Witam,
znikąd pojawiła mi się przeglądarka yoursites123 na moim komputerze. Odinstalowałem ją w programach, wykonałem scan adwclenearem a następnie skany frst:
FRST:
http://www.wklej.org/id/1873686/
Addition
http://www.wklej.org/id/1873687/
Shortcut
http://www.wklej.org/id/1873689/
Proszę o pomoc w usunięciu tego.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hpts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6T
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=dsts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6Tq={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hpts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6T
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=dsts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6Tq={searchTerms}
HKU\S-1-5-21-931194084-2059701944-2931556234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hpts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6T
HKU\S-1-5-21-931194084-2059701944-2931556234-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hpts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6T
SearchScopes: HKU\S-1-5-21-931194084-2059701944-2931556234-1000 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=dsts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6Tq={searchTerms}
CHR StartupUrls: Default - "hxxp://www.yoursites123.com/?type=hpts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6T"
CHR HKU\S-1-5-21-931194084-2059701944-2931556234-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=scts=1449645293z=88d70d0007a939d795f1a28g9z0z1tdq6z5w3z3mbbfrom=ient07021uid=TOSHIBAXMK2046GSX_48PNC6Z6TXX48PNC6Z6T
2015-12-10 21:58 - 2015-12-10 22:10 - 00000000 ____ D C:\AdwCleaner
2015-12-09 08:15 - 2015-12-09 08:16 - 00000000 ____ D C:\ProgramData\cWdMc
2015-12-09 08:14 - 2015-12-09 08:14 - 00000000 ____ D C:\ProgramData\iWdMi
2015-11-27 23:06 - 2015-11-27 23:06 - 0000000 _____ () C:\Users\PC\AppData\Local\{A269FABA-A350-49B1-B7EB-8090AB26A368}
2015-11-27 23:06 - 2015-11-27 23:06 - 0000000 _____ () C:\Users\PC\AppData\Local\{D0AE980A-7AA8-4452-A14B-9CE820AEEB14}
EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :
CloseProcesses:
R2 WdMan; C:\ProgramData\cWdMc\WdMan.exe -svr [X]
2015-11-15 20:54 - 2015-11-15 20:54 - 00000000 ____ D C:\Users\PC\AppData\Local\DM
2015-11-15 20:53 - 2015-11-15 20:53 - 00584952 _____ C:\Users\PC\Downloads\TinyDM_setup (1).exe
2015-11-15 20:49 - 2015-11-15 20:50 - 00584952 _____ C:\Users\PC\Downloads\TinyDM_setup.exe
2013-09-27 08:33 - 2013-11-09 16:20 - 0000069 _____ () C:\Users\PC\AppData\Roaming\gnuplot_history
C:\ProgramData\cWdMc
C:\ProgramData\iWdMi
EmptyTemp:
Uruchom FRST i kliknij Napraw (Fix). Pokaż raport z usuwania Fixlog.
Skasuj folder C:\FRST
Bardzo dziękuje za pomoc.