x-kom hosting

[Rozwiązany] OMIGA-plus.com JAK USUNĄĆ !

zielony13
utworzono
utworzono

Witam , mam problem z pojjawianiem się  strony Omiga plus com na mojej przeglądarce Mozilla. Za każdym razem kiedy chcę coś wyszukać pojawia się strona  tego typu
http://searches.omiga-plus.com/search/web?type=ds&channel=cor&q

 

PRÓBOWAŁAM USUNĄĆ wirus  WG. INSTRUKCJI podanych na innych stronach - bez rezultatu. MIANOWICIE:
w "Panel sterowania"."Programy i funkcje" nie zlokalizowałam OMIGI.

W otwartym menu przeglądarki Mozilla Firefox we  "Właściwościach" w polu docelowym też nie mam  tekstu z OMIGĄ , jest tak:  C:\Program Files (x86)\Mozilla Firefox\firefox.exe".

w OPCJACH przeglądarki mam ustawioną stronę startową www.wp.pl
Nawet próbowałam czegoś takiego :

W pasku adresu URL, wpisz about:config i naciśnij Enter.
Kliknij "Będę ostrożny, obiecuję!".
W filtrze wyszukiwania na górze, wpisz: "omiga"
Kliknij prawym przyciskiem myszy na znalezione preferencje i wybierz "Reset", aby przywrócić domyślne wartości.

Nie wiem już jak mogłabym to usunąć . Mam Windows 7 .
Odinstalowanie przeglądarki też nie pomogło .
PROSZĘ O POMOC _ tylko z jasną  instrukcją co mam zrobić ..bo za bardzo nie znam się na tym.
z góry dziękuję :)

 

 

 

zielony13
komentarz
komentarz

a na czym to polega ?, nie jestem biegła w tych sprawach

Youki
komentarz
komentarz

Na tym, że wykonujesz wszystko tak jak jest tam to podane w tym poradniku i otrzymaną zawartość wklejasz tutaj.

 

Z fusów nikt Ci tutaj nie udzieli pomocy. :) 

zielony13
komentarz
komentarz

W załączniku przesyłam przeskanowane raporty . Mam nadzieję, że ktoś się na tym zna i podpowie jak to cholerstwo usunąć !


ok dzięki :)

 

W załączniku przesyłam przeskanowane raporty . Mam nadzieję, że ktoś się na tym zna i podpowie jak to cholerstwo usunąć !

Zayfi
komentarz
komentarz

1. Otwórz notatnik i wklej

CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {8871BD27-02BF-41C3-812F-0B766F90189C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms}
FF DefaultSearchEngine: omiga-plus
FF SelectedSearchEngine: omiga-plus
FF Homepage: www.wp.pl
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700"
CHR DefaultSearchKeyword: Default -> omiga-plus
Task: {05F0C8C0-173B-4938-AC77-1974B402304A} - \Games\UpdateCheck_S-1-5-21-3103517350-1920271136-3507122297㠀㔀㌀㘀㄀㜀㜀ⴀ㄀㘀㜀㈀㐀㔀㔀㜀㈀ ⴀ㄀  ㄀ No Task File <==== ATTENTION
Task: {40D71C1E-98C7-4CA0-AA89-8464549AAEB8} - System32\Tasks\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF} => pcalua.exe -a C:\Users\user\Downloads\TurboMapHLP.exe -d C:\Users\user\Downloads
Task: {48E36F43-F82F-4184-B7AC-6B15E84DA4A0} - System32\Tasks\{9526440F-E08D-4A74-91FD-2ECB899996A8} => pcalua.exe -a C:\Users\user\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=cor <==== ATTENTION
Task: {FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC} - \WPD\SqmUpload_S-1-5-21-3103517350-1920271136-3507122297㠀㔀㌀㘀㄀㜀㜀ⴀ㄀㘀㜀㈀㐀㔀㔀㜀㈀ ⴀ㄀    No Task File <==== ATTENTION
EmptyTemp:

plik zapisz jako fixlist.txt i umieść w C:\Users\user\Downloads. Uruchom FRST i kliknij w Fix. Nastapi usuwanie. Przedstaw raport z usuwania fixlog.txt.

