Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Jak usunąć yoursites123? Oczywiście logi z FRST.

meg20 17 Gru 2015 12:15 813 10
  • CControls
  • Pomocny post
    #2 17 Gru 2015 12:25
    Kolobos
    Spec od komputerów

    Wystarczy napisac raz.

    0
  • #3 17 Gru 2015 12:31
    meg20
    Poziom 4  

    Umie mi Pan pomóc to usunąć??

    0
  • #4 17 Gru 2015 13:48
    Kolobos
    Spec od komputerów

    Tak.

    Odinstaluj: Bundled software uninstaller

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {A5889F87-9A42-42EA-9E5C-0220AB12F487} - System32\Tasks\{D09DC255-3606-4CCE-AA09-D6EB08D62901} => pcalua.exe -a "C:\Users\lenovo\AppData\Local\Temp\Temp1_Microsoft Office 2007 PL.zip\Microsoft Office 2007 PL\office 2007\setup.exe"
    Task: {D4CD77AA-4041-4848-860E-AF12A9F16107} - System32\Tasks\FoxTab => C:\Users\lenovo\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    Task: {EABCD8CD-8E68-423A-B966-803ACE9D4237} - System32\Tasks\{2342D5C9-F41E-4B4E-B7F9-5BB1D01E5049} => pcalua.exe -a C:\Users\lenovo\Downloads\IN3BTH01WW3.exe -d C:\Users\lenovo\Downloads
    Task: C:\windows\Tasks\FoxTab.job => C:\Users\lenovo\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== UWAGA
    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123




    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    (tsvr.com) C:\Users\lenovo\AppData\Roaming\TSv\TSvr.exe
    (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
    (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\...\MountPoints2: F - F:\LGAutoRun.exe
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\...\MountPoints2: {597c8ee3-d584-11e4-95ca-88ae1dc7326f} - F:\LG_PC_Programs.exe
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\...\MountPoints2: {9210f5a5-e694-11e3-8a03-88ae1dc7326f} - F:\LGAutoRun.exe
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\...\MountPoints2: {a5571ee8-faee-11e4-b7ac-88ae1dc7326f} - G:\LGAutoRun.exe
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&...D5000BPVT-24HXZT1_WD-WXD1A610512305123&q={searchTerms}
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    HKU\S-1-5-21-2540983155-1998031683-1858803785-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&...D5000BPVT-24HXZT1_WD-WXD1A610512305123&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...123&ts=1383912382&type=default&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=...123&ts=1383912382&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2540983155-1998031683-1858803785-1003 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...D5000BPVT-24HXZT1_WD-WXD1A610512305123&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2540983155-1998031683-1858803785-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2540983155-1998031683-1858803785-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&...D5000BPVT-24HXZT1_WD-WXD1A610512305123&q={searchTerms}
    BHO-x32: Brak nazwy -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Brak pliku
    Toolbar: HKU\S-1-5-21-2540983155-1998031683-1858803785-1003 -> Brak nazwy - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Brak pliku
    Toolbar: HKU\S-1-5-21-2540983155-1998031683-1858803785-1003 -> Brak nazwy - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Brak pliku
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&u...4HXZT1_WD-WXD1A610512305123&ts=1383912382
    FF NewTab: chrome://quick_start/content/index.html
    FF DefaultSearchEngine: yoursites123
    FF SelectedSearchEngine: yoursites123
    FF Homepage: hxxp://home.tb.ask.com/index.jhtml?n=781c4af2&ptnrS=XPchr000
    FF SearchPlugin: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\nq4f7e86.default\searchplugins\yoursites123.xml [2015-12-17]
    FF Extension: YahooToolsProtected - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\nq4f7e86.default\extensions\yahooprotected@gmail.com [2015-12-01] [Brak podpisu cyfrowego]
    FF Extension: Default NewTab - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\nq4f7e86.default\extensions\default_newtabff@gmail.com [2015-12-09] [Brak podpisu cyfrowego]
    FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\nq4f7e86.default\extensions\deskCutv2@gmail.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\nq4f7e86.default\extensions\yahooprotected@gmail.com
    FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\nq4f7e86.default\extensions\default_newtabff@gmail.com
    StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BPVT-24HXZT1_WD-WXD1A610512305123
    CHR Extension: (lucky leap) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj [2013-11-23] [UpdateUrl: hxxp://wac.edgecastcdn.net/800952/692f16fd-3872-4c30-8d09-8939101bef86-www/update/chrome] <==== UWAGA
    R2 IhPul; C:\Users\lenovo\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
    R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: <公司名>)
    S2 Update Mega Browse; "C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe" [X] <==== UWAGA
    R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-20] (StdLib)
    U2 IviRegMgr; Brak ImagePath
    U3 RichVideo; Brak ImagePath
    S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]
    2015-12-17 12:05 - 2015-12-17 12:05 - 00000000 ____D C:\Users\lenovo\Downloads\FRST-OlderVersion
    2015-12-09 16:28 - 2015-12-09 16:28 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\eCyber
    2015-12-09 11:14 - 2015-12-17 11:52 - 00000000 ____D C:\Program Files (x86)\SFK
    2015-12-09 11:14 - 2015-12-09 11:15 - 00000000 ____D C:\ProgramData\FWdMF
    2015-12-09 11:14 - 2015-12-09 11:14 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\TSv
    2015-12-09 11:13 - 2015-12-09 11:14 - 00000000 ____D C:\ProgramData\eWdMe
    2015-12-01 14:34 - 2015-12-09 11:14 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    2015-12-01 14:34 - 2015-12-09 11:13 - 00000000 ____D C:\ProgramData\XWMiniProX
    2015-12-01 14:33 - 2015-12-01 14:44 - 00000000 ____D C:\Users\lenovo\AppData\Roaming\istartpageing
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST i to wszystko.

    0
  • CControls
  • #5 17 Gru 2015 14:08
    meg20
    Poziom 4  

    A jeśli nie da się odinstalować, bo pojawia się taki napis:
    "theres an internet connection problem. please try later"

    Co wtedy zrobić?

    0
  • #6 17 Gru 2015 14:14
    Kolobos
    Spec od komputerów

    Pominac i wykonac reszte.

    0
  • #9 17 Gru 2015 15:32
    meg20
    Poziom 4  

    Ja używam Mozilli - to też pomoże?

    0
  • #10 17 Gru 2015 15:39
    Acorus 20
    Spec od komputerów

    W pasek adresu wpisz: about:support Kliknij Odśwież program Firefox.

    0
  • #11 17 Gru 2015 16:10
    meg20
    Poziom 4  

    Dziękuję, udało się.
    Jak usunąć yoursites123? Oczywiście logi z FRST.

    0