Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Jak usunąć DNS Unlocker? [FRST]

richie250 06 Gru 2015 22:02 681 1
  • CControls
  • #2 06 Gru 2015 23:26
    Kolobos
    Spec od komputerów

    Odinstaluj:
    AOL Uninstaller
    Bing Bar
    Update for Foxtab

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.99\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.57\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL 9.0\axtrack.dll (AOL, LLC.)
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{1aad99ea-ee10-5c3a-8174-84c63a67adde}\InprocServer32 -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.69\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.79\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL 9.0\axtrack.dll (AOL, LLC.)
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll => Brak pliku




    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL 9.0\axtrack.dll (AOL, LLC.)
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{BE4489A4-F5C3-4E9E-A9D7-0FA850AC7D49}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.81\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.115\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.65\psuser.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\RICHIE~1\AppData\Local\Temp\6280\temp\parenthood-qualities-and-difficulties-pol-4220608.exe (dane wartości zawierają 14 znaków więcej).
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncApi.dll => Brak pliku
    CustomCLSID: HKU\S-1-5-21-1757409633-262240549-4167283509-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Richie Rich\AppData\Local\Google\Update\1.3.21.111\psuser.dll => Brak pliku
    Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Brak pliku <==== UWAGA
    Task: {49C44F31-27AA-4001-AF14-16AC0869AF79} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{b6233f08-0449-1cb8-b623-33f08044fc20}\parenthood-qualities-and-difficulties-pol-4220608.exe <==== UWAGA
    Task: {4EFDF250-B72A-426D-8AC7-EA8F9C112DA6} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
    Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Brak pliku <==== UWAGA
    Task: {7EE89E31-EC8A-4EE3-9497-146893F92DBD} - System32\Tasks\{E50188DA-3B0C-490E-9883-4D4803A318C9} => pcalua.exe -a "C:\Program Files\Common Files\AOL\uninstaller.exe"
    Task: {893E30B8-0706-4DB8-BD4F-26A7316E9013} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe [2014-09-25] (Loaris Inc.)
    Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Brak pliku <==== UWAGA
    Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> Brak pliku <==== UWAGA
    Task: {DAC72C33-7767-46F1-B2AE-EC03BE15B6F1} - System32\Tasks\Bidaily Synchronize Task[8da6] => c:\programdata\{6ea229f6-c252-f75c-6ea2-229f6c25a7db}\hqghumeaylnlf.exe <==== UWAGA
    Task: C:\windows\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{6ea229f6-c252-f75c-6ea2-229f6c25a7db}\hqghumeaylnlf.exe <==== UWAGA
    Task: C:\windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{b6233f08-0449-1cb8-b623-33f08044fc20}\parenthood-qualities-and-difficulties-pol-4220608.exe <==== UWAGA
    (AOL LLC) C:\Program Files\Common Files\aol\acs\AOLacsd.exe
    () C:\Program Files\Apprehensive Target\Apprehensive Target.exe
    Winlogon\Notify\oftremb: C:\Users\Richie Rich\AppData\Local\oftremb.dll [2014-09-27] ()
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll Brak pliku
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll Brak pliku
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Richie Rich\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll Brak pliku
    CHR HKU\S-1-5-21-1757409633-262240549-4167283509-1001\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 199.203.131.145 82.163.143.167
    Tcpip\..\Interfaces\{0F52CE63-991C-4289-A759-8B98CFC685FE}: [NameServer] 199.203.131.145 82.163.143.167
    Tcpip\..\Interfaces\{2037AF14-8B97-47EA-A3CD-46237CF35090}: [NameServer] 199.203.131.145 82.163.143.167
    Tcpip\..\Interfaces\{7F8CB04A-0779-4D89-8C0B-DB0DD7F55B6B}: [NameServer] 8.26.56.26,156.154.70.22
    Tcpip\..\Interfaces\{9E358F55-D172-4F97-B78C-79207209F237}: [NameServer] 199.203.131.145 82.163.143.167
    SearchScopes: HKLM -> DefaultScope {F8305D7D-CF69-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
    SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14218353...d5000bevt-24a0rt0_wd-wxg1c30l0217l0217&q={searchTerms}
    SearchScopes: HKLM -> {F8305D7D-CF69-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
    SearchScopes: HKLM -> {F8305D7D-CF79-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14218353...d5000bevt-24a0rt0_wd-wxg1c30l0217l0217&q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14218353...d5000bevt-24a0rt0_wd-wxg1c30l0217l0217&q={searchTerms}
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=14218353...d5000bevt-24a0rt0_wd-wxg1c30l0217l0217&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1757409633-262240549-4167283509-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.delta-homes.com/web/?utm_source=b&...217&ts=1426672688&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1757409633-262240549-4167283509-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.delta-homes.com/web/?utm_source=b&...217&ts=1426672688&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1757409633-262240549-4167283509-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.delta-homes.com/web/?utm_source=b&...217&ts=1426672688&type=default&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1757409633-262240549-4167283509-1001 -> {F8305D7D-CF69-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1757409633-262240549-4167283509-1001 -> {F8305D7D-CF79-465a-9003-813C6013A702} URL = hxxp://x2t.com/search/?q={searchTerms}
    FF Homepage: hxxp://www.interia.pl/#utm_source=instalki1&a...n=instalki1&iwa_source=installer_instalki
    FF Plugin HKU\S-1-5-21-1757409633-262240549-4167283509-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [Brak pliku]
    FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 => nie znaleziono
    CHR HomePage: Default -> hxxp://www.interia.pl/#utm_source=instalki1&a...n=instalki1&iwa_source=installer_instalki
    CHR Extension: (YouTube) - C:\Users\Richie Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Google Search) - C:\Users\Richie Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Adblock Plus For Chromium) - C:\Users\Richie Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfagdkhohdnljfijiicjpcbnlbklabh [2015-07-09] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Google Wallet) - C:\Users\Richie Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-08] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Gmail) - C:\Users\Richie Rich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR HKLM\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx <nie znaleziono>
    R2 Apprehensive Target; C:\Program Files\Apprehensive Target\Apprehensive Target.exe [8016438 2015-07-07] () [Brak podpisu cyfrowego] <==== UWAGA
    U3 a8i8cdga; C:\windows\system32\Drivers\a8i8cdga.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
    S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
    S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
    S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
    2015-12-06 21:47 - 2014-06-12 19:21 - 00000000 ____D C:\AdwCleaner
    2015-12-06 20:36 - 2015-06-03 19:31 - 00000424 _____ C:\windows\Tasks\Bidaily Synchronize Task[973b].job
    2015-12-06 20:22 - 2015-08-14 23:17 - 00000352 _____ C:\windows\Tasks\Bidaily Synchronize Task[8da6].job
    2014-09-27 22:09 - 2014-09-27 22:09 - 0360448 ___SH () C:\Users\Richie Rich\AppData\Local\oftremb.dll
    C:\ProgramData\ppt2imgpro.dll
    C:\Users\Richie Rich\AppData\Roaming\msconfig.dat
    C:\Users\Richie Rich\AppData\Roaming\msconfig.ini
    EmptyTemp:

    W FRST wybierz Napraw.

    Usun katalog C:\FRST i to wszystko.

    0