Witam, prosze o sprawdzenie
Addition : http://wklej.org/id/1618133/
Pobierz i uruchom AdwCleaner Kliknij Szukaj i później Usuń.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1421435487&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1421435441&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1421435487&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1421435441&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&q={searchTerms}
HKU\S-1-5-21-3206051761-1821239434-4226146673-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1421435487&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&q={searchTerms}
HKU\S-1-5-21-3206051761-1821239434-4226146673-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1421435487&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828
HKU\S-1-5-21-3206051761-1821239434-4226146673-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hppp&ts=1421435487&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828
HKU\S-1-5-21-3206051761-1821239434-4226146673-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1421435487&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206051761-1821239434-4226146673-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&ts=1421435498&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206051761-1821239434-4226146673-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&ts=1421435498&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206051761-1821239434-4226146673-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&ts=1421435498&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206051761-1821239434-4226146673-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&ts=1421435498&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206051761-1821239434-4226146673-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&ts=1421435498&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3206051761-1821239434-4226146673-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD1600BEVT-22ZCT0_WD-WXE309LT5828T5828&ts=1421435498&type=default&q={searchTerms}
CHR Extension: (ace race) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bficpjjidlppjkpfbeljidlpkjcajhbg [2015-01-26]
R1 {4a90d0b9-0668-4ad5-92c2-d78786884485}w; C:\Windows\System32\drivers\{4a90d0b9-0668-4ad5-92c2-d78786884485}w.sys [43152 2015-01-24] (StdLib)
R1 {56db9de0-c769-4563-8e82-7e39885bf1ad}w; C:\Windows\System32\drivers\{56db9de0-c769-4563-8e82-7e39885bf1ad}w.sys [43152 2015-01-25] (StdLib)
R1 {6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw; C:\Windows\System32\drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw.sys [43160 2015-01-16] (StdLib)
R1 {f2944598-b89f-4e10-b544-5173761572df}w; C:\Windows\System32\drivers\{f2944598-b89f-4e10-b544-5173761572df}w.sys [43152 2015-01-28] (StdLib)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-01-29 01:23 - 2015-01-28 12:36 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers\{f2944598-b89f-4e10-b544-5173761572df}w.sys
2015-01-25 18:20 - 2015-01-25 05:46 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers\{56db9de0-c769-4563-8e82-7e39885bf1ad}w.sys
2015-01-24 21:30 - 2015-01-24 03:39 - 00043152 _____ (StdLib) C:\Windows\system32\Drivers\{4a90d0b9-0668-4ad5-92c2-d78786884485}w.sys
2015-01-16 20:17 - 2015-01-16 00:44 - 00043160 _____ (StdLib) C:\Windows\system32\Drivers\{6e9af5d3-a8f9-4461-ad38-1433888f55dc}Gw.sys
2015-01-16 20:12 - 2015-01-16 20:12 - 00000000 ____ D () C:\ProgramData\IHProtectUpDate
2015-01-16 20:11 - 2015-01-17 14:25 - 00000000 ____ D () C:\ProgramData\WindowsMangerProtect
2015-01-16 20:10 - 2015-01-16 21:17 - 00000000 ____ D () C:\Users\xxx\AppData\Roaming\omiga-plus
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\WindowsMangerProtect" /f
CMD: ipconfig /flushdns
EmptyTemp:
Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.
Kliknij Scan i pokaż nowy raport z FRST bez Addition.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2015-01-31 18:08 - 2015-01-31 18:12 - 00000000 ____ D () C:\AdwCleaner
DeleteQuarantine:
Uruchom FRST i kliknij Fix. Skasuj folder C:\FRST
Usuń stare punkty przywracania: Aby usunąć wszystkie punkty przywracania
Dysk przeskanuj Malwarebytes Anti-Malware
Podczas instalacji usuń zaznaczenie przy Uruchom okres testowy Malwarebytes Anti-Malware Premium.
http://wstaw.org/m/2014/03/25/2014-03-25_123039.png
Język PL > Settings > General Settings > Language > Polish
Przeczytaj w jaki sposób należy instalować programy: KLIK - KLIK - KLIK - KLIK
Zablokuj zdalny dostęp do panelu administracyjnego i zabezpiecz router porządnym hasłem:
Odinstaluj:
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Zainstaluj:
Dzieki. Powinno byc ok.