Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Usunięcie DNS unlocker - prośba o pomoc.

jkociemski 11 Mar 2016 10:45 540 4
  • #2 11 Mar 2016 11:05
    Kolobos
    Spec od komputerów

    Odinstaluj: SpyHunter4 wersja 4.21.10.4585

    Fixlist.txt dla FRST:
    Task: {02C600EA-33F9-45A1-BAF2-DD889A587D85} - System32\Tasks\SpyHunter4Startup => C:\Program Files\SpyHunter\SpyHunter4.exe
    Task: {233B906F-CF5A-470C-B312-9FF674126F25} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {27D038CB-E039-4E4D-A5B5-FC96ED876476} - System32\Tasks\{176392B1-3923-396E-31AB-80D556779502} => C:\WINDOWS\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
    Task: {3B2BBC5A-1C08-47ED-BE23-4A4B19084A86} - System32\Tasks\{780B0D47-0C0D-7A0D-0911-0409050B110F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand
    Task: {3BF7C3DD-9366-4CAD-903E-0A19675EE8EE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {4F9FA01C-689C-4350-9217-D135FD314D60} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {5BDC4472-3E7E-4422-B205-C77609DCFC32} - \PCDEventLauncherTask -> Brak pliku <==== UWAGA
    Task: {683F28B1-7242-4A81-AD68-1250DDAA032D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {9118E96B-56DA-4931-A19F-3852D9318534} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {BE65BB03-B066-408D-8380-686A5423FB74} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {CB838592-0414-46DE-BC9A-2EAD0506A3F3} - \PCDoctorBackgroundMonitorTask -> Brak pliku <==== UWAGA
    Task: {DA5A7422-2657-4454-A021-78D0EE3CD870} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {E79F65AB-75D1-479D-87E3-D9EFEC52FF5A} - \SystemToolsDailyTest -> Brak pliku <==== UWAGA
    Task: {EF63A6DF-8245-4B3E-AC46-FC650A787A72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {F60FC6DB-81A8-4564-9A03-AA431CD86B79} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {F96C8EC8-6EC5-4640-AA54-E0CEB487C8AB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    HKU\S-1-5-21-2492150646-35265096-1741418467-1001\...\MountPoints2: D - "D:\SETUP.EXE"
    BootExecute: autocheck autochk * sh4native Sh4Removal
    Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{28840a2f-4724-4a13-9630-13997d61fc2a}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{28840a2f-4724-4a13-9630-13997d61fc2a}: [DhcpNameServer] 82.163.142.7
    Tcpip\..\Interfaces\{5ba056f6-acfc-480b-aa40-67f30cab6566}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{5ba056f6-acfc-480b-aa40-67f30cab6566}: [DhcpNameServer] 82.163.142.7
    BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2015-12-16] (Enigma Software Group USA, LLC.)




    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-12-16] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-12-16] ()
    2016-03-11 08:50 - 2016-03-11 10:23 - 00000000 ____D C:\ProgramData\d580ab30-3e41-0
    2016-03-11 08:50 - 2016-03-11 10:22 - 00000000 ____D C:\ProgramData\d580ab30-1433-1
    2016-03-09 20:50 - 2016-03-09 20:50 - 00000000 ____D C:\ProgramData\d580ab30-44e5-1
    2016-03-09 20:50 - 2016-03-09 20:50 - 00000000 ____D C:\ProgramData\d580ab30-13f3-0
    2016-03-09 14:50 - 2016-03-11 03:17 - 00000000 ____D C:\ProgramData\d580ab30-0ff1-1
    2016-03-09 14:50 - 2016-03-09 14:50 - 00000000 ____D C:\ProgramData\d580ab30-6581-0
    2016-03-08 14:50 - 2016-03-11 03:17 - 00000000 ____D C:\ProgramData\d580ab30-6803-0
    2016-03-08 14:50 - 2016-03-08 14:50 - 00000000 ____D C:\ProgramData\d580ab30-47c5-1
    2016-03-07 20:50 - 2016-03-11 03:17 - 00000000 ____D C:\ProgramData\d580ab30-38c1-0
    2016-03-07 20:50 - 2016-03-07 20:50 - 00000000 ____D C:\ProgramData\d580ab30-3203-1
    2016-03-06 20:50 - 2016-03-06 20:50 - 00000000 ____D C:\ProgramData\d580ab30-7ac1-1
    2016-03-06 20:50 - 2016-03-06 20:50 - 00000000 ____D C:\ProgramData\d580ab30-2631-0
    2016-03-05 14:50 - 2016-03-05 14:50 - 00000000 ____D C:\ProgramData\d580ab30-3b05-0
    2016-03-05 14:50 - 2016-03-05 14:50 - 00000000 ____D C:\ProgramData\d580ab30-1d37-1
    2016-03-05 08:50 - 2016-03-05 08:50 - 00000000 ____D C:\ProgramData\d580ab30-4fe7-0
    2016-03-05 08:50 - 2016-03-05 08:50 - 00000000 ____D C:\ProgramData\d580ab30-2f05-1
    2016-03-04 20:50 - 2016-03-04 20:50 - 00000000 ____D C:\ProgramData\d580ab30-73c5-1
    2016-03-04 20:50 - 2016-03-04 20:50 - 00000000 ____D C:\ProgramData\d580ab30-2b15-0
    2016-03-04 13:13 - 2016-03-04 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4
    2016-03-04 13:13 - 2016-03-04 13:13 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-03-04 11:11 - 2016-03-04 11:11 - 00003352 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
    2016-03-04 11:11 - 2015-12-19 12:24 - 00030080 _____ C:\WINDOWS\SysWOW64\sh4native.exe
    2016-03-04 11:09 - 2016-03-04 11:09 - 00204029 _____ C:\spyhunter.fix
    2016-03-04 09:33 - 2016-03-04 09:33 - 00000000 _____ C:\autoexec.bat
    2016-03-04 09:32 - 2015-12-16 10:38 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-03-04 09:31 - 2016-03-04 09:31 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Użytkownik\Downloads\SpyHunter-Installer.exe
    2016-03-04 09:17 - 2016-03-04 09:17 - 00772016 _____ (Reimage®) C:\Users\Użytkownik\Downloads\ReimageRepair.exe
    2016-02-27 20:50 - 2016-03-04 17:42 - 00000000 ____D C:\ProgramData\d580ab30-0781-0
    2016-02-27 20:45 - 2016-03-04 17:42 - 00000000 ____D C:\ProgramData\d580ab30-3177-0
    2016-02-27 20:45 - 2016-02-27 20:45 - 00003892 _____ C:\WINDOWS\System32\Tasks\{176392B1-3923-396E-31AB-80D556779502}
    2016-02-27 20:45 - 2016-02-27 20:45 - 00000000 ____D C:\ProgramData\f4537686
    2016-02-27 20:45 - 2016-02-27 20:45 - 00000000 ____D C:\ProgramData\{0b2ebe9a-612c-0}
    2016-02-27 20:45 - 2016-02-27 20:45 - 00000000 ____D C:\ProgramData\{0208647f-612c-1}
    2016-03-11 08:14 - 2015-07-30 09:48 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-02-27 20:45 - 2016-01-10 11:45 - 00000000 ____D C:\ProgramData\f0e1cf34-1121-0
    2016-02-27 20:45 - 2016-01-10 11:45 - 00000000 ____D C:\ProgramData\f0e1cf34-05c5-1
    EmptyTemp:

