logo elektroda
logo elektroda
X
logo elektroda
Szukanie Zaawansowane
logo elektroda
REKLAMA
REKLAMA
Adblock/uBlockOrigin/AdGuard mogą powodować znikanie niektórych postów z powodu nowej reguły.

"Your Sites 123" - logi z FRST.

Doppell 11 Gru 2015 16:56 1038 4
REKLAMA
Zgłoś naruszenie prawa
| Nowy temat
  • #1 15231137
    Doppell
    Poziom 2  
    Posty: 2
    Witam, prosił bym o pomoc w, jak widzę, popularnym problemie.
    Załączniki:
    • FRST.txt (75.3 KB) Musisz być zalogowany, aby pobrać ten załącznik.
    • Addition.txt (60.88 KB) Musisz być zalogowany, aby pobrać ten załącznik.
  • REKLAMA
  • Pomocny post
    #2 15231188
    safbot1st
    Poziom 43  
    Posty: 21951
    Pomógł: 2719
    Ocena: 1583
    Poniżej fixlist.txt:

    type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    FF SearchPlugin: C:\Users\Ema\AppData\Roaming\Mozilla\Firefox\Profiles\94h9jxgg.default\searchplugins\yoursites123.xml [2015-12-11]
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&
    HKU\S-1-5-21-3071399823-3442724056-3598867526-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKU\S-1-5-21-3071399823-3442724056-3598867526-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-3071399823-3442724056-3598867526-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&
    SearchScopes: HKU\S-1-5-21-3071399823-3442724056-3598867526-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Edge HomeButtonPage: HKU\S-1-5-21-3071399823-3442724056-3598867526-1001 -> hxxp://www.yoursites123.com/?
    FF DefaultSearchEngine: yoursites123
    FF SelectedSearchEngine: yoursites123
    FF Homepage: hxxp://www.yoursites123.com/?
    FF SearchPlugin: C:\Users\Ema\AppData\Roaming\Mozilla\Firefox\Profiles\94h9jxgg.default\searchplugins\yoursites123.xml [2015-12-11]
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?
    CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    CHR StartupUrls: Default -> "hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270"
    CHR DefaultSearchURL: Default -> hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&
    CHR DefaultSearchKeyword: Default -> yoursites123
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.yoursites123.com/?
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pocket (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Postman (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION

    EmptyTemp:
  • REKLAMA
  • Pomocny post
    #3 15231189
    Acorus 20
    Poziom 43  
    Posty: 10541
    Pomógł: 3247
    Ocena: 1063
    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {0F4430F9-C349-4E5B-8CCB-7C893F62E258} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {3F3F0EFA-C3AE-472C-80A6-EB1A6D15C4C5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {4A724795-65E6-44E1-B246-E69E5A0C50A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {6D2E5ED4-EE7B-467E-9616-E921F36BFCEB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {7129AAF2-3533-42C4-8175-898ED6991AA3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {752D34FE-67A3-499E-AC93-FAABB161C4A7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {75CD3692-506A-4141-9C13-E09CA088EDFF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {A703F893-47C4-4E13-B656-24E9C515E813} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {AACC5323-5591-45DD-8C0D-3E2C1E399CFE} - System32\Tasks\{96D02A5D-B026-4A3C-9712-2ED1A476790E} => pcalua.exe -a "C:\Program Files (x86)\ShopperPro\SPremove.exe" <==== ATTENTION
    Task: {B40260C6-A0A1-449C-94EF-BBFC88FB8E8D} - System32\Tasks\{9D33CC4F-0FB8-44B6-9358-CC6246FC99D4} => pcalua.exe -a "C:\Program Files (x86)\SensePlus\Uninstall.exe" -c /fcp=1
    Task: {C0B07AF9-3DAF-4348-8CE3-9CE50ACC7F56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {CF0EAC58-902B-4CE4-B049-3E20C6B5D251} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {F8D2874F-2531-4047-9409-5DAB9F75376B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pocket (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Postman (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\Users\Ema\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270 <==== ATTENTION
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    HKU\S-1-5-21-3071399823-3442724056-3598867526-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    HKU\S-1-5-21-3071399823-3442724056-3598867526-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKU\S-1-5-21-3071399823-3442724056-3598867526-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3071399823-3442724056-3598867526-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Edge HomeButtonPage: HKU\S-1-5-21-3071399823-3442724056-3598867526-1001 -> hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    FF DefaultSearchEngine: yoursites123
    FF SelectedSearchEngine: yoursites123
    FF Homepage: hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    FF SearchPlugin: C:\Users\Ema\AppData\Roaming\Mozilla\Firefox\Profiles\94h9jxgg.default\searchplugins\yoursites123.xml [2015-12-11]
    StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    CHR StartupUrls: Default -> "hxxp://www.yoursites123.com/?type=hp&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270"
    CHR DefaultSearchURL: Default -> hxxp://www.yoursites123.com/web/?type=ds&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> yoursites123
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.yoursites123.com/?type=sc&ts=1449846375&z=e74c11b3e4f8d8d42591367g3z8zetfb7zcqbcem1c&from=ient07021&uid=SAMSUNGXSSDX830XSeries_S0VYNEAC402270
    R2 WdMan; C:\ProgramData\pWdMp\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [File not signed]
    S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
    S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
    S3 MBfilt; \SystemRoot\system32\drivers\MBfilt64.sys [X]
    S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2015-12-11 16:20 - 2015-12-11 16:21 - 00000000 ____D C:\AdwCleaner
    2015-12-11 16:13 - 2015-12-11 16:13 - 00003258 _____ C:\WINDOWS\System32\Tasks\{9D33CC4F-0FB8-44B6-9358-CC6246FC99D4}
    2015-12-11 16:12 - 2015-12-11 16:12 - 00003252 _____ C:\WINDOWS\System32\Tasks\{2BEB2125-EE44-4D76-884A-8B8B8FB320F4}
    2015-12-11 16:07 - 2015-12-11 16:08 - 00000000 ____D C:\ProgramData\pWdMp
    C:\Windows\SysWOW64\pl4.exe
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
  • REKLAMA
  • #4 15231259
    Doppell
    Poziom 2  
    Posty: 2
    Dziękuje Wam bardzo all clear :)
  • #5 15231265
    swiercm
    Moderator na urlopie...
    Posty: 18308
    Pomógł: 1216
    Ocena: 550
    Usuń folder C:\FRST i to wszystko.
    Zamykam temat.
    "Your Sites 123" - logi z FRST.
| Nowy temat
Zgłoś naruszenie prawa
REKLAMA