Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Yoursites proszę o usunięcie

kochanek90 08 Sty 2016 18:21 531 5
  • CControls
  • #2 08 Sty 2016 19:30
    krzychupar
    Poziom 40  

    Uaktualnij Jave
    Przeskanuj komputer https://toolslib.net/downloads/viewdownload/1-adwcleaner/ (Skanuj - Usuń)
    Odinstaluj

    AION Free-to-Play
    Akamai NetSession Interface
    Pando Media Booster
    PennyBeeUpdate
    WinZipper

    Otwórz notatnik systemowy i wklej:
    Task: {0791CAD3-001B-435C-8BF8-DBFB35089E43} - \DealPly -> Brak pliku <==== UWAGA
    Task: {4931EE5C-88C0-4057-89F3-CCA1C4D46F34} - \Browser Updater\Browser Updater -> Brak pliku <==== UWAGA
    Task: {AC523B4D-48FB-4CE9-9764-B2D82E5EC98C} - \SystemSockets\SystemSockets -> Brak pliku <==== UWAGA
    Task: {BACB003B-BF55-47BC-9232-DBCA4D87819D} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WHomepageShield.exe <==== UWAGA
    Task: {D361E220-ABE3-4280-AAF5-4881D996B521} - \VisualBeeRecovery -> Brak pliku <==== UWAGA
    Task: {FE6AF848-FAD1-481B-8B6F-E9443AE7950A} - \Desk 365 RunAsStdUser -> Brak pliku <==== UWAGA
    ShortcutWithArgument: C:\Users\Saturn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    ShortcutWithArgument: C:\Users\Saturn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    (tsvr.com) C:\Users\Saturn\AppData\Roaming\TSv\TSvr.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
    (TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
    (Akamai Technologies, Inc.) C:\Users\Saturn\AppData\Local\Akamai\netsession_win.exe




