Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS Unlocker proszę o pomoc. - Niechciane reklamy...

saek1985 04 Mar 2016 20:53 450 4
  • CControls
  • Pomocny post
    #2 04 Mar 2016 21:42
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {01257387-4812-4A43-9EE4-F7F870952F72} - System32\Tasks\{087F0847-0F05-0D7F-7E11-790D7F08110A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (dane wartości zawierają 9440 znaków więcej).
    Task: {4C406A6C-2AC7-4D82-BB70-0169963D5950} - System32\Tasks\{240A1800-DB9D-430A-907A-EF2A702921A0} => pcalua.exe -a "C:\Users\Lipa\Desktop\CloneCD v5.3.1.4 PL Keymaker And Patch (SlySoft)\CloneCD v5.3.1.4 PL + Keymaker And Patch (SlySoft)\cr-ccd14\keygen.exe" -d "C:\Users\Lipa\Desktop\CloneCD v5.3.1.4 PL Keymaker And Patch (SlySoft)\CloneCD v5.3.1.4 PL + Keymaker And Patch (SlySoft)\cr-ccd14"
    Task: {888130D8-B928-45AE-ABF9-4081865DBD96} - System32\Tasks\{A301DA85-9DA9-1892-C4FB-03DAC389F601} => /s /n /i:"/rt" "C:\PROGRA~3\f5cf3286\8f0acf5f.dll"
    HKU\S-1-5-21-282765918-1874005021-1444019709-1000\...\MountPoints2: F - F:\setup.exe
    ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Brak pliku [ ]
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => Brak pliku
    ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => Brak pliku
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=ds&ts=14244...=WDCXWD10EZRX-00A8LB0_WD-WMC1U402024320243&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.key-find.com/web/?type=ds&ts=14244...=WDCXWD10EZRX-00A8LB0_WD-WMC1U402024320243&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =




    HKU\S-1-5-21-282765918-1874005021-1444019709-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-282765918-1874005021-1444019709-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO-x32: Brak nazwy -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> Brak pliku
    BHO-x32: Brak nazwy -> {AF949550-9094-4807-95EC-D1C317803333} -> Brak pliku
    Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
    Toolbar: HKLM - Brak nazwy - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Brak pliku
    FF NewTab: about:newtab
    FF DefaultSearchEngine: Google (avast)
    FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
    FF SearchEngineOrder.1: Google (avast)
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Google (avast)
    FF Homepage: hxxps://www.google.com/?trackid=sp-006
    FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
    StartMenuInternet: (HKLM) Operabeta - C:\Program Files (x86)\Opera Next\Launcher.exe
    U4 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    U4 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-03-04 05:28 - 2016-03-04 05:28 - 00000000 ____D C:\ProgramData\da03fbc4-5291-0
    2016-03-04 05:23 - 2016-03-04 05:23 - 00003726 _____ C:\Windows\System32\Tasks\{A301DA85-9DA9-1892-C4FB-03DAC389F601}
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\f5cf3286
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\da03fbc4-4fe5-0
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\{19d839d2-012c-1}
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\{0d3b5ab2-612c-0}
    2016-03-04 05:23 - 2016-01-21 17:07 - 00000000 ____D C:\ProgramData\f0bb979a-1d71-1
    2016-03-04 05:23 - 2016-01-21 17:07 - 00000000 ____D C:\ProgramData\f0bb979a-0263-0

    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • CControls
  • Pomocny post
    #3 04 Mar 2016 22:09
    Kolobos
    Spec od komputerów

    Wykonaj jeszcze taki fixlist.txt:
    Task: {491294C4-BF58-49AB-8C97-8E34897618F6} - System32\Tasks\Opera scheduled Autoupdate 1378741119 => C:\Program Files (x86)\Opera Next\launcher.exe [2016-03-01] (Opera Software)
    AlternateDataStreams: C:\Windows:39AC6E5E8BF53A4F [50]
    Hosts:
    Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{12727374-B4E9-4533-80E6-D66921839CDF}: [NameServer] 82.163.142.7 95.211.158.134
    FF SearchPlugin: C:\Users\Lipa\AppData\Roaming\Mozilla\Firefox\Profiles\hvkj1v96.default\searchplugins\key-find.xml [2015-04-12]
    FF SearchPlugin: C:\Users\Lipa\AppData\Roaming\Mozilla\Firefox\Profiles\hvkj1v96.default\searchplugins\yahoo-1.xml [2015-08-10]
    FF SearchPlugin: C:\Users\Lipa\AppData\Roaming\Mozilla\Firefox\Profiles\hvkj1v96.default\searchplugins\yahoo-2.xml [2015-08-10]
    FF SearchPlugin: C:\Users\Lipa\AppData\Roaming\Mozilla\Firefox\Profiles\hvkj1v96.default\searchplugins\yahoo_ff.xml [2015-12-28]
    FF HKLM-x32\...\Firefox\Extensions: [searchengine@gmail.com] - C:\Users\Lipa\AppData\Roaming\Mozilla\Firefox\Profiles\hvkj1v96.default\extensions\searchengine@gmail.com => nie znaleziono
    OPR Extension: (Record Page) - C:\Users\Lipa\AppData\Roaming\pera Software\Opera Stable\Extensions\knjbajnigkbjdhnmkhjbfkamonenldko [2015-07-23]
    OPR Extension: (Money Viking) - C:\Users\Lipa\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmdlhgefnblgblpbgfckagobmeofejef [2016-01-21]
    R1 {c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64; C:\Windows\System32\drivers\{c6cf689f-ec21-4add-accd-adc0bafcbba6}Gw64.sys [48784 2015-02-20] (StdLib)
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-03-04 05:28 - 2016-03-04 05:28 - 00000000 ____D C:\ProgramData\da03fbc4-5291-0
    2016-03-04 05:23 - 2016-03-04 05:23 - 00003726 _____ C:\Windows\System32\Tasks\{A301DA85-9DA9-1892-C4FB-03DAC389F601}
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\f5cf3286
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\da03fbc4-4fe5-0
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\{19d839d2-012c-1}
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\{0d3b5ab2-612c-0}
    2016-03-04 05:23 - 2016-03-04 05:23 - 00000000 ____D C:\ProgramData\{068518b2-612c-0}
    2016-03-04 05:23 - 2016-01-21 17:07 - 00000000 ____D C:\ProgramData\f0bb979a-1d71-1
    2016-03-04 05:23 - 2016-01-21 17:07 - 00000000 ____D C:\ProgramData\f0bb979a-0263-0
    2016-03-01 15:18 - 2014-05-19 16:30 - 00003908 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1378741119

    0
  • #4 04 Mar 2016 22:53
    saek1985
    Poziom 2  

    Dziękuję Wam. Już nie mam tych reklam. Musiałem 2 razy użyć fixów, za pierwszym razem nie wyczyściłem historii w operze i nadal były reklamy...
    Pozdrawiam.

    0