Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS jak usunąć badziewie, proszę o pomoc

kijiek 26 Gru 2015 12:08 609 3
  • CControls
  • Pomocny post
    #2 26 Gru 2015 12:38
    Acorus 20
    Spec od komputerów

    Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {7B84F7A1-B2E2-4E05-AA28-D592CC05755F} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA
    Task: {8FC8150D-243D-45E1-BCE6-01A06B7FBB06} - System32\Tasks\{675C25DB-E89A-405D-B8C5-075973D1553B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.18.0.106/pl/abando...?source=lightinstaller&amp;page=tsInstall
    Task: {DBBA0200-19F3-412A-A379-3DABC8043930} - System32\Tasks\{AC75CEDB-6795-4D61-BF48-21EA55A42309} => Firefox.exe hxxp://ui.skype.com/ui/0/6.18.0.106/pl/go/hel...?source=lightinstaller&amp;LastError=1618
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\Software\Classes\.exe: exefile => <===== UWAGA
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\Software\Classes\exefile: <===== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-261837083-2056913021-435910619-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...XHTS545050B9A300_120309PBN408P7JXGWLEX&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {26DB9A7C-ADD7-432B-BB91-6AC89CA1A769} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...XHTS545050B9A300_120309PBN408P7JXGWLEX&q={searchTerms}




    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
    SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {26DB9A7C-ADD7-432B-BB91-6AC89CA1A769} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
    SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
    SearchScopes: HKU\S-1-5-21-261837083-2056913021-435910619-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKU\S-1-5-21-261837083-2056913021-435910619-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    FF SearchPlugin: C:\Users\kijiek\AppData\Roaming\Mozilla\Firefox\Profiles\7xt9b4k2.default-1449914643756\searchplugins\yoursites123.xml [2015-12-24]
    R2 WdMan; C:\ProgramData\DWdMD\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
    S3 gfiark; system32\drivers\gfiark.sys [X]
    S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
    2015-12-26 11:33 - 2015-12-26 11:39 - 00000000 ____D C:\AdwCleaner
    2015-12-24 11:21 - 2015-12-24 11:23 - 00000000 ____D C:\ProgramData\DWdMD
    2015-12-24 11:18 - 2015-12-24 11:19 - 00000000 ____D C:\ProgramData\vWdMv
    2015-12-24 11:17 - 2015-12-24 11:17 - 02770377 _____ (iBank) C:\Program Files (x86)\SSFK.exe
    2015-12-11 22:50 - 2015-12-11 22:51 - 00000000 ____D C:\ProgramData\lWdMl
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Odinstaluj Chrome zaznaczając usunięcie danych przeglądania za pomocą Geek Uninstaller Free: http://www.geekuninstaller.com/geek.zip
    Najpierw możesz wyeksportować zakładki: https://support.google.com/chrome/answer/96816?hl=pl
    Później zainstaluj: https://www.google.pl/chrome/browser/desktop/

    0
  • CControls
  • #3 26 Gru 2015 12:42
    krzychupar
    Poziom 41  

    Otwórz notatnik systemowy i wklej:
    Task: {7B84F7A1-B2E2-4E05-AA28-D592CC05755F} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\...\MountPoints2: F - F:\autorun.exe
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\...\MountPoints2: G - G:\autorun.exe
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\...\MountPoints2: H - H:\blank.exe
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\...\MountPoints2: {f6705e1f-175a-11e4-81cd-446d57064192} - I:\autorun.exe
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-261837083-2056913021-435910619-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-261837083-2056913021-435910619-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...XHTS545050B9A300_120309PBN408P7JXGWLEX&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {26DB9A7C-ADD7-432B-BB91-6AC89CA1A769} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts...XHTS545050B9A300_120309PBN408P7JXGWLEX&q={searchTerms}
    SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
    SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {26DB9A7C-ADD7-432B-BB91-6AC89CA1A769} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?i...k%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://pl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
    SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\.DEFAULT -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
    SearchScopes: HKU\S-1-5-21-261837083-2056913021-435910619-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKU\S-1-5-21-261837083-2056913021-435910619-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2015-12-26] [Brak podpisu cyfrowego]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - I:\avast\WebRep\FF
    CHR dev: Chrome dev build wykryto! <======= UWAGA
    CHR Extension: (Prezentacje Google) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-08] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Dokumenty Google) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Dysk Google) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-08] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (YouTube) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Szukaj w Google) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (eShield) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-01] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Arkusze Google) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-08] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Avast Online Security) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-01] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Gmail) - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (DiigiCoupon) - C:\ProgramData\hhlkoddhemmghpcacfbbomfeniobepfe\ []
    CHR Extension: (Fuun22SavvE) - C:\ProgramData\lpfjhjgliaofbedlgenbglckhlngbbpm\ []
    CHR HKLM\...\Chrome\Extension: [ljnfelhdldlokjkohcmjpogkdjgbgjpj] - C:\Users\kijiek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljnfelhdldlokjkohcmjpogkdjgbgjpj.crx [2015-10-01]
    CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - I:\avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-01]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - I:\avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-01]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
    S3 gfiark; system32\drivers\gfiark.sys [X]
    S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
    R2 WdMan; C:\ProgramData\DWdMD\WdMan.exe [333312 2015-12-04] (TFuns LIMITED) [Brak podpisu cyfrowego]
    2015-12-26 11:33 - 2015-12-26 11:39 - 00000000 ____D C:\AdwCleaner
    2015-12-24 11:21 - 2015-12-24 11:23 - 00000000 ____D C:\ProgramData\DWdMD
    2015-12-24 11:18 - 2015-12-24 11:19 - 00000000 ____D C:\ProgramData\vWdMv
    2015-12-11 22:50 - 2015-12-11 22:51 - 00000000 ____D C:\ProgramData\lWdMl
    2015-01-25 17:12 - 2015-01-25 17:12 - 0002086 _____ () C:\Users\kijiek\AppData\Roaming\UOT
    2015-01-25 17:12 - 2015-10-23 14:53 - 0000365 _____ () C:\Users\kijiek\AppData\Roaming\USDY
    2015-03-08 10:03 - 2015-08-01 08:05 - 0000064 _____ () C:\Users\kijiek\AppData\Roaming\WB.CFG
    2015-01-25 17:12 - 2015-10-23 14:54 - 0000365 _____ () C:\Users\kijiek\AppData\Roaming\WXZV



    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #4 26 Gru 2015 12:59
    kijiek
    Poziom 2  

    Wszystko działa jak należy, dzięki za pomoc:)

    0