zielony13 utworzono 4 lutego 2015 utworzono 4 lutego 2015 Witam , mam problem z pojjawianiem się strony Omiga plus com na mojej przeglądarce Mozilla. Za każdym razem kiedy chcę coś wyszukać pojawia się strona tego typuhttp://searches.omiga-plus.com/search/web?type=ds&channel=cor&q PRÓBOWAŁAM USUNĄĆ wirus WG. INSTRUKCJI podanych na innych stronach - bez rezultatu. MIANOWICIE:w "Panel sterowania"."Programy i funkcje" nie zlokalizowałam OMIGI. W otwartym menu przeglądarki Mozilla Firefox we "Właściwościach" w polu docelowym też nie mam tekstu z OMIGĄ , jest tak: C:\Program Files (x86)\Mozilla Firefox\firefox.exe". w OPCJACH przeglądarki mam ustawioną stronę startową www.wp.pl Nawet próbowałam czegoś takiego : W pasku adresu URL, wpisz about:config i naciśnij Enter. Kliknij "Będę ostrożny, obiecuję!". W filtrze wyszukiwania na górze, wpisz: "omiga" Kliknij prawym przyciskiem myszy na znalezione preferencje i wybierz "Reset", aby przywrócić domyślne wartości. Nie wiem już jak mogłabym to usunąć . Mam Windows 7 . Odinstalowanie przeglądarki też nie pomogło . PROSZĘ O POMOC _ tylko z jasną instrukcją co mam zrobić ..bo za bardzo nie znam się na tym. z góry dziękuję :)
Zayfi komentarz 4 lutego 2015 komentarz 4 lutego 2015 podaj logi z FRST http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1
zielony13 komentarz 4 lutego 2015 Autor komentarz 4 lutego 2015 a na czym to polega ?, nie jestem biegła w tych sprawach
Youki komentarz 4 lutego 2015 komentarz 4 lutego 2015 Na tym, że wykonujesz wszystko tak jak jest tam to podane w tym poradniku i otrzymaną zawartość wklejasz tutaj. Z fusów nikt Ci tutaj nie udzieli pomocy. :)
zielony13 komentarz 4 lutego 2015 Autor komentarz 4 lutego 2015 W załączniku przesyłam przeskanowane raporty . Mam nadzieję, że ktoś się na tym zna i podpowie jak to cholerstwo usunąć ! ok dzięki :) W załączniku przesyłam przeskanowane raporty . Mam nadzieję, że ktoś się na tym zna i podpowie jak to cholerstwo usunąć !
Zayfi komentarz 5 lutego 2015 komentarz 5 lutego 2015 1. Otwórz notatnik i wklej CloseProcesses: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {8871BD27-02BF-41C3-812F-0B766F90189C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms} FF DefaultSearchEngine: omiga-plus FF SelectedSearchEngine: omiga-plus FF Homepage: www.wp.pl CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700" CHR DefaultSearchKeyword: Default -> omiga-plus Task: {05F0C8C0-173B-4938-AC77-1974B402304A} - \Games\UpdateCheck_S-1-5-21-3103517350-1920271136-3507122297㠀㔀㌀㘀㜀㜀ⴀ㘀㜀㈀㐀㔀㔀㜀㈀ ⴀ No Task File <==== ATTENTION Task: {40D71C1E-98C7-4CA0-AA89-8464549AAEB8} - System32\Tasks\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF} => pcalua.exe -a C:\Users\user\Downloads\TurboMapHLP.exe -d C:\Users\user\Downloads Task: {48E36F43-F82F-4184-B7AC-6B15E84DA4A0} - System32\Tasks\{9526440F-E08D-4A74-91FD-2ECB899996A8} => pcalua.exe -a C:\Users\user\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor <==== ATTENTION Task: {FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC} - \WPD\SqmUpload_S-1-5-21-3103517350-1920271136-3507122297㠀㔀㌀㘀㜀㜀ⴀ㘀㜀㈀㐀㔀㔀㜀㈀ ⴀ No Task File <==== ATTENTION EmptyTemp: plik zapisz jako fixlist.txt i umieść w C:\Users\user\Downloads. Uruchom FRST i kliknij w Fix. Nastapi usuwanie. Przedstaw raport z usuwania fixlog.txt. 2. Odinstaluj z panelu programów McAfee Security Scan Plus. 3. Pobierz AdwCleaner i wykonaj nim skan (opcja Szukaj) - przedstaw raport. http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
zielony13 komentarz 5 lutego 2015 Autor komentarz 5 lutego 2015 (edytowane) Witam , dziękuję za wskazówki . PONIŻEJ raporty : z PROGRAMU AdwCleaner: [log] # AdwCleaner v4.109 - Log utworzony 05/02/2015 o 17:00:07 # Aktualizacja 24/01/2015 przez Xplode # Database : 2015-02-04.1 [Live] # System operacyjny : Windows 7 Professional Service Pack 1 (64 bits) # Użytkownik : user - 77P5LY1 # Ścieżka : C:\adwcleaner_4.109.exe # Opcja : Szukaj ***** [ Usługi ] ***** Usługa Znaleziono : IHProtect Service ***** [ Pliki / Foldery ] ***** Folder Znaleziono : C:\Program Files (x86)\XTab Folder Znaleziono : C:\ProgramData\IHProtectUpDate Folder Znaleziono : C:\ProgramData\WindowsMangerProtect Folder Znaleziono : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com Folder Znaleziono : C:\users\user\AppData\Roaming\PriceFountain Plik Znaleziono : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage Plik Znaleziono : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage Plik Znaleziono : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml Plik Znaleziono : C:\Windows\System32\roboot64.exe ***** [ Zadania ] ***** ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Dane Znaleziono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 Klucz Znaleziono : HKCU\Software\InstallCore Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Znaleziono : HKCU\Software\Mozilla\Extends Klucz Znaleziono : [x64] HKCU\Software\InstallCore Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Klucz Znaleziono : HKLM\SOFTWARE\IHProtect Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Znaleziono : HKLM\SOFTWARE\omiga-plusSoftware Klucz Znaleziono : HKLM\SOFTWARE\SupDp Klucz Znaleziono : HKLM\SOFTWARE\SupTab Klucz Znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Wartość Znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com] ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Mozilla Firefox v35.0.1 (x86 pl) [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.defaultenginename", "omiga-plus"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.alias", "omiga-plus"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.iconURL", "hxxp://isearch.omiga-plus.com/web/favicon.ico"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.name", "omiga-plus"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.url", "hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.selectedEngine", "omiga-plus"); [sd8c8qaw.default] - Wpis znaleziony : user_pref("extensions.quick_start.enable_search1", false); [sd8c8qaw.default] - Wpis znaleziony : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); -\\ Google Chrome v [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web data] - Znaleziono [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web data] - Znaleziono [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} -\\ Opera v27.0.1689.66 ************************* AdwCleaner[R0].txt - [4594 octets] - [05/02/2015 17:00:07] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4654 octets] ########## Z Fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015 Ran by user at 2015-02-05 16:49:35 Run:1 Running from C:\Users\user\Downloads Loaded Profiles: user (Available profiles: user & Administrator) Boot Mode: Normal ============================================== Content of fixlist: ***************** CloseProcesses: HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {8871BD27-02BF-41C3-812F-0B766F90189C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms} FF DefaultSearchEngine: omiga-plus FF SelectedSearchEngine: omiga-plus FF Homepage: www.wp.pl CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700 CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700" CHR DefaultSearchKeyword: Default -> omiga-plus Task: {05F0C8C0-173B-4938-AC77-1974B402304A} - \Games\UpdateCheck_S-1-5-21-3103517350-1920271136-3507122297????????????????? ?? ? No Task File <==== ATTENTION Task: {40D71C1E-98C7-4CA0-AA89-8464549AAEB8} - System32\Tasks\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF} => pcalua.exe -a C:\Users\user\Downloads\TurboMapHLP.exe -d C:\Users\user\Downloads Task: {48E36F43-F82F-4184-B7AC-6B15E84DA4A0} - System32\Tasks\{9526440F-E08D-4A74-91FD-2ECB899996A8} => pcalua.exe -a C:\Users\user\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=cor <==== ATTENTION Task: {FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC} - \WPD\SqmUpload_S-1-5-21-3103517350-1920271136-3507122297????????????????? ?? No Task File <==== ATTENTION EmptyTemp: ***************** Processes closed successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => Key deleted successfully. HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found. "HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully. HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found. "HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8871BD27-02BF-41C3-812F-0B766F90189C}" => Key deleted successfully. HKCR\CLSID\{8871BD27-02BF-41C3-812F-0B766F90189C} => Key not found. "HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => Key deleted successfully. HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found. Firefox DefaultSearchEngine deleted successfully. Firefox SelectedSearchEngine deleted successfully. Firefox homepage deleted successfully. Chrome HomePage deleted successfully. Chrome StartupUrls not detected. Chrome DefaultSearchKeyword deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05F0C8C0-173B-4938-AC77-1974B402304A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05F0C8C0-173B-4938-AC77-1974B402304A}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-3103517350-1920271136-3507122297????????????????? ?? ? => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40D71C1E-98C7-4CA0-AA89-8464549AAEB8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D71C1E-98C7-4CA0-AA89-8464549AAEB8}" => Key