Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Dns Unlocker - jak usunąć?

wróblowski 17 Sty 2016 21:48 732 4
  • #2 18 Sty 2016 07:54
    Kolobos
    Spec od komputerów

    @wróblowski fixlist.txt dla FRST:
    Task: {35700B32-324F-4947-BC1E-7BDDDDEFAED1} - System32\Tasks\{FA7EE94A-9F32-4909-9BE7-E5E1490009E9} => pcalua.exe -a "C:\Users\KF\Downloads\zuzel v.3.1b.exe" -d C:\Users\KF\Downloads
    Task: {4C73A8B6-B3AF-4C43-9FD7-60395364BAFC} - System32\Tasks\Opera scheduled Autoupdate 1421444368 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-17] (Opera Software)
    () C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe
    () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe
    () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\Plugin.exe
    () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe
    () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\Plugin.exe
    () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\Plugin.exe
    () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\Plugin.exe
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\...\MountPoints2: {4a96dbc6-af81-11e4-8996-008cfa86cd84} - E:\autorun.exe
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_30ab7f36-477e-4dd8-8ae2-456accf88f6e
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simple.com/?affID=bl_30ab7f36-477e-4dd8-8ae2-456accf88f6e
    URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_30ab7f36-477e-4dd8-8ae2-456accf88f6e&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simple.com/?affID=bl_30ab7f36-477e-4dd8-8ae2-456accf88f6e&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2100297747-1478495227-2977836388-1000 -> DefaultScope {533923CB-E21D-46D3-89AC-1A07C4309635} URL = http://q.search-simple.com/?affID=bl_30ab7f36-477e-4dd8-8ae2-456accf88f6e&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2100297747-1478495227-2977836388-1000 -> OldSearch URL =
    SearchScopes: HKU\S-1-5-21-2100297747-1478495227-2977836388-1000 -> {533923CB-E21D-46D3-89AC-1A07C4309635} URL = http://q.search-simple.com/?affID=bl_30ab7f36-477e-4dd8-8ae2-456accf88f6e&q={searchTerms}
    OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-19__alt__ddc_dsssyc_bd_com"
    OPR Extension: (Strong Signal) - C:\Users\KF\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibkenfpakmbdmlalmhgcpdbeennobfho [2015-05-01]
    R2 Service Mgr StrongSignal; C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\PluginContainer.exe [556304 2015-05-10] ()
    R2 Update Mgr StrongSignal; C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe [478992 2015-05-10] ()
    S2 0273451430506831mcinstcleanup; C:\Users\KF\AppData\Local\Temp\027345~1.EXE -cleanup -nolog [X]
    2015-05-02 18:25 - 2015-05-02 18:25 - 00000000 ____D () C:\Program Files (x86)\Strong Signal
    2015-05-01 21:22 - 2015-05-01 22:55 - 00000000 ____D () C:\AdwCleaner
    2015-05-01 21:19 - 2015-05-01 21:19 - 00000000 _____ () C:\prefs.js
    2015-05-10 10:21 - 2015-02-08 17:35 - 00000000 ____D () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
    EmptyTemp:

    0
  • #4 20 Sty 2016 09:18
    Kolobos
    Spec od komputerów

    Zaloguj sie do routera i podaj jakie adresy dns przydziela.

    Zainstaluj: https://support.microsoft.com/en-us/kb/2545227

    Fixlist.txt dla FRST:
    Task: {11EC2F68-C363-4F7C-9C46-5E6B2B8130FE} - System32\Tasks\{54FE608E-6453-4861-8FC5-8995C7346C23} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {65CD6C6F-0D73-4998-BDD4-1560ECB04F90} - \Opera scheduled Autoupdate 1421444368 -> Brak pliku <==== UWAGA
    Task: {C4DCF9A3-490E-4663-89D4-F1B22126E8DF} - System32\Tasks\DNSQUINTANA => dnsquintana.exe <==== UWAGA
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\...\MountPoints2: F - F:\AutoRun.exe
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\...\MountPoints2: {4a96dbc6-af81-11e4-8996-008cfa86cd84} - E:\setup.exe /CD
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\...\MountPoints2: {a617db84-fbf8-11e4-8e26-008cfa86cd84} - F:\AutoRun.exe
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\...\MountPoints2: {f7609609-fb38-11e4-a0aa-008cfa86cd84} - F:\AutoRun.exe
    HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\...\MountPoints2: {f7609617-fb38-11e4-a0aa-008cfa86cd84} - F:\AutoRun.exe
    CHR HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 199.203.131.151 82.163.143.181
    Tcpip\..\Interfaces\{0DCBCD55-9B8F-4B9C-A432-D6485B7B8A51}: [NameServer] 199.203.131.151 82.163.143.181
    Tcpip\..\Interfaces\{B001892A-CBD2-4401-ABA0-3C5F5E4AFACA}: [NameServer] 199.203.131.151 82.163.143.181
    Tcpip\..\Interfaces\{0DCBCD55-9B8F-4B9C-A432-D6485B7B8A51}: [DhcpNameServer] 199.203.131.151
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.interia.pl/#utm_source=instalki1&a...n=instalki1&iwa_source=installer_instalki
    CHR Extension: (Prezentacje Google) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Dokumenty Google) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Dysk Google) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA




    CHR Extension: (YouTube) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Google Search) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Arkusze Google) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Google Wallet) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Gmail) - C:\Users\KF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbidppmgmdmjgfenjdafcalmciolcehp] - hxxp://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-2100297747-1478495227-2977836388-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [bbidppmgmdmjgfenjdafcalmciolcehp] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx
    S2 31064272; "C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\System Optimizer\SysOptCrash.dll",ENT
    S3 cpuz134; \??\C:\Users\KF\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    EmptyTemp:

    0
  • #5 27 Sty 2016 19:20
    wróblowski
    Poziom 2  

    Kolobos - bardzo dziękuję. Niech Cię Najwyższy na niebiosach wynagrodzi w łaskach i rozsądku!

    0