinstaluj. Następnie użyj Dostępne tylko dla zarejestrowanych użytkowników.

Logi.

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\btwrchid.sys -- (btwrchid)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\btwavdt.sys -- (btwavdt)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Dostępne tylko dla zarejestrowanych użytkowników [binary data]
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&affID=119370&babsrc=SP_ss&mntrId=ccd9a04f0000000000005404a619864d
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\..\SearchScopes\{B224AA02-F7C8-3A2B-859F-560B80767E4A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=PL&install_date=20130214&user_guid=8B74620187004AE6A8DC52FC14F019EF&machine_id=cc206fe8074c66eaf2fdf7ed59820573&browser=IE&os=win&os_version=6.1-x86-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-1915445631-3508265375-476666034-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "http://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=ccd9a04f0000000000005404a619864d"
FF - prefs.js..extensions.enabledAddons: ffox%40bandoo.com:5.1
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0
FF - prefs.js..extensions.enabledAddons: flashfirebug%40o-minds.com:4.65
FF - prefs.js..extensions.enabledAddons: IplextoALL%40ALLPlayer.org:0.7.0
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-04-30 02:37:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ffox@bandoo.com: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\tz6nqjx5.default\extensions\ffox@bandoo.com [2013-01-15 09:47:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\0tyb3x65.default\extensions\ffox@bandoo.com
[2013-01-15 09:47:44 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\asus\AppData\Roaming\mozilla\Firefox\Profiles\tz6nqjx5.default\extensions\ffox@bandoo.com
[2013-02-14 18:28:49 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\asus\AppData\Roaming\mozilla\Firefox\Profiles\tz6nqjx5.default\extensions\ffxtlbr@delta.com
[2013-01-14 15:56:55 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Users\asus\AppData\Roaming\mozilla\Firefox\Profiles\tz6nqjx5.default\extensions\flashfirebug@o-minds.com
[2013-02-14 13:24:50 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\asus\AppData\Roaming\mozilla\Firefox\Profiles\tz6nqjx5.default\extensions\YouTubetoALL@ALLPlayer.org
[2013-01-14 15:53:42 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\asus\AppData\Roaming\mozilla\firefox\profiles\tz6nqjx5.default\extensions\firebug@software.joehewitt.com.xpi
[2013-02-18 13:44:39 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\asus\AppData\Roaming\mozilla\firefox\profiles\tz6nqjx5.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2013-02-14 18:28:57 | 000,001,294 | ---- | M] () -- C:\Users\asus\AppData\Roaming\mozilla\firefox\profiles\tz6nqjx5.default\searchplugins\delta.xml
[2013-01-28 16:51:36 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013-02-14 18:28:09 | 000,006,484 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-05-01 21:49:56 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
CHR - Extension: Bandoo = C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\
CHR - Extension: Delta Toolbar = C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.0_0\
CHR - Extension: Delta Toolbar = C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\
CHR - Extension: RealDownloader = C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: StartNow = C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\incfcgceegpikennjoplhfghaaikdgei\2.5.0_0\
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-21-1915445631-3508265375-476666034-1000..\Run: [Facebook Update] C:\Users\asus\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
[2013-03-04 01:24:24 | 004,190,272 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup328.exe
[2013-02-26 15:28:21 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Local\{762491B9-49B2-42B6-87B5-2ADD41E6D56E}
[2013-02-14 18:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\Delta
[2013-02-14 18:28:40 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\Delta
[2013-02-14 18:28:03 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Local\tuto4pc_pl_5
[2013-02-14 18:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\tuto4pc_pl_5
[2013-02-14 13:37:04 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Roaming\StartNow Toolbar
[2013-02-14 13:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2013-02-14 13:07:30 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Local\{88BE4913-D728-4159-8FBA-643DC76237B7}
[2013-01-20 22:43:41 | 000,000,000 | ---D | C] -- C:\Users\asus\AppData\Local\{ACD5E576-55AD-42A5-801C-9E0DC2F79950}
[2012-09-26 20:32:34 | 010,213,296 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\asus\install_flash_player_11_plugin.exe
[2012-09-18 20:57:02 | 006,872,832 | ---- | C] (Microsoft Corporation) -- C:\Users\asus\proofingtools_pl-pl-x86.exe
[2011-04-30 02:33:47 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\ASUS WebStorage
[2012-09-22 14:38:36 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\Babylon
[2012-05-01 21:50:19 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\Bandoo
[2012-04-12 16:10:29 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\Charles
[2013-02-14 18:29:33 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\Delta
[2012-05-17 17:58:32 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\Drimar
[2013-02-14 13:37:04 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\StartNow Toolbar
[2012-11-20 10:15:19 | 000,000,000 | ---D | M] -- C:\Users\asus\AppData\Roaming\TuneUp Software
[2011-04-30 02:33:47 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage
[2011-04-30 02:33:47 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage

:Files
C:\Program Files\Google\Update
C:\Users\asus\AppData\Local\Facebook\Update
C:\windows\tasks\*.*
C:\Users\asus\Documents\*.reg
C:\Users\asus\Desktop\TuneUp-Utilities(12764).exe
C:\windows\System32\ȭ
C:\windows\System32\ȭ

:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z Dostępne tylko dla zarejestrowanych użytkowników (z opcji Delete) + log z TDSSKiller + nowe logi z OTL.