Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Win 10(8.1)/lenovo - jak usunąć yoursites123?

Karabelo 10 Gru 2015 22:11 906 5
  • CControls
  • CControls
  • #3 10 Gru 2015 22:56
    Karabelo
    Poziom 4  

    Dzięki za odpowiedź i chęć pomocy.
    Tak też zrobiłem jak napisałeś. Do pierwszego wpisu załączyłem potrzebne pliki. Są OK?

    0
  • #4 10 Gru 2015 23:36
    Kolobos
    Spec od komputerów

    Fixlist.txt dla FRST:
    Task: {048CE895-3A75-4746-88D9-7DFF5E84E15A} - System32\Tasks\{0F7B4AAE-6548-405B-AFEB-2A71487D5A9F} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {077500C2-3DC7-4BDF-AD81-EB9E87AD150B} - System32\Tasks\{EC8F00F6-B193-494D-8627-85E2C3F8B146} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {102567F8-460B-4E08-8DB8-AD396DCAE3EA} - System32\Tasks\Opera scheduled Autoupdate 1430153107 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {219C229E-00FB-4075-9E42-A910BD22CA84} - System32\Tasks\{3E6B821E-80DD-4A59-985C-D3334B7045D8} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {22421013-F6B3-41EA-B183-48112416551D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {2905FAD9-359C-41B8-82C1-D64DF8A0473F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {396B1292-7BFF-46E8-82B7-B80EDE2588D9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {40C8B11E-B1F7-4EA8-A36C-1D6377AD8988} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {51B73546-D02B-46F0-A0C2-89B44F33A2AE} - System32\Tasks\{7D288991-12C9-458A-9AD9-EB8437E317F9} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {7B1B3AD0-A3E5-4870-9DFE-6B639509FC07} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {7F7E7007-D8F1-4134-A666-7669CEFF8426} - System32\Tasks\{7F21702A-F983-4FFB-A3F4-B0ECAB3D9B51} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {9CCA784F-D45B-4904-9355-00D66D1E9D8E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {A9563D34-133C-4CF0-A6AE-AFE687B49E61} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {ADBD0CB4-6B57-4FAB-8954-B2E57D6F786D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {B1239CE0-8481-4C8C-8AE6-407177CD7819} - System32\Tasks\{62B28910-8F73-4248-B528-313A99675027} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {BBFD4DA0-F287-420B-B1F4-E580E4BED5E5} - System32\Tasks\{A5CDB908-7299-4450-884D-C386BA5174CB} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {C65B02F5-DA7D-4836-ACE0-82EFAED8BEE2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {CDBB1DE2-8AFD-4240-BADB-CD00D05E3557} - System32\Tasks\{80945600-EFBA-48E6-B617-D54C4B4CC66A} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {CEB19694-9120-4B9A-A78B-32D95E2A95C3} - System32\Tasks\{2EFD640B-FC3F-411D-9D82-4188A033C415} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)




    Task: {D87D4EFC-866B-4019-941A-81D0A7980F3C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {E9A91EFC-9D6B-4682-8366-6233E530712A} - System32\Tasks\{61A2C019-355C-472D-BDB2-0C27F2E4EFC3} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {EAAD4E79-147E-4A75-A50B-99F834733619} - System32\Tasks\{B4EC46C1-3962-4B6D-85BB-DBB5B729866E} => c:\program files (x86)\opera\launcher.exe [2015-12-04] (Opera Software)
    Task: {EDB6F911-83BB-488E-9894-44DC2354F38C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL <==== UWAGA
    AlternateDataStreams: C:\Program Files\CCleaner:Win32App_1
    AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
    AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
    AlternateDataStreams: C:\Program Files (x86)\Opera:Win32App_1
    AlternateDataStreams: C:\ProgramData\HP Photo Creations:Win32App_1
    (TFuns LIMITED) C:\ProgramData\5WdM5\WdMan.exe
    HKLM-x32\...\Run: [] => [X]
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-3780085806-3563579209-4270610838-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    HKU\S-1-5-21-3780085806-3563579209-4270610838-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3780085806-3563579209-4270610838-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3780085806-3563579209-4270610838-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL&q={searchTerms}
    Toolbar: HKU\S-1-5-21-3780085806-3563579209-4270610838-1001 -> Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
    Edge HomeButtonPage: HKU\S-1-5-21-3780085806-3563579209-4270610838-1001 -> hxxp://www.yoursites123.com/?type=hp&ts=1...;uid=ST500LX012-SSHD-8GB_W3N0WFALXXXXW3N0WFAL
    CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx
    U0 avc3; Brak ImagePath
    2015-12-10 17:08 - 2015-12-10 17:09 - 00000000 ____D C:\AdwCleaner
    2015-12-10 16:59 - 2015-12-10 16:59 - 00000001 _____ C:\WINDOWS\SysWOW64\pl.html
    2015-12-09 09:20 - 2015-12-09 09:21 - 00000000 ____D C:\ProgramData\5WdM5
    2015-12-09 09:20 - 2015-12-09 09:20 - 00000382 _____ C:\WINDOWS\SysWOW64\data.bin
    2015-12-09 09:19 - 2015-12-09 09:20 - 00000000 ____D C:\ProgramData\cWdMc
    EmptyTemp:

    0
  • #5 11 Gru 2015 12:29
    Karabelo
    Poziom 4  

    Ogromne podziękowania za pomoc. Poszło bez problemu. Mam nadzieję, że problem nie wróci ;)

    0