x-kom hosting

Yoursites123-ponownie. Prośba o pomoc.

michaszs
utworzono
utworzono

Witam!

I ja potrzebuję pomocy z tym ustrojstwem.

Wrzucam logi z FRST

 

Twój_Anioł_Stróż
komentarz
komentarz (edytowane)

1) Odinstaluj niepotrzebny do niczego Akamai NetSession Interface

 

2) Otwórz Notatnik i wklej w nim:

Task: {25A66B77-77FE-42A4-9DA1-7EF729D4AD8C} - System32\Tasks\{3931BC8C-B95A-4734-864F-57D3807326B9} => pcalua.exe -a C:\Users\Michal\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=cor
Task: {E9906A01-FE86-482C-A515-AFF307AB7F17} - System32\Tasks\{E9FD4ACF-0615-4CE5-9431-33B7E9F9B2EA} => pcalua.exe -a "C:\Users\Michal\Downloads\cagt26ww (1).exe" -d C:\Users\Michal\Downloads
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5 <==== UWAGA
FirewallRules: [TCP Query User{2DF33DD6-7208-442F-AD13-B4597A65DD89}C:\users\michal\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\michal\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EA2D847C-3440-41BD-A597-2DF9734902D0}C:\users\michal\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\michal\appdata\local\akamai\netsession_win.exe
C:\users\michal\appdata\local\akamai\netsession_win.exe
C:\Users\Michal\AppData\Roaming\TSv
C:\Program Files (x86)\SFK
C:\ProgramData\XWdMX
HKU\S-1-5-21-4085159836-2530663976-2962773616-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4085159836-2530663976-2962773616-1000\...\Policies\Explorer: []
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
HKU\S-1-5-21-4085159836-2530663976-2962773616-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4085159836-2530663976-2962773616-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4085159836-2530663976-2962773616-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449644864&z=fefed36ce8ac79f289c3b8bgbz6zftfqbz1zeb9qdw&from=ient07021&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1448111648&z=f1a6fc0af6b74fa3c8e7270gfz3z5beg2gcg9c7w9e&from=cor&uid=ST1000LM014-SSHD-8GB_W381D7Q5XXXXW381D7Q5
R2 IhPul; C:\Users\Michal\AppData\Roaming\TSv\TSvr.exe [580752 2015-12-08] (tsvr.com)
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [170144 2015-11-27] (TODO: <公司名>)
R2 WdMan; C:\ProgramData\XWdMX\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
S1 tcfd_vt_1_10_0_21; system32\drivers\tcfd_vt_1_10_0_21.sys [X]
S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]
C:\Users\Michal\AppData\Roaming\eCyber
C:\ProgramData\BWdMB
2015-11-21 14:14 - 2015-12-09 08:07 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-21 14:14 - 2015-12-09 08:07 - 00000000 ____D C:\ProgramData\DWMiniProD
2015-11-21 14:14 - 2015-11-21 14:18 - 00000000 ____D C:\Users\Michal\AppData\Roaming\istartsurf
EmptyTemp:

Plik zapisz pod nazwą [b]fixlist.txt[/b] i umieść obok FRST.exe
Uruchom [b]FRST[/b] i kliknij przycisk [b]Fix[/b] (NAPRAW).


----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix (NAPRAW).
przez SHIFT+DEL usuń pozostały folder C:\FRST.


Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie.
.
 
michaszs
komentarz
komentarz

Serdecznie dziękuję! Pomogło bez konieczności reinstalacji przeglądarki!

Dziękuję!

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.