Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

yoursites123 - jak odninstlować?

baser 13 Gru 2015 16:03 546 2
  • CControls
  • Pomocny post
    #2 13 Gru 2015 16:31
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    ShortcutWithArgument: C:\Documents and Settings\PIOTR\Pulpit\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477 <==== UWAGA
    ShortcutWithArgument: C:\Documents and Settings\PIOTR\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477 <==== UWAGA
    ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477 <==== UWAGA
    ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477 <==== UWAGA
    ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477 <==== UWAGA
    SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}




    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1343024091-1060284298-1801674531-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.v9.com/web/?q={searchTerms}
    BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> E:\ALLPlayer\Iplex\IplexToALLPlayer.dll [2013-11-01] (ALLCinema Ltd.)
    Toolbar: HKU\S-1-5-21-1343024091-1060284298-1801674531-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} - Brak plikutartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477
    CHR HKU\S-1-5-21-1343024091-1060284298-1801674531-1003\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1...21&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477
    CHR StartupUrls: Default -> "hxxp://www.yoursites123.com/?type=hp&ts=1449647026&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07021&uid=WDCXWD800BB-00FJA0_WD-WCAJ93131477"
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\ppGoogleNaClPluginChrome.dll => Brak pliku
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\pdf.dll => Brak pliku
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\47.0.2526.80\gcswf32.dll => Brak pliku
    CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll => Brak pliku
    CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\PIOTR\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll => Brak pliku
    CHR Plugin: (Google Update) - C:\Documents and Settings\PIOTR\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Brak pliku
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll => Brak plik
    HR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - <Brak Path\update_url>
    S3 Ambfilt; system32\drivers\Ambfilt.sys [X]
    S4 AVGIDSDriver; system32\DRIVERS\AVGIDSDriver.Sys [X]
    S4 AVGIDSEH; system32\DRIVERS\AVGIDSEH.Sys [X]
    S4 AVGIDSFilter; system32\DRIVERS\AVGIDSFilter.Sys [X]
    S4 AVGIDSShim; system32\DRIVERS\AVGIDSShim.Sys [X]
    S4 Avgrkx86; system32\DRIVERS\avgrkx86.sys [X]
    S4 Avgtdix; system32\DRIVERS\avgtdix.sys [X]
    S4 IntelIde; Brak ImagePath
    S3 Monfilt; system32\drivers\Monfilt.sys [X]
    S3 xcpip; \SystemRoot\system32\drivers\xcpip.sys [X]
    S3 xpsec; \SystemRoot\system32\drivers\xpsec.sys [X]
    NETSVC: dnyzkbeoq -> Brak ścieżki do pliku.
    2015-12-13 15:23 - 2015-12-13 15:32 - 00000000 ___DC C:\AdwCleaner
    2015-12-09 08:45 - 2015-12-09 08:45 - 00000001 _____ C:\WINDOWS\system32\pl.html


    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • #3 13 Gru 2015 17:24
    Kolobos
    Spec od komputerów

    @baser wlacz avast i aktualizuj.

    Usun pozostalosci po avg: http://www.avg.com/pl-pl/utilities

    Do fixlist.txt dodaj jeszcze:
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16427700.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35908655.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\6to4 => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16427700.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35908655.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
    (© 2015 Microsoft Corporation) C:\Documents and Settings\PIOTR\Ustawienia lokalne\Dane aplikacji\Microsoft\BingSvc\BingSvc.exe
    Winlogon\Notify\mdhcp32: mdhcp32.dll [X]
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1003\...\Run: [BingSvc] => C:\Documents and Settings\PIOTR\Ustawienia lokalne\Dane aplikacji\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1003\...\MountPoints2: {14889358-a401-11e4-b579-001966db0e4a} - D:\InstallTomTomHOME.exe
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1003\...\MountPoints2: {bdfcabd7-1134-11e1-b098-001966db0e4a} - J:\Launcher.exe
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BingSvc] => C:\Documents and Settings\PIOTR\Ustawienia lokalne\Dane aplikacji\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {14889358-a401-11e4-b579-001966db0e4a} - D:\InstallTomTomHOME.exe
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bdfcabd7-1134-11e1-b098-001966db0e4a} - J:\Launcher.exe
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b3b0101d-c3a9-11e1-8f69-001966db0e4a} - J:\iStudio.exe
    HKU\S-1-5-21-1343024091-1060284298-1801674531-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bdfcabd7-1134-11e1-b098-001966db0e4a} - J:\Launcher.exe
    CHR HKU\S-1-5-21-1343024091-1060284298-1801674531-1003\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - <Brak Path\update_url>
    CHR HKU\S-1-5-21-1343024091-1060284298-1801674531-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1343024091-1060284298-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    2015-12-09 08:43 - 2015-12-09 08:44 - 00000000 ___DC C:\Documents and Settings\All Users\Dane aplikacji\nWdMn

    Po wykonaniu wszystkie zamiesc nowe logi z FRST, ze skanowania.

    0