 

 

2. Odinstaluj z panelu programów McAfee Security Scan Plus.

 

3. Pobierz AdwCleaner i wykonaj nim skan (opcja Szukaj) - przedstaw raport.

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

zielony13
komentarz
komentarz (edytowane)

Witam , dziękuję za wskazówki . PONIŻEJ raporty :
z PROGRAMU AdwCleaner:

[log]
# AdwCleaner v4.109 - Log utworzony 05/02/2015 o 17:00:07
# Aktualizacja 24/01/2015 przez Xplode
# Database : 2015-02-04.1 [Live]
# System operacyjny : Windows 7 Professional Service Pack 1 (64 bits)
# Użytkownik : user - 77P5LY1
# Ścieżka : C:\adwcleaner_4.109.exe
# Opcja : Szukaj

***** [ Usługi ] *****

Usługa Znaleziono : IHProtect Service

***** [ Pliki / Foldery ] *****

Folder Znaleziono : C:\Program Files (x86)\XTab
Folder Znaleziono : C:\ProgramData\IHProtectUpDate
Folder Znaleziono : C:\ProgramData\WindowsMangerProtect
Folder Znaleziono : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com
Folder Znaleziono : C:\users\user\AppData\Roaming\PriceFountain
Plik Znaleziono : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
Plik Znaleziono : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage
Plik Znaleziono : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml
Plik Znaleziono : C:\Windows\System32\roboot64.exe

***** [ Zadania ] *****


***** [ Skróty ] *****


***** [ Rejestr ] *****

Dane Znaleziono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
Klucz Znaleziono : HKCU\Software\InstallCore
Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Znaleziono : HKCU\Software\Mozilla\Extends
Klucz Znaleziono : [x64] HKCU\Software\InstallCore
Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klucz Znaleziono : HKLM\SOFTWARE\IHProtect
Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Znaleziono : HKLM\SOFTWARE\omiga-plusSoftware
Klucz Znaleziono : HKLM\SOFTWARE\SupDp
Klucz Znaleziono : HKLM\SOFTWARE\SupTab
Klucz Znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Wartość Znaleziono : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 pl)

[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.defaultenginename", "omiga-plus");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.alias", "omiga-plus");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.iconURL", "hxxp://isearch.omiga-plus.com/web/favicon.ico");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.name", "omiga-plus");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.searchengine.url", "hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("browser.search.selectedEngine", "omiga-plus");
[sd8c8qaw.default] - Wpis znaleziony : user_pref("extensions.quick_start.enable_search1", false);
[sd8c8qaw.default] - Wpis znaleziony : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v

[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web data] - Znaleziono [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web data] - Znaleziono [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}

-\\ Opera v27.0.1689.66


*************************

AdwCleaner[R0].txt - [4594 octets] - [05/02/2015 17:00:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4654 octets] ##########

 

Z Fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015
Ran by user at 2015-02-05 16:49:35 Run:1
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available profiles: user & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422830700&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {8871BD27-02BF-41C3-812F-0B766F90189C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3103517350-1920271136-3507122297-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700&ts=1422830749&type=default&q={searchTerms}
FF DefaultSearchEngine: omiga-plus
FF SelectedSearchEngine: omiga-plus
FF Homepage: www.wp.pl
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1422830732&from=cor&uid=WDCXWD2500AAKX-75U6AA0_WD-WCC2H182070020700"
CHR DefaultSearchKeyword: Default -> omiga-plus
Task: {05F0C8C0-173B-4938-AC77-1974B402304A} - \Games\UpdateCheck_S-1-5-21-3103517350-1920271136-3507122297????????????????? ??  ? No Task File <==== ATTENTION
Task: {40D71C1E-98C7-4CA0-AA89-8464549AAEB8} - System32\Tasks\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF} => pcalua.exe -a C:\Users\user\Downloads\TurboMapHLP.exe -d C:\Users\user\Downloads
Task: {48E36F43-F82F-4184-B7AC-6B15E84DA4A0} - System32\Tasks\{9526440F-E08D-4A74-91FD-2ECB899996A8} => pcalua.exe -a C:\Users\user\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=cor <==== ATTENTION
Task: {FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC} - \WPD\SqmUpload_S-1-5-21-3103517350-1920271136-3507122297????????????????? ??    No Task File <==== ATTENTION
EmptyTemp:
*****************

Processes closed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => Key deleted successfully.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => Key not found.
"HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
"HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8871BD27-02BF-41C3-812F-0B766F90189C}" => Key deleted successfully.
HKCR\CLSID\{8871BD27-02BF-41C3-812F-0B766F90189C} => Key not found.
"HKU\S-1-5-21-3103517350-1920271136-3507122297-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => Key deleted successfully.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls not detected.
Chrome DefaultSearchKeyword deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05F0C8C0-173B-4938-AC77-1974B402304A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05F0C8C0-173B-4938-AC77-1974B402304A}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-3103517350-1920271136-3507122297????????????????? ??  ? => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40D71C1E-98C7-4CA0-AA89-8464549AAEB8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D71C1E-98C7-4CA0-AA89-8464549AAEB8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B28049C-4BA4-4290-BD4D-D3AF7B8630CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E36F43-F82F-4184-B7AC-6B15E84DA4A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E36F43-F82F-4184-B7AC-6B15E84DA4A0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9526440F-E08D-4A74-91FD-2ECB899996A8} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9526440F-E08D-4A74-91FD-2ECB899996A8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF4EBF95-62FA-4B0F-BBB2-9DC0955B93EC}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3103517350-1920271136-3507122297????????????????? ??    => Key not found.
EmptyTemp: => Removed 2.6 GB temporary data.