    (Akamai Technologies, Inc.) C:\Users\Saturn\AppData\Local\Akamai\netsession_win.exe
    (TU-Funs LIMITED) C:\ProgramData\1WdM1\WdMan.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Saturn\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: E - E:\setup.bmp
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: F - F:\_AUTORUN\AUTORUN.EXE
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: G - G:\setup.bmp
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: H - H:\Autorun.exe
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: I - I:\RunGame.exe
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: {a376958f-87a3-11e5-a921-eaf9c5a03a1b} - F:\Setup.exe
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\MountPoints2: {a3769748-87a3-11e5-a921-eaf9c5a03a1b} - E:\setup.exe
    ShellIconOverlayIdentifiers: [0_sxBZOverlayIcon] -> {6457FB0A-5C02-4393-909C-2139A5D5571F} => Brak pliku
    ShellIconOverlayIdentifiers: [0_sxConfidentialOIcon] -> {871FE18B-B68D-4437-BC76-6634996CDB97} => Brak pliku
    ShellIconOverlayIdentifiers: [0_sxForbiddenOIcon] -> {1F03249C-6AB2-4E31-8C10-86F7E31E3B4E} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => Brak pliku
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1431...D5000BEVT-75A0RT0_WD-WXE1A70E8282E8282&q={searchTerms}
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1431...D5000BEVT-75A0RT0_WD-WXE1A70E8282E8282&q={searchTerms}
    URLSearchHook: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 - (Brak nazwy) - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - Brak pliku
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...D5000BEVT-75A0RT0_WD-WXE1A70E8282E8282&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...D5000BEVT-75A0RT0_WD-WXE1A70E8282E8282&q={searchTerms}
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...D5000BEVT-75A0RT0_WD-WXE1A70E8282E8282&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw={searchTerms}&tbid=60438
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=14...D5000BEVT-75A0RT0_WD-WXE1A70E8282E8282&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://search.certified-toolbar.com?si=43251&...18248-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1391269
    SearchScopes: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> {F3FCDABF-63B3-4751-A93A-31D55A550C7D} URL = hxxp://search.certified-toolbar.com?si=43251&...18248-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
    BHO: BufferZone Web Privacy Manager -> {311BA51F-64F2-439D-9A4A-772373D77312} -> Brak pliku
    Toolbar: HKLM - Brak nazwy - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - Brak pliku
    Toolbar: HKLM-x32 - Brak nazwy - {5a089bcd-c7f1-4064-8702-f58d8bd5d61f} - Brak pliku
    Toolbar: HKLM-x32 - Brak nazwy - {98889811-442D-49dd-99D7-DC866BE87DBC} - Brak pliku
    Toolbar: HKLM-x32 - HomeTab - {036451d5-97b6-4882-a0cb-0f3b6de4df8d} - Brak pliku
    Toolbar: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku
    Toolbar: HKU\S-1-5-21-3616690994-2771968203-2831934069-1000 -> Brak nazwy - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Brak pliku
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin HKU\S-1-5-21-3616690994-2771968203-2831934069-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku]
    FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nie znaleziono
    FF HKU\S-1-5-21-3616690994-2771968203-2831934069-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension => nie znaleziono
    CHR HKLM-x32\...\Chrome\Extension: [hfikdpojhgckaejifppccjeedkjcndpp] - C:\Users\Saturn\AppData\Roaming\BabSolution\CR\hola.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [jlceijfdfeghdhmmbhbcffanmcggoojf] - hxxps://clients2.google.com/service/update2/crx
    OPR Session Restore: -> [funkcja włączona]
    StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.yoursites123.com/?type=sc&ts=1...d=WDCXWD5000BEVT-75A0RT0_WD-WXE1A70E8282E8282
    R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [158400 2016-01-08] (TODO: <公司名>)
    R2 WdMan; C:\ProgramData\1WdM1\WdMan.exe [326656 2016-01-08] (TU-Funs LIMITED) [Brak podpisu cyfrowego]
    R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [711344 2016-01-05] (Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA
    U3 mfeavfk01; Brak ImagePath
    S2 PavProc; C:\Windows\SysWOW64\DRIVERS\PavProc.sys [163856 2004-01-08] (Panda Software) [Brak podpisu cyfrowego]
    S1 ShldDrv; C:\Windows\SysWow64\Drivers\ShldDrv.sys [25248 2004-10-05] (Panda Software) [Brak podpisu cyfrowego]
    S3 dump_wmimmc; \??\C:\AeriaGames\WolfTeam-PL\GameGuard\dump_wmimmc.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 hamachi; system32\DRIVERS\hamachi.sys [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    S3 PCAMPR4; \??\C:\Windows\system32\PCAMPR4.SYS [X]
    S3 PCANDIS4; \??\C:\Windows\system32\PCANDIS4.SYS [X]
    U5 viadsk; C:\Windows\SysWOW64\Drivers\viadsk.sys [50208 2002-03-04] (VIA Technologies, Inc.)
    S1 VIAPFD; \SystemRoot\System32\Drivers\VIAPFD.SYS [X]
    2016-01-08 10:34 - 2016-01-08 17:55 - 00000000 ____D C:\Program Files (x86)\WinZipper
    2016-01-08 10:34 - 2016-01-08 10:34 - 00000000 ____D C:\Users\Saturn\AppData\Roaming\WinZipper
    2016-01-08 10:34 - 2016-01-08 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
    2016-01-08 10:33 - 2016-01-08 10:33 - 00000000 ____D C:\Users\Saturn\AppData\Roaming\TSv
    2016-01-08 10:31 - 2016-01-08 10:32 - 00000000 ____D C:\ProgramData\1WdM1
    2015-12-09 08:22 - 2016-01-08 17:54 - 00000000 ____D C:\Program Files (x86)\SFK
    2015-12-09 08:22 - 2015-12-09 08:23 - 00000000 ____D C:\ProgramData\UWdMU
    2015-12-09 08:20 - 2015-12-09 08:21 - 00000000 ____D C:\ProgramData\MWdMM
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • #3 08 Sty 2016 19:58
    kochanek90
    Poziom 4  

    A co jest nie tak z Aion free to play ?

    0
  • #4 08 Sty 2016 20:14
    krzychupar
    Poziom 40  

    W logu Addition.txt jest coś takiego
    Aion (HKLM-x32\...\{B9291CA2-6FA5-44EA-8EE0-923EB32ADAAB}) (Version: 4.0.0.3 - NC Interactive, LLC)
    AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
    AIONČŐÓﲹ¶ˇ °ć±ľ Ver 2.7 (HKLM-x32\...\{2F50D727-A55F-4EFD-875C-C57A4680E787}_is1) (Version: Ver 2.7 - AION) <==== UWAGA
    i tam gdzie jest Uwaga trzeba usunąć.

    0
  • #5 08 Sty 2016 20:20
    Acorus 20
    Spec od komputerów

    Z takimi znakami tego nie usuniesz.

    0
  • #6 08 Sty 2016 20:23
    kochanek90
    Poziom 4  

    rozumiem ze coś tam się zawirusowało ? , bo za dużo takie rzeczy mi nie mówią. W takim razie uczynię wszystko według instrukcji dziękuje gorąco za pomoc i ratunek :)

    0