Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS Unlocker - po raz kolejny

lukaszZSW 03 Sty 2016 21:29 678 4
  • #2 03 Sty 2016 21:42
    Bogdan Bejs
    Poziom 19  

    Eset Smart Security 8 + Malwarebytes Anti Malware Premium + AdBlock.
    Ja mam taką kombinację i nic nieprzyjaznego się nie przedostaję.

    0
  • Pomocny post
    #3 03 Sty 2016 22:36
    Kolobos
    Spec od komputerów

    Oinstaluj:
    SpyHunter 4
    TerminusStasis

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CustomCLSID: HKU\S-1-5-21-3698520811-2985632043-4098144242-1000_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> E:\XXX\BESTplayer2131_[www.programosy.pl].exe => Brak pliku
    CustomCLSID: HKU\S-1-5-21-3698520811-2985632043-4098144242-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\admin\AppData\Local\Temp\7Cb14.exe => Brak pliku
    Task: {171C1876-EBB2-40CD-B0E2-011C10DE6A3F} - System32\Tasks\Super Optimizer Schedule => C:\Program Files\Super Optimizer\SupOptLauncher.exe <==== UWAGA
    Task: {180EB9E7-27A6-4BB6-B434-DEC72CA438FC} - System32\Tasks\{882CAFAA-F850-4C45-BE49-AD9F0D7128E6} => C:\EDIABAS\Bin\ifhsrv32.exe [2004-03-31] ()
    Task: {26FACFA2-FE05-479D-92D8-DEB79AD3C74F} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5_user => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5.exe <==== UWAGA
    Task: {29CC5579-8955-4B19-ACE5-A55051DE0590} - System32\Tasks\{D85101B1-B6F1-48BE-A177-B98FC9DD3E86} => C:\inpa_5_0_2_10.0.0.4\BMW\INSTALL\Instprog.exe [2005-03-29] (BMW AG)
    Task: {2E334E24-5109-45D8-97D7-A5DB23FDFB06} - System32\Tasks\{FEDF451A-9C7E-4B37-937F-5F41FB77DA6E} => C:\EDIABAS\Hardware\ADS\ADS32\ADSSETUP.EXE [1996-10-28] ()
    Task: {2FFDA494-5F03-4A47-ACAF-98858F4DC53B} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-6 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-6.exe <==== UWAGA
    Task: {3362F3A2-3586-45A3-AED8-C3EF6F26BE26} - System32\Tasks\Fr3UmTUC => C:\Users\admin\AppData\Roaming\Fr3UmTUC.exe <==== UWAGA
    Task: {40C68E02-6A45-44CF-8655-E5AA5F4E7626} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-6 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-6.exe <==== UWAGA
    Task: {4F7DAA4C-EDB4-43CF-BED7-DFEE81F62749} - System32\Tasks\{AE93F0CF-71CC-4BB8-8B6B-8EA4C186A35E} => C:\EDIABAS\Bin\ifhsrv32.exe [2004-03-31] ()
    Task: {5E0A6503-E998-4D6E-BF48-E266E8689D6C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
    Task: {6549187D-FBB3-4A2D-8A5A-EA686C42213E} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== UWAGA
    Task: {7ED2B42C-2F5F-4385-BA87-A3655FBC677A} - System32\Tasks\{513699F2-8835-CB73-1ECE-11AD29E2CAC8} => powershell.exe -windowstyle hidden -noninteractive -ExecutionPolicy bypass -EncodedCommand
    Task: {7EEFB16F-9227-42B8-81F8-3449377C65C5} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-7 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-7.exe <==== UWAGA
    Task: {88AAF6DE-1C9C-4916-A59B-69A64FFF32FF} - System32\Tasks\{1ACD6633-4DEA-4FBF-9696-96E6E992C04D} => C:\EDIABAS\Bin\ifhsrv32.exe [2004-03-31] ()