deleted successfully. C:\Windows\System32\Tasks\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E36F43-F82F-4184-B7AC-6B15E84DA4A0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E36F43-F82F-4184-B7AC-6B15E84DA4A0}" => Key deleted successfully. C:\Windows\System32\Tasks\{9526440F-E08D-4A74-91FD-2ECB899996A8} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9526440F-E08D-4A74-91FD-2ECB899996A8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC}" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3103517350-1920271136-3507122297????????????????? ?? => Key not found. EmptyTemp: => Removed 2.6 GB temporary data. The system needed a reboot. ==== End of Fixlog 16:50:10 ==== [/log] Edytowane 5 lutego 2015 przez Natsuki Kuga
Zayfi komentarz 5 lutego 2015 komentarz 5 lutego 2015 otwórz notatnik i wklej C:\Program Files (x86)\XTab C:\ProgramData\IHProtectUpDate C:\ProgramData\WindowsMangerProtect C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com C:\users\user\AppData\Roaming\PriceFountain C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml C:\Windows\System32\roboot64.exe Reboot: plik zapisz jako fixlist.txt i umieść w C:\Users\user\Downloads. Uruchom FRST i kliknij w Fix. Nastapi usuwanie. Przedstaw raport z usuwania fixlog.txt. 2. Uruchom AdwCleaner i kliknij najpierw Szukaj a potem Usuń. 3. Zrób nowy skan FRST i daj raport.
zielony13 komentarz 5 lutego 2015 Autor komentarz 5 lutego 2015 (edytowane) Witam podję raport Fixlog: [log] Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015 Ran by user at 2015-02-05 21:22:09 Run:2 Running from C:\Users\user\Downloads Loaded Profiles: user (Available profiles: user & Administrator) Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Program Files (x86)\XTab C:\ProgramData\IHProtectUpDate C:\ProgramData\WindowsMangerProtect C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com C:\users\user\AppData\Roaming\PriceFountain C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml C:\Windows\System32\roboot64.exe Reboot: ***************** C:\Program Files (x86)\XTab => Moved successfully. C:\ProgramData\IHProtectUpDate => Moved successfully. C:\ProgramData\WindowsMangerProtect => Moved successfully. C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com => Moved successfully. C:\users\user\AppData\Roaming\PriceFountain => Moved successfully. "C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage" => File/Directory not found. C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml => Moved successfully. C:\Windows\System32\roboot64.exe => Moved successfully. The system needed a reboot. ==== End of Fixlog 21:22:10 ==== [/log] Usunęłam też programem AdwCleaner [log] # AdwCleaner v4.109 - Log utworzony 05/02/2015 o 21:51:42 # Aktualizacja 24/01/2015 przez Xplode # Database : 2015-02-05.1 [Live] # System operacyjny : Windows 7 Professional Service Pack 1 (64 bits) # Użytkownik : user - 77P5LY1 # Ścieżka : C:\adwcleaner_4.109.exe # Opcja : Usuń ***** [ Usługi ] ***** [#] Usługa Usunięto : IHProtect Service ***** [ Pliki / Foldery ] ***** Plik Usunięto : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage Plik Usunięto : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage ***** [ Zadania ] ***** ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com] Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Klucz Usunięto : HKCU\Software\Mozilla\Extends Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Klucz Usunięto : HKCU\Software\InstallCore Klucz Usunięto : HKLM\SOFTWARE\omiga-plusSoftware Klucz Usunięto : HKLM\SOFTWARE\SupDp Klucz Usunięto : HKLM\SOFTWARE\SupTab Klucz Usunięto : HKLM\SOFTWARE\IHProtect ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Mozilla Firefox v35.0.1 (x86 pl) [/log] Otwieram wyszukiwarkę i jakby wszystko wróciło do normy . OMIGA zniknęła. Czy jeszcze coś należy zrobić ? Edytowane 10 lutego 2015 przez Natsuki Kuga
Zayfi komentarz 6 lutego 2015 komentarz 6 lutego 2015 (edytowane) Otwieram wyszukiwarkę i jakby wszystko wróciło do normy . OMIGA zniknęła. Czy jeszcze coś należy zrobić ? 1. przez Shift + Delete skasuj z dysku folder C:\FRST 2. Uruchom AdwCleaner i kliknij Odinstaluj 3. wyczyść foldery Przywrcania systemu http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415 Edytowane 6 lutego 2015 przez Zayfi
zielony13 komentarz 7 lutego 2015 Autor komentarz 7 lutego 2015 Witam Powyższe wskazówki zrobione . Dziekuję bardzo Panu za pomoc !!
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.