Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Yoursites123 - usunięcie - logi.

Płetwal 12 Gru 2015 00:35 627 1
  • Pomocny post
    #2 12 Gru 2015 00:40
    Kolobos
    Spec od komputerów

    @Płetwal

    Fixlist.txt dla FRST:
    Task: {08BED1FB-2936-4B90-80DF-92A845677775} - System32\Tasks\{478D32C3-2A91-44A6-907D-E5E13137E113} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.59.105/pl/abandoninstall?page=tsProgressBar
    Task: {0DAC936B-B2F6-4D7F-915F-03B6F7143936} - System32\Tasks\{E5020AC7-F659-4E9E-AE93-FC4EC76DD05E} => pcalua.exe -a K:\SETUP.EXE -d K:\
    Task: {20EB100C-6238-47AF-B8EF-1E4339F731DD} - System32\Tasks\{C4EAB097-04F0-489C-8376-553497D58939} => msiexec.exe /package "D:\RagnarokOnline2-Installer.msi"
    Task: {38EB3F83-A2E8-4A1D-879B-64D53D7666D2} - System32\Tasks\{8F4D3AD2-1DDB-4C2E-B60B-FD740A1FA26E} => pcalua.exe -a K:\Crack.exe -d K:\
    Task: {3A8CE408-000A-4768-9193-1F3589241E08} - System32\Tasks\{2871D254-A6BE-4BED-8607-863D9E54257E} => pcalua.exe -a K:\install.exe -d K:\
    Task: {3AABA134-F972-49B4-A423-2F1CFE803797} - System32\Tasks\{C2D92D6D-3576-4D9C-A316-8B4C67F8C12F} => pcalua.exe -a C:\Users\Sebek\Desktop\TagesSetup.exe -d C:\Users\Sebek\Desktop
    Task: {653CAE0D-1F8D-4F06-8081-FC40875A6C7F} - System32\Tasks\{ECD0EF16-675F-45E4-A766-7A4B65421ED1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.59.105/pl/abandoninstall?page=tsProgressBar
    Task: {685AF029-ACB0-4657-9C14-45FE2092F128} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3286288624-1668114474-4293564591-1001UA => C:\Users\Sebek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-21] (Facebook Inc.)
    Task: {7B8EF47E-AD95-4E4E-94C0-129A3E0AB746} - System32\Tasks\{00526E55-8F01-49F8-8597-71CE8E46D14E} => pcalua.exe -a C:\Users\Sebek\Desktop\TWEE_Upgrade.exe -d C:\Users\Sebek\Desktop
    Task: {A99C6079-768D-411E-AFCE-A54F8AA0F30B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3286288624-1668114474-4293564591-1001Core => C:\Users\Sebek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-21] (Facebook Inc.)
    Task: {A9D19953-78E6-43CB-B830-CAACBE7CC49B} - System32\Tasks\{5A8A23EC-6967-456E-A94B-7C5E3DA9D7D1} => pcalua.exe -a K:\Redist\vcredist_x86.exe -d K:\Redist
    Task: {BC4171FA-64D0-4913-B3C1-0711B416FEAD} - System32\Tasks\{8E996195-7842-414A-B8C4-90D5F992130E} => pcalua.exe -a C:\Users\Sebek\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor
    ShortcutWithArgument: C:\Users\Sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2 <==== UWAGA




    ShortcutWithArgument: C:\Users\Sebek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2 <==== UWAGA
    ShortcutWithArgument: C:\Users\Sebek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2 <==== UWAGA
    ShortcutWithArgument: C:\Users\Sebek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2 <==== UWAGA
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2 <==== UWAGA
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2 <==== UWAGA
    (© 2015 Microsoft Corporation) C:\Users\Sebek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
    HKU\S-1-5-21-3286288624-1668114474-4293564591-1001\...\Run: [BingSvc] => C:\Users\Sebek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-3286288624-1668114474-4293564591-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...m=ient07021&uid=395049983_266035_0468F1B2
    HKU\S-1-5-21-3286288624-1668114474-4293564591-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...m=ient07021&uid=395049983_266035_0468F1B2
    HKU\S-1-5-21-3286288624-1668114474-4293564591-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...7021&uid=395049983_266035_0468F1B2&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3286288624-1668114474-4293564591-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
    StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1...m=ient07021&uid=395049983_266035_0468F1B2
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-12-11] ()
    S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
    S3 catchme; \??\C:\Users\Sebek\AppData\Local\Temp\catchme.sys [X]
    S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
    R4 IOMap; \??\C:\Windows\system32\drivers\IOMap.sys [X]
    S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2015-12-12 00:23 - 2015-12-12 00:23 - 00000000 ____D C:\AdwCleaner
    2015-12-12 00:18 - 2015-12-12 00:18 - 00000832 _____ C:\DelFix.txt
    2015-12-11 23:42 - 2015-12-11 23:42 - 00000001 _____ C:\Windows\system32\pl.html
    2015-12-11 22:15 - 2015-12-11 22:15 - 00019984 _____ C:\Windows\system32\Drivers\EsgScanner.sys
    EmptyTemp:

    0