Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Yoursites123 - jak się pozbyć?

makota 11 Gru 2015 10:43 1542 6
  • Pomocny post
    #2 11 Gru 2015 10:53
    Kolobos
    Spec od komputerów

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {111D5EBF-2698-4D35-B0AD-6CB911A906FF} - System32\Tasks\{C07C6374-6422-4D4C-A39D-B93D0C239498} => pcalua.exe -a C:\Users\Iwona\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
    Task: {208EA3DA-64F8-4DFB-965C-5BE9B66AE498} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {32E03602-72DD-4D4E-95AA-C6E6CBC61C7F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {3A076FDF-BBB9-41F1-AA6C-27B1145F6905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {4B676C23-7CFF-416C-A0AB-FB90B1EEE57A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {71A3329D-07FE-40CF-9557-DFF52F7A636D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {90AAAA47-A125-47A1-A3F1-3A2D9904D933} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {9966881B-8287-4A36-A1E8-F37AD849291A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {C04889E9-EF95-4192-90C7-6B7047E334C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {C8BF8B34-A283-486F-B626-922BF8F75D09} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {D0C310D9-6975-4B5F-88A1-44E55E2CEC13} - System32\Tasks\Chromium => C:\Users\Iwona\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE
    Task: {DE26CD87-651B-44F4-9143-43D76B8BBF23} - System32\Tasks\CEJYRE => C:\Users\Iwona\AppData\Roaming\CEJYRE.exe <==== UWAGA
    Task: {E229B926-733F-4C28-98DF-50E62FB8B649} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {EA29ED7E-183C-4F10-825F-B79B5AC1E776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: C:\WINDOWS\Tasks\CEJYRE.job => C:\Users\Iwona\AppData\Roaming\CEJYRE.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Chromium.job => C:\Users\Iwona\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE
    ShortcutWithArgument: C:\Users\Iwona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\Users\Iwona\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA




    ShortcutWithArgument: C:\Users\Iwona\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    AlternateDataStreams: C:\ProgramData\Temp:56E2E879
    (TFuns LIMITED) C:\ProgramData\1WdM1\WdMan.exe
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10
    HKU\S-1-5-21-3885417275-3763729218-2031599569-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786...5452%26type%3Ddefault%26q%3D%7BsearchTerms%7D
    HKU\S-1-5-21-3885417275-3763729218-2031599569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_re...ndex.jsp?lg=pl&pid=NIS&pvid=22.5.5.15
    Edge HomeButtonPage: HKU\S-1-5-21-3885417275-3763729218-2031599569-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=14...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3885417275-3763729218-2031599569-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3885417275-3763729218-2031599569-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
    R2 WdMan; C:\ProgramData\1WdM1\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2015-12-09 11:39 - 2015-12-11 07:24 - 00000000 ____D C:\ProgramData\1WdM1
    2015-12-09 11:38 - 2015-12-09 11:39 - 00000000 ____D C:\ProgramData\HWdMH
    2015-12-10 23:03 - 2015-03-13 22:01 - 00000000 ____D C:\AdwCleaner
    2015-12-10 22:25 - 2014-09-01 09:18 - 00000365 _____ C:\Users\Iwona\AppData\Roaming\CEJYRE
    EmptyTemp:

    W FRST wybierz Napraw.

    0
  • #3 11 Gru 2015 10:55
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {111D5EBF-2698-4D35-B0AD-6CB911A906FF} - System32\Tasks\{C07C6374-6422-4D4C-A39D-B93D0C239498} => pcalua.exe -a C:\Users\Iwona\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=smt
    Task: {208EA3DA-64F8-4DFB-965C-5BE9B66AE498} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {32E03602-72DD-4D4E-95AA-C6E6CBC61C7F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {3A076FDF-BBB9-41F1-AA6C-27B1145F6905} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {4B676C23-7CFF-416C-A0AB-FB90B1EEE57A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {71A3329D-07FE-40CF-9557-DFF52F7A636D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {90AAAA47-A125-47A1-A3F1-3A2D9904D933} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {9966881B-8287-4A36-A1E8-F37AD849291A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {C04889E9-EF95-4192-90C7-6B7047E334C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {C8BF8B34-A283-486F-B626-922BF8F75D09} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {DE26CD87-651B-44F4-9143-43D76B8BBF23} - System32\Tasks\CEJYRE => C:\Users\Iwona\AppData\Roaming\CEJYRE.exe <==== UWAGA
    Task: {E229B926-733F-4C28-98DF-50E62FB8B649} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {EA29ED7E-183C-4F10-825F-B79B5AC1E776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: C:\WINDOWS\Tasks\CEJYRE.job => C:\Users\Iwona\AppData\Roaming\CEJYRE.exe <==== UWAGA
    ShortcutWithArgument: C:\Users\Iwona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\Users\Iwona\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\Users\Iwona\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10 <==== UWAGA
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10
    SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3885417275-3763729218-2031599569-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-3885417275-3763729218-2031599569-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-3885417275-3763729218-2031599569-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    Edge HomeButtonPage: HKU\S-1-5-21-3885417275-3763729218-2031599569-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=14...uid=WDCXWD10JPCX-24UE4T0_WD-WX21EA3AEX10AEX10
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2015-12-09 11:39 - 2015-12-11 07:24 - 00000000 ____D C:\ProgramData\1WdM1
    2015-12-09 11:38 - 2015-12-09 11:39 - 00000000 ____D C:\ProgramData\HWdMH
    2014-09-01 09:18 - 2015-12-10 22:25 - 0000365 _____ () C:\Users\Iwona\AppData\Roaming\CEJYRE
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.
    Odinstaluj Chrome zaznaczając usunięcie danych przeglądania za pomocą Geek Uninstaller Free: http://www.geekuninstaller.com/geek.zip
    Najpierw możesz wyeksportować zakładki: https://support.google.com/chrome/answer/96816?hl=pl
    Później zainstaluj: https://www.google.pl/chrome/browser/desktop/

    0
  • #4 11 Gru 2015 11:41
    makota
    Poziom 2  

    Dziękuję pomogło. Czy mogę teraz ADWCleaner odinstalować i usunąć te wszystkie pliki tekstowe?

    0
  • Pomocny post
    #6 11 Gru 2015 11:49
    Kolobos
    Spec od komputerów

    Tak, mozesz odinstalowac i usunac pozostalosci.

    1
  • #7 12 Sie 2016 20:51
    makota
    Poziom 2  

    Dziękuję, pomogło.
    Yoursites123 - jak się pozbyć?

    0