    Task: {8ECB8323-26A5-4BFF-A20A-CC5B1137230A} - System32\Tasks\DNSIKATAN => dnsikatan.exe <==== UWAGA
    Task: {908E896F-29EA-4CEF-B14B-B21FA467F009} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== UWAGA
    Task: {949C6C29-A3C6-4657-947F-865B7EC979FD} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-7 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-7.exe <==== UWAGA
    Task: {A6C99CA9-B7D9-4172-8A47-330A6D8B42B5} - System32\Tasks\{FBADD358-2A4B-4287-AD94-4A0E64BB3467} => C:\Users\admin\Desktop\VMware-player-6.0.0-1295980.exe
    Task: {B08C9765-4E85-4348-8600-67D3B98878AB} - System32\Tasks\Opera scheduled Autoupdate 1436172717 => C:\Program Files\Opera\launcher.exe
    Task: {B943B36C-2B3C-441F-BF39-1F7191AC2D71} - System32\Tasks\{60C6AEDB-C37A-48B3-91F8-3665EC73C053} => pcalua.exe -a C:\inpa_5_0_2_10.0.0.4\setup.exe -d C:\inpa_5_0_2_10.0.0.4
    Task: {BF578B88-6E69-4E9F-92EC-FE365DD40177} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-10_user => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-10.exe <==== UWAGA
    Task: {CA869B12-2247-49B9-939E-DBB8B3E8FDE6} - System32\Tasks\{73DEA4E7-742E-47CF-BE4E-3CEDD88E8FA5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=squadm
    Task: {D1E14DCF-A317-4DDA-B28F-78DDAF566F86} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-3 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-3.exe <==== UWAGA
    Task: {E508AA71-0A3E-4F07-A662-88303232D2FE} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5.exe <==== UWAGA
    Task: {E70FB41B-761F-4406-87EB-4A729811FB41} - System32\Tasks\Superclean => c:\programdata\{1fb2c604-5b98-9e20-1fb2-2c6045b91811}\hqghumeaylnlf.exe [2014-08-17] (Super PC Tools Ltd) <==== UWAGA
    Task: {FDFD19EB-DA27-40D6-85FD-CA735BF13E64} - System32\Tasks\{0DDA4FA7-01AF-4C22-A6C0-66B437BAB035} => C:\inpa_5_0_2_10.0.0.4\setup.exe [2005-12-16] (BMW Group )
    Task: {FED6AB60-A529-4A04-B2C2-F37926912774} - System32\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-11 => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-11.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-6.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-6.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-7.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-7.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-10_user.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-10.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-11.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-11.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-3.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-3.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5_user.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-6.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-6.exe <==== UWAGA
    Task: C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-7.job => C:\Program Files\CinemaPlus-4.2vV05.07\6c9ab9d1-b953-45bd-9100-c153d6f2e026-7.exe <==== UWAGA
    Task: C:\Windows\Tasks\Fr3UmTUC.job => C:\Users\admin\AppData\Roaming\Fr3UmTUC.exe <==== UWAGA
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== UWAGA
    Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== UWAGA
    Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{1fb2c604-5b98-9e20-1fb2-2c6045b91811}\hqghumeaylnlf.exe <==== UWAGA
    HKLM\...\Run: [Apoint] => POINT.EXE
    HKLM\...\Run: [NvCplDaemon] => RTUP
    HKLM\...\Run: [NvMediaCenter] => RINIT
    HKLM\...\Run: [NVHotkey] => RT
    HKLM\...\Run: [nwiz] => LL
    HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
    HKU\S-1-5-21-3698520811-2985632043-4098144242-1000\...\MountPoints2: {2ab6e575-d0a5-11e4-a044-002170b2ce0a} - E:\AutoRun.exe
    HKU\S-1-5-21-3698520811-2985632043-4098144242-1000\...\MountPoints2: {2ab6e583-d0a5-11e4-a044-002170b2ce0a} - E:\AutoRun.exe
    HKU\S-1-5-21-3698520811-2985632043-4098144242-1000\...\MountPoints2: {603a87e5-cccd-11e4-9972-002170b2ce0a} - E:\LGAutoRun.exe
    SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Brak pliku
    AlternateShell: cmd.exe
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{158ED855-AF82-4739-871E-DDD2E571F170}: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{1864A872-A066-44B5-9C2F-371E03ED2160}: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{1864A872-A066-44B5-9C2F-371E03ED2160}: [DhcpNameServer] 82.163.142.3
