kkminik utworzono 10 grudnia 2015 utworzono 10 grudnia 2015 Witam, proszę o pomoc w pozbyciu się tego szkodnika.
Twój_Anioł_Stróż komentarz 10 grudnia 2015 komentarz 10 grudnia 2015 Otwórz Notatnik i wklej w nim: Task: {02393948-51CA-4FAA-B101-176CF5781C7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {38A790A4-38E8-4A71-A658-A7B994A65331} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {4A031546-73E1-44A3-A59D-01F489B096BA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {54F55F08-DDA2-45A8-9A27-A49CBE231C6A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {7470079E-E1AE-4198-A5B5-9E1AACD1CCD3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {76E257B7-C4EC-4399-ACBA-452DE7AF9424} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {77CFDDAA-3991-440D-ADF5-40BC57B86BC5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {849AFCF5-E697-42D6-AA94-28526A965411} - System32\Tasks\WordFly Auto Updater 1.10.0.28 Core => C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe <==== UWAGA C:\Program Files (x86)\WordFly_1.10.0.28 Task: {99A5288B-69FF-4F07-866F-8F43B2E43623} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {9CABAB22-08F3-425A-B31F-CA098F2670DA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {A3CF0293-7C85-4518-9855-9A82EEDC63B9} - System32\Tasks\WordFly Auto Updater 1.10.0.28 Pending Update => C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe <==== UWAGA Task: {A7A852E0-B7BE-47C7-AFEF-D489E0EAD49B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {EBA11185-8992-4B45-9E00-1B48C3113CEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA ShortcutWithArgument: C:\Users\domin_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 <==== UWAGA ShortcutWithArgument: C:\Users\domin_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 <==== UWAGA ShortcutWithArgument: C:\Users\domin_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 <==== UWAGA ShortcutWithArgument: C:\Users\domin_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 <==== UWAGA HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\Software\Classes\.exe: exefile => <===== UWAGA HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\Software\Classes\exefile: <===== UWAGA C:\ProgramData\vWdMv GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421980649&from=cor&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421980649&from=cor&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 HKU\S-1-5-21-3858923792-2453452952-1913043579-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421980649&from=cor&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1421980649&from=cor&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKU\S-1-5-21-3858923792-2453452952-1913043579-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKU\S-1-5-21-3858923792-2453452952-1913043579-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3858923792-2453452952-1913043579-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543&q={searchTerms} SearchScopes: HKU\S-1-5-21-3858923792-2453452952-1913043579-1002 -> {DC944FD1-ACCB-4C8E-80F3-D13242CD8BC4} URL = BHO: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku BHO-x32: Brak nazwy -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Brak pliku BHO-x32: Brak nazwy -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Brak pliku BHO-x32: Brak nazwy -> {dc727a8c-7582-483c-a1c2-2b885f099bb5} -> Brak pliku StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1448322348&z=eecb8926bcff9b5e0281c8fg1zbzeb1cco5o4e8c0e&from=cornl&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 Edge HomeButtonPage: HKU\S-1-5-21-3858923792-2453452952-1913043579-1002 -> hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 CHR StartupUrls: Default -> "hxxp://www.yoursites123.com/?type=hp&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543" StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1449729763&z=6cff796d34e9c4a7dc38da7g2z1zdt4mfo7t6m7q3o&from=ient07021&uid=ST1000LM024XHN-M101MBB_S31QJ9AF606543 R2 WdMan; C:\ProgramData\vWdMv\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego] R1 wfdrvr_vw_1_10_0_28; C:\Windows\System32\drivers\wfdrvr_vw_1_10_0_28.sys [57712 2015-10-30] (WF) S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] 2015-12-10 07:43 - 2015-12-10 07:44 - 00000000 ____D C:\ProgramData\vWdMv 2015-12-10 07:42 - 2015-12-10 07:43 - 00000000 ____D C:\ProgramData\iWdMi 2015-11-24 00:46 - 2015-12-10 07:43 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-11-24 00:46 - 2015-12-10 07:42 - 00000000 ____D C:\ProgramData\aWMiniProa EmptyTemp: Plik zapisz pod nazwą [b]fixlist.txt[/b] i umieść obok FRST.exe Uruchom [b]FRST[/b] i kliknij przycisk [b]Fix[/b] (NAPRAW). ---------------------- Jeśli będzie OK, to będziemy kończyć: Otwórz Notatnik i wklej w nim: DeleteQuarantine: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix (NAPRAW). przez SHIFT+DEL usuń pozostały folder C:\FRST. Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie. . 1
Sadysta komentarz 10 grudnia 2015 komentarz 10 grudnia 2015 Spróbuj zrobić to co na filmiku. https://www.youtube.com/watch?v=yjPvJXunIw8
kkminik komentarz 10 grudnia 2015 Autor komentarz 10 grudnia 2015 Wielkie dzięki za pomoc. Wszystko już elegancko działa ^_^
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.