Problem z Round World

Yanosik · 11 Luty 2015 16:36

Witam

Prawdopodobnie po ściągnięciu WinRar z dobreprogramy.pl pojawił się problem z zaśmiecaniem przeglądarki przez Round World.

Proszę o pomoc.

FRST — http://www.wklej.org/id/1632310/

Addition — http://www.wklej.org/id/1632311/

Yanosik

Acorus · 11 Luty 2015 17:04

Otwórz notatnik systemowy i wklej:

GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hpppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3H
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hpppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3H
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dsts=1423513607from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dsts=1423513607from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hpppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3H
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hpppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3H
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dsts=1423513607from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dsts=1423513607from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
HKU\S-1-5-21-757965282-923858806-2484513513-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=dsppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
HKU\S-1-5-21-757965282-923858806-2484513513-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hpppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3H
HKU\S-1-5-21-757965282-923858806-2484513513-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.key-find.com/?type=hpppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3H
HKU\S-1-5-21-757965282-923858806-2484513513-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=dsppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
SearchScopes: HKU\S-1-5-21-757965282-923858806-2484513513-1002 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
SearchScopes: HKU\S-1-5-21-757965282-923858806-2484513513-1002 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.key-find.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hts=1423513653type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-757965282-923858806-2484513513-1002 - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.key-find.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hts=1423513653type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-757965282-923858806-2484513513-1002 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=dsppts=1423513636from=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hq={searchTerms}
SearchScopes: HKU\S-1-5-21-757965282-923858806-2484513513-1002 - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.key-find.com/web/?utm_source=butm_medium=corutm_campaign=install_ieutm_content=dsfrom=coruid=ST9160412ASG_5VG6BF3HXXXX5VG6BF3Hts=1423513653type=defaultq={searchTerms}
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll (Thinknice Co. Limited)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158896 2015-01-16] (XTab system)
R2 MaintainerSvc2.14.9041534; C:\ProgramData\aea8cc93-2213-47cf-a265-0391e3461dbb\maintainer.exe [123632 2015-02-11] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [487056 2015-02-09] (SysTool PasSame LIMITED)
R1 {81711fd0-60e8-45bb-a4ff-3004058b32b4}Gw64; C:\Windows\System32\drivers\{81711fd0-60e8-45bb-a4ff-3004058b32b4}Gw64.sys [48784 2015-02-09] (StdLib)
R1 {d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gw64; C:\Windows\System32\drivers\{d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gw64.sys [48784 2015-02-10] (StdLib)
2015-02-10 19:37 - 2015-02-10 09:52 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{d0194130-21b3-4618-b5c8-b6dfe1e0bb88}Gw64.sys
2015-02-09 22:23 - 2015-02-09 07:46 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{81711fd0-60e8-45bb-a4ff-3004058b32b4}Gw64.sys
2015-02-09 21:27 - 2015-02-09 21:27 - 00000000 ____ D () C:\ProgramData\WindowsMangerProtect
2015-02-09 21:27 - 2015-02-09 21:27 - 00000000 ____ D () C:\ProgramData\IHProtectUpDate
2015-02-09 21:27 - 2015-02-09 21:27 - 00000000 ____ D () C:\Program Files (x86)\XTab
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.