    Tcpip\..\Interfaces\{73D91CBF-B0C2-4526-94C9-F5E8FA039616}: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{7A4FC095-128C-49A9-BC2F-D92ECA2AEC39}: [NameServer] 82.163.142.3 95.211.158.130
    SearchScopes: HKLM -> DefaultScope - brak wartości
    BHO: Brak nazwy -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Brak pliku
    BHO: Filter Results -> {dd4c66b8-f943-4b10-8053-7e9ee39bba4a} -> C:\Program Files\Filter Results\Extensions\dd4c66b8-f943-4b10-8053-7e9ee39bba4a.dll => Brak pliku
    BHO: RaonndoemPricce -> {F993BD16-43E7-4CEC-8608-46A2322AA46E} -> C:\Program Files\RaonndoemPricce\p9oFfIB8Hwoqd3.dll => Brak pliku
    Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files\SafeKey\LPToolbar.dll Brak pliku
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=143...HitachiXHTS722080K9A300_070820DP0B10DQG4RVJPX
    FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Brak pliku]
    FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Brak pliku]
    CHR DefaultSearchURL: Default -> web/?type=dspp&ts=1436264858&from=xtab&uid=5A66562BEFD14c29B666141EB95CDCA6&q={searchTerms}
    OPR Extension: (Filter Results) - C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\oekdjnngaipjchfbjnmbhdjolbiocpkg [2015-07-06]
    StartMenuInternet: (HKLM) OperaStable - "C:\Program Files\Opera\Launcher.exe" hxxp://www.istartsurf.com/?type=sc&ts=143...HitachiXHTS722080K9A300_070820DP0B10DQG4RVJPX
    R2 3e39d796; c:\Program Files\TerminusStasis\TerminusStasis.dll [1948672 2015-07-27] () [Brak podpisu cyfrowego]
    S2 globalUpdate; C:\Program Files\globalUpdate\Update\globalupdate.exe /svc [X] <==== UWAGA
    S3 globalUpdatem; C:\Program Files\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== UWAGA
    S4 Helpful Role; "C:\Program Files\Helpful Role\Helpful Role.exe" [X]
    S4 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [X]
    S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-07-09] ()
    S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
    S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
    S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
    S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-01-03 20:42 - 2016-01-03 20:42 - 00000000 __SHD C:\found.000
    2016-01-03 20:54 - 2015-07-06 09:54 - 00005506 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-6.job
    2016-01-03 20:54 - 2015-07-06 09:54 - 00003126 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-6.job
    2016-01-03 20:53 - 2015-07-06 09:52 - 00002100 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-10_user.job
    2016-01-03 20:51 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-01-03 20:51 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-01-03 20:44 - 2015-07-06 09:54 - 00005172 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-11.job
    2016-01-03 20:44 - 2015-07-06 09:54 - 00005170 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-7.job
    2016-01-03 20:44 - 2015-07-06 09:54 - 00003126 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-1-7.job
    2016-01-03 20:44 - 2015-07-06 09:54 - 00002434 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5_user.job
    2016-01-03 20:44 - 2015-07-06 09:54 - 00002434 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-5.job
    2016-01-03 20:44 - 2015-07-06 09:54 - 00000988 _____ C:\Windows\Tasks\Fr3UmTUC.job
    2016-01-03 20:44 - 2015-07-06 09:53 - 00004146 _____ C:\Windows\Tasks\6c9ab9d1-b953-45bd-9100-c153d6f2e026-3.job
    2016-01-03 20:44 - 2015-07-06 09:53 - 00000958 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
    2016-01-03 10:58 - 2015-07-06 09:53 - 00000962 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
    2016-01-03 10:04 - 2015-08-17 08:44 - 00000340 _____ C:\Windows\Tasks\Superclean.job
    2015-12-28 21:38 - 2015-09-25 10:20 - 00000000 ____D C:\ProgramData\1315576085957029192
    EmptyTemp:

    W FRST wybierz Napraw.

    0
  • #4 04 Sty 2016 08:15
    lukaszZSW
    Poziom 5  

    Dzięki, niechciany program zniknął.

    0
  • #5 04 Sty 2016 09:46
    Kolobos
    Spec od komputerów

    Usun katalog C:\FRST i to wszystko.

    0