Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Yoursites123 - usunięcie - logi.

shaneXXII 14 Gru 2015 09:36 573 1
  • CControls
  • #2 14 Gru 2015 10:09
    Acorus 20
    Spec od komputerów

    Odinstaluj SpyHunter, WebStorage. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
    Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Brak pliku <==== UWAGA
    Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Brak pliku <==== UWAGA
    Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Brak pliku <==== UWAGA
    Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Brak pliku <==== UWAGA
    Task: {BFCE1F4B-44F6-462A-8D90-3D744B90378C} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-12-13] (Enigma Software Group USA, LLC.)
    Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\wprzybysz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS <==== UWAGA
    ShortcutWithArgument: C:\Users\wprzybysz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS <==== UWAGA
    ShortcutWithArgument: C:\Users\wprzybysz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS <==== UWAGA
    ShortcutWithArgument: C:\Users\wprzybysz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS <==== UWAGA




    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS <==== UWAGA
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-371952122-2311419433-1421729925-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...OSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...OSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-371952122-2311419433-1421729925-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...OSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-371952122-2311419433-1421729925-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-371952122-2311419433-1421729925-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...OSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-371952122-2311419433-1421729925-1001 -> {72710081-8C23-468F-A949-E9FBD69A74F2} URL = hxxps://search.yahoo.com/search?fr=chr-greent...mp;ei=utf-8&ilc=12&type=435371&p={searchTerms}
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS
    CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS
    StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1...p;uid=TOSHIBAXMQ01ABD100_64R2S2CZSXX64R2S2CZS
    R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
    S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
    S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
    S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-27] () [Brak podpisu cyfrowego]
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-11] ()
    U0 msahci; system32\drivers\msahci.sys [X]
    2015-12-14 09:31 - 2015-12-14 09:31 - 00000000 ____D C:\Users\wprzybysz\Downloads\FRST-OlderVersion
    2015-12-13 12:32 - 2015-12-13 12:32 - 00003346 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
    2015-12-13 12:32 - 2015-12-13 12:32 - 00002310 _____ C:\Users\wprzybysz\Desktop\SpyHunter.lnk
    2015-12-13 12:32 - 2015-12-13 12:32 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
    2015-12-13 12:32 - 2015-12-13 12:32 - 00000000 ____D C:\Users\wprzybysz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2015-12-13 12:32 - 2015-12-13 12:32 - 00000000 ____D C:\sh4ldr
    2015-12-13 12:32 - 2015-12-13 12:32 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
    2015-12-13 12:31 - 2015-12-13 12:31 - 00000000 ____D C:\Users\wprzybysz\Desktop\SpyHunter 4.1.11.0 + Crack
    2015-12-13 12:26 - 2015-12-13 12:26 - 00002169 _____ C:\Users\wprzybysz\Downloads\SpyHunter_4.1.11.0_+_Crack.torrent
    2015-12-13 12:06 - 2015-12-13 12:06 - 16307386 ____R C:\Users\wprzybysz\Desktop\Spyware Terminator Premium 2015 3.0.0.102 Multilingual + Crack [4realtorrentz].rar
    2015-12-11 10:00 - 2015-12-11 10:00 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
    2015-12-11 10:00 - 2015-12-11 10:00 - 00000000 _____ C:\autoexec.bat
    2015-12-11 09:59 - 2015-12-11 09:59 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\wprzybysz\Downloads\SpyHunter-Installer.exe
    2015-12-11 09:26 - 2015-12-11 14:07 - 00000000 ____D C:\Program Files (x86)\SFK
    2015-12-11 09:26 - 2015-12-11 12:47 - 00000000 ____D C:\Program Files (x86)\Picexa
    2015-12-11 09:26 - 2015-12-11 09:26 - 00000000 ____D C:\Users\wprzybysz\AppData\Roaming\Picexa Viewer
    2015-12-11 09:26 - 2015-12-11 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa
    2015-12-11 09:25 - 2015-12-12 12:07 - 00000000 ____D C:\ProgramData\QWdMQ
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0