Ostatnio przy włączaniu przeglądarki google chrome wyskakują mi karty: omiga plus, web searches, gazeta.pl i default search mimo, że mam ustawioną domyślną przeglądarkę na google.com.
Proszę o pomoc.
A to log z Gmera
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-09-16 07:12:01
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.BBCO 149,05GB
Running: gmer.exe; Driver: C:\Users\Kacper\AppData\Local\Temp\ufdiipoc.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwCreateSection [0x89551E7C]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwCreateThread [0x89552000]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwMakeTemporaryObject [0x89551DF2]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwQueueApcThread [0x8955211E]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwSetContextThread [0x8955223E]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwSetSystemInformation [0x8954E93C]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwSetSystemTime [0x8954EAF2]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwUnmapViewOfSection [0x89551D64]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwWriteVirtualMemory [0x8955001E]
SSDT \SystemRoot\system32\drivers\dwprot.sys ZwCreateThreadEx [0x8955208E]
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!KeInsertQueue + 405 E2C7590C 4 Bytes [7C, 1E, 55, 89]
.text ntoskrnl.exe!KeInsertQueue + 411 E2C75918 4 Bytes [00, 20, 55, 89]
.text ntoskrnl.exe!KeInsertQueue + 591 E2C75A98 4 Bytes [F2, 1D, 55, 89]
.text ntoskrnl.exe!KeInsertQueue + 6D5 E2C75BDC 4 Bytes [1E, 21, 55, 89] {PUSH DS; AND [EBP-0x77], EDX}
.text ntoskrnl.exe!KeInsertQueue + 75D E2C75C64 4 Bytes [3E, 22, 55, 89] {AND DL, [DS:EBP-0x77]}
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\Ntfs \Ntfs dwprot.sys
Device \Driver\tdx \Device\Tcp DrWebLwf.sys
AttachedDevice \Driver\tdx \Device\Tcp dwprot.sys
Device \Driver\tdx \Device\RawIp6 DrWebLwf.sys
Device \Driver\tdx \Device\Tcp6 DrWebLwf.sys
Device \Driver\tdx \Device\Tdx DrWebLwf.sys
Device \Driver\tdx \Device\Udp DrWebLwf.sys
AttachedDevice \Driver\tdx \Device\Udp dwprot.sys
Device \Driver\tdx \Device\RawIp DrWebLwf.sys
AttachedDevice \Driver\tdx \Device\RawIp dwprot.sys
Device \Driver\tdx \Device\Udp6 DrWebLwf.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
AttachedDevice \FileSystem\fastfat \Fat dwprot.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\AppInfo@ Service
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001f3ad8830c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001f3ad8830c@940070addd62 0x1B 0xE7 0x61 0xF6 ...
Reg HKLM\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\AppInfo@ Service
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001f3ad8830c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001f3ad8830c@940070addd62 0x1B 0xE7 0x61 0xF6 ...
Reg HKLM\SYSTEM\ControlSet004\Control\SafeBoot\Minimal\AppInfo@ Service
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001f3ad8830c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001f3ad8830c@940070addd62 0x1B 0xE7 0x61 0xF6 ...
Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\001f3ad8830c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\BTHPORT\Parameters\Keys\001f3ad8830c@940070addd62 0x1B 0xE7 0x61 0xF6 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001f3ad8830c
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001f3ad8830c@940070addd62 0x1B 0xE7 0x61 0xF6 ...
---- Files - GMER 2.1 ----
File C:\Users\Kacper\AppData\Roaming\Opera Software\Opera Stable\File System\000\p\Paths\000322.log 0 bytes
File C:\Users\Kacper\AppData\Roaming\Opera Software\Opera Stable\File System\000\p\Paths\MANIFEST-000321 0 bytes
File C:\Users\Kacper\AppData\Roaming\Opera Software\Opera Stable\File System\Origins\000371.log 0 bytes
File C:\Users\Kacper\AppData\Roaming\Opera Software\Opera Stable\File System\Origins\MANIFEST-000370 185 bytes
---- EOF - GMER 2.1 ----
. Zrobiłem wszystko jak trzeba z AdwCleanerem i otl.