The system needed a reboot.

==== End of Fixlog 16:50:10 ====

[/log]
 



 

Edytowane przez Natsuki Kuga
Zayfi
komentarz
komentarz

otwórz notatnik i wklej

C:\Program Files (x86)\XTab
C:\ProgramData\IHProtectUpDate
C:\ProgramData\WindowsMangerProtect
C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com
C:\users\user\AppData\Roaming\PriceFountain
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage
C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml
C:\Windows\System32\roboot64.exe
Reboot:

plik zapisz jako fixlist.txt i umieść w C:\Users\user\Downloads. Uruchom FRST i kliknij w Fix. Nastapi usuwanie. Przedstaw raport z usuwania fixlog.txt.

 

 

2. Uruchom AdwCleaner i kliknij najpierw Szukaj a potem Usuń.

 

 

3. Zrób nowy skan FRST i daj raport.

zielony13
komentarz
komentarz (edytowane)

Witam podję raport Fixlog:

 

[log]

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015
Ran by user at 2015-02-05 21:22:09 Run:2
Running from C:\Users\user\Downloads
Loaded Profiles: user (Available profiles: user & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\XTab
C:\ProgramData\IHProtectUpDate
C:\ProgramData\WindowsMangerProtect
C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com
C:\users\user\AppData\Roaming\PriceFountain
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage
C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml
C:\Windows\System32\roboot64.exe
Reboot:
*****************

C:\Program Files (x86)\XTab => Moved successfully.
C:\ProgramData\IHProtectUpDate => Moved successfully.
C:\ProgramData\WindowsMangerProtect => Moved successfully.
C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\Extensions\fftoolbar2014@etech.com => Moved successfully.
C:\users\user\AppData\Roaming\PriceFountain => Moved successfully.
"C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage" => File/Directory not found.
C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd8c8qaw.default\searchplugins\omiga-plus.xml => Moved successfully.
C:\Windows\System32\roboot64.exe => Moved successfully.


The system needed a reboot.

==== End of Fixlog 21:22:10 ====

[/log]

 

Usunęłam też programem  AdwCleaner
[log]
# AdwCleaner v4.109 - Log utworzony 05/02/2015 o 21:51:42
# Aktualizacja 24/01/2015 przez Xplode
# Database : 2015-02-05.1 [Live]
# System operacyjny : Windows 7 Professional Service Pack 1 (64 bits)
# Użytkownik : user - 77P5LY1
# Ścieżka : C:\adwcleaner_4.109.exe
# Opcja : Usuń

***** [ Usługi ] *****

[#] Usługa Usunięto : IHProtect Service

***** [ Pliki / Foldery ] *****

Plik Usunięto : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static-trackers.adtarget.me_0.localstorage
Plik Usunięto : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage

***** [ Zadania ] *****


***** [ Skróty ] *****


***** [ Rejestr ] *****

Wartość Usunięto : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Klucz Usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klucz Usunięto : HKCU\Software\Mozilla\Extends
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKLM\SOFTWARE\omiga-plusSoftware
Klucz Usunięto : HKLM\SOFTWARE\SupDp
Klucz Usunięto : HKLM\SOFTWARE\SupTab
Klucz Usunięto : HKLM\SOFTWARE\IHProtect

***** [ Przeglądarki internetowe ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 pl)

[/log]

Otwieram wyszukiwarkę i jakby wszystko wróciło do normy . OMIGA zniknęła. Czy jeszcze coś należy zrobić ?

 

Edytowane przez Natsuki Kuga
Zayfi
komentarz
komentarz (edytowane)
Otwieram wyszukiwarkę i jakby wszystko wróciło do normy . OMIGA zniknęła. Czy jeszcze coś należy zrobić ?

 

1. przez Shift + Delete skasuj z dysku folder C:\FRST

 

2. Uruchom AdwCleaner i kliknij Odinstaluj

 

3. wyczyść foldery Przywrcania systemu

 

http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415

Edytowane przez Zayfi
zielony13
komentarz
komentarz

Witam
Powyższe wskazówki zrobione . Dziekuję bardzo Panu za pomoc !!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.