Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS Unlocker - jak usunąć? Logi z FRST.

tommy_stopek 23 Wrz 2015 11:42 996 5
  • CControls
  • #2 23 Wrz 2015 11:59
    Domino_2
    Pomocny dla użytkowników

    Na przyszłość załóż nowy temat.

    Odinstaluj DNS Unlocker version 1.4, McAfee Security Scan Plus i pdfforge Toolbar v4.6.

    Cytat:

    CustomCLSID: HKU\S-1-5-21-616458940-2863799773-1279143507-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Polski\acad.exe /Automation Brak pliku
    CustomCLSID: HKU\S-1-5-21-616458940-2863799773-1279143507-1001_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Polski\acad.exe /Automation Brak pliku
    CustomCLSID: HKU\S-1-5-21-616458940-2863799773-1279143507-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Polski\acad.exe /Automation Brak pliku
    CustomCLSID: HKU\S-1-5-21-616458940-2863799773-1279143507-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Polski\acad.exe Brak pliku
    0.0.0.1 mssplus.mcafee.com
    Task: {5B856A25-7EA3-4DEE-AB6B-D36CEB59B7D7} - System32\Tasks\Bidaily Synchronize Task[74c7] => c:\programdata\{d1efdc35-2e0d-ed3d-d1ef-fdc352e070d4}\hqghumeaylnlf.exe [2014-06-14] (Super PC Tools Ltd) <==== UWAGA
    Task: {911BA148-1461-42D9-BD51-0271A92A3697} - System32\Tasks\{9AFC5B22-868A-48B7-BBEE-E1F53F7EC7B9} => Iexplore.exe http://ui.skype.com/ui/0/7.8.80.102/pl/go/help.faq.installer?LastError=1618
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{797F486E-EB38-4ED8-AC68-B2B78F1B83A3}.exe <==== UWAGA
    Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{C3AF15AD-9250-4801-8F92-F8FCA2AD8982}.exe <==== UWAGA
    Task: C:\Windows\Tasks\Bidaily Synchronize Task[74c7].job => c:\programdata\{d1efdc35-2e0d-ed3d-d1ef-fdc352e070d4}\hqghumeaylnlf.exe <==== UWAGA
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-13]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
    GroupPolicyScripts: Ograniczenia <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\..\Interfaces\{6E29D529-F2B6-4612-94BD-2F12FECD8E25}: [NameServer] 82.163.143.172,82.163.142.174
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-616458940-2863799773-1279143507-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = auto:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006




    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=ds&ts=1...XHTS725050A9A364_100423PCK404VLHK4DTJX&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.key-find.com/web/?type=ds&ts=1...XHTS725050A9A364_100423PCK404VLHK4DTJX&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-616458940-2863799773-1279143507-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKU\S-1-5-21-616458940-2863799773-1279143507-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
    HKU\S-1-5-21-616458940-2863799773-1279143507-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.key-find.com/web/?type=dspp&ts...XHTS725050A9A364_100423PCK404VLHK4DTJX&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.key-find.com/web/?type=dspp&ts...XHTS725050A9A364_100423PCK404VLHK4DTJX&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.key-find.com/web/?type=dspp&ts...XHTS725050A9A364_100423PCK404VLHK4DTJX&q={searchTerms}
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-616458940-2863799773-1279143507-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-616458940-2863799773-1279143507-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    BHO-x32: Brak nazwy -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Brak pliku
    Toolbar: HKU\S-1-5-21-616458940-2863799773-1279143507-1001 -> Brak nazwy - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Brak pliku
    FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
    FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ls7va8mc.default\extensions\searchengine@gmail.com
    FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ls7va8mc.default\extensions\fftoolbar2014@etech.com
    FF HKLM-x32\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ls7va8mc.default\extensions\quick_searchff@gmail.com
    FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\ls7va8mc.default\extensions\sweetsearch@gmail.com
    CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
    CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
    CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}&trackid=sp-006
    CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
    CHR HKU\S-1-5-21-616458940-2863799773-1279143507-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
    S3 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
    S2 TomTomHOMEService; "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" [X]
    S3 Uxsxab10ne; Brak ImagePath
    U3 a6urmqmo; C:\Windows\System32\Drivers\a6urmqmo.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    S3 btwaudio; system32\drivers\btwaudio.sys [X]
    S3 btwavdt; system32\drivers\btwavdt.sys [X]
    S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
    S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S2 DriverX; \SystemRoot\System32\Drivers\driverx.sys [X]
    S2 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
    2015-09-17 05:52 - 2015-09-17 05:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    2015-09-17 05:52 - 2015-09-17 05:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
    2015-09-02 23:28 - 2015-09-18 00:00 - 00000000 ____D C:\Program Files (x86)\DNS Unlocker
    2015-09-23 07:22 - 2015-06-14 12:22 - 00000336 _____ C:\Windows\Tasks\Bidaily Synchronize Task[74c7].job
    2015-09-18 10:57 - 2013-06-09 11:07 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
    2015-09-18 10:57 - 2013-06-03 15:56 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    EmptyTemp:


    Wklej to do notatnika i zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się plik FRST.exe, odpal go i kliknij Fix/Napraw.

    Przeskanuj ponadto komputer programem ADWCleaner i usuń wszystko co znalazł.

    1
  • CControls
  • #3 23 Wrz 2015 12:41
    tommy_stopek
    Poziom 9  

    Dzięki za podpowiedz, niestety nawet w trybie awaryjnym probujac odinstalować z poziomu panelu sterowania DNS Unlocker wyskakuje komunikat:

    Runtime Error (at -1:0):
    Cannot import dll:C:\Program Files (x86)\DNS Unlocker\ConsoleApplication1.dll.

    0
  • Pomocny post
    #4 23 Wrz 2015 12:52
    Domino_2
    Pomocny dla użytkowników

    Pomiń i wykonaj resztę.

    1
  • #5 23 Wrz 2015 22:48
    tommy_stopek
    Poziom 9  

    Dzięki wielkie, oczywiście pomogło.:)

    0
  • #6 24 Wrz 2015 08:32
    Domino_2
    Pomocny dla użytkowników

    Proszę bardzo.
    Możesz usunąć folder C:\FRST.
    DNS Unlocker - jak usunąć? Logi z FRST.

    0