michaszs utworzono 11 grudnia 2015 utworzono 11 grudnia 2015 Witam! I ja potrzebuję pomocy z tym ustrojstwem. Wrzucam logi z FRST
Twój_Anioł_Stróż komentarz 11 grudnia 2015 komentarz 11 grudnia 2015 (edytowane) 1) Odinstaluj niepotrzebny do niczego Akamai NetSession Interface 2) Otwórz Notatnik i wklej w nim: Task: {25A66B77-77FE-42A4-9DA1-7EF729D4AD8C} - System32\Tasks\{3931BC8C-B95A-4734-864F-57D3807326B9} => pcalua.exe -a C:\Users\Michal\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor Task: {E9906A01-FE86-482C-A515-AFF307AB7F17} - System32\Tasks\{E9FD4ACF-0615-4CE5-9431-33B7E9F9B2EA} => pcalua.exe -a "C:\Users\Michal\Downloads\cagt26ww (1).exe" -d C:\Users\Michal\Downloads ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA FirewallRules: [TCP Query User{2DF33DD6-7208-442F-AD13-B4597A65DD89}C:\users\michal\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\michal\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{EA2D847C-3440-41BD-A597-2DF9734902D0}C:\users\michal\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\michal\appdata\local\akamai\netsession_win.exe C:\users\michal\appdata\local\akamai\netsession_win.exe C:\Users\Michal\AppData\Roaming\TSv C:\Program Files (x86)\SFK C:\ProgramData\XWdMX HKU\S-1-5-21-4085159836-2530663976-2962773616-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-4085159836-2530663976-2962773616-1000\...\Policies\Explorer: [] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} HKU\S-1-5-21-4085159836-2530663976-2962773616-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} SearchScopes: HKU\S-1-5-21-4085159836-2530663976-2962773616-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} SearchScopes: HKU\S-1-5-21-4085159836-2530663976-2962773616-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1448111648&z=f1a6fc0af6b74fa3c8e7270gfz3z5beg2gcg9c7w9e&from=cor&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 R2 IhPul; C:\Users\Michal\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com) R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: <公司名>) R2 WdMan; C:\ProgramData\XWdMX\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego] S1 tcfd_vt_1_10_0_21; system32\drivers\tcfd_vt_1_10_0_21.sys [X] S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X] C:\Users\Michal\AppData\Roaming\eCyber C:\ProgramData\BWdMB 2015-11-21 14:14 - 2015-12-09 08:07 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-11-21 14:14 - 2015-12-09 08:07 - 00000000 ____D C:\ProgramData\DWMiniProD 2015-11-21 14:14 - 2015-11-21 14:18 - 00000000 ____D C:\Users\Michal\AppData\Roaming\istartsurf EmptyTemp: Plik zapisz pod nazwą [b]fixlist.txt[/b] i umieść obok FRST.exe Uruchom [b]FRST[/b] i kliknij przycisk [b]Fix[/b] (NAPRAW). ---------------------- Jeśli będzie OK, to będziemy kończyć: Otwórz Notatnik i wklej w nim: DeleteQuarantine: Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix (NAPRAW). przez SHIFT+DEL usuń pozostały folder C:\FRST. Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie. .
michaszs komentarz 13 grudnia 2015 Autor komentarz 13 grudnia 2015 Serdecznie dziękuję! Pomogło bez konieczności reinstalacji przeglądarki! Dziękuję!
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.