    Po wykonaniu usun katalog C:\FRST.

    0
  • #3 11 Mar 2016 11:07
    Acorus 20
    Spec od komputerów

    Odinstaluj SpyHunter4 wersja 4.21.10.4585. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {02C600EA-33F9-45A1-BAF2-DD889A587D85} - System32\Tasks\SpyHunter4Startup => C:\Program Files\SpyHunter\SpyHunter4.exe
    Task: {233B906F-CF5A-470C-B312-9FF674126F25} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {27D038CB-E039-4E4D-A5B5-FC96ED876476} - System32\Tasks\{176392B1-3923-396E-31AB-80D556779502} => C:\WINDOWS\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
    Task: {3B2BBC5A-1C08-47ED-BE23-4A4B19084A86} - System32\Tasks\{780B0D47-0C0D-7A0D-0911-0409050B110F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (dane wartości zawierają 9428 znaków więcej).
    Task: {3BF7C3DD-9366-4CAD-903E-0A19675EE8EE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {4F9FA01C-689C-4350-9217-D135FD314D60} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {5BDC4472-3E7E-4422-B205-C77609DCFC32} - \PCDEventLauncherTask -> Brak pliku <==== UWAGA
    Task: {683F28B1-7242-4A81-AD68-1250DDAA032D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {9118E96B-56DA-4931-A19F-3852D9318534} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {BE65BB03-B066-408D-8380-686A5423FB74} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {CB838592-0414-46DE-BC9A-2EAD0506A3F3} - \PCDoctorBackgroundMonitorTask -> Brak pliku <==== UWAGA
    Task: {DA5A7422-2657-4454-A021-78D0EE3CD870} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {E79F65AB-75D1-479D-87E3-D9EFEC52FF5A} - \SystemToolsDailyTest -> Brak pliku <==== UWAGA
    Task: {EF63A6DF-8245-4B3E-AC46-FC650A787A72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {F60FC6DB-81A8-4564-9A03-AA431CD86B79} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {F96C8EC8-6EC5-4640-AA54-E0CEB487C8AB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    BootExecute: autocheck autochk * sh4native Sh4Removal
    Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{28840a2f-4724-4a13-9630-13997d61fc2a}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{28840a2f-4724-4a13-9630-13997d61fc2a}: [DhcpNameServer] 82.163.142.7
    Tcpip\..\Interfaces\{5ba056f6-acfc-480b-aa40-67f30cab6566}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{5ba056f6-acfc-480b-aa40-67f30cab6566}: [DhcpNameServer] 82.163.142.7
    BHO-x32: Sonic Train -> {0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc} -> C:\Program Files (x86)\Sonic Train\Extensions\0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc.dll => Brak pliku
    BHO-x32: Brak nazwy -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Brak pliku
    S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2015-12-16] (Enigma Software Group USA, LLC.)
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-12-16] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-12-16] ()
    2016-03-11 08:50 - 2016-03-11 10:23 - 00000000 ____D C:\ProgramData\d580ab30-3e41-0
    2016-03-11 08:50 - 2016-03-11 10:22 - 00000000 ____D C:\ProgramData\d580ab30-1433-1
    2016-03-09 20:50 - 2016-03-09 20:50 - 00000000 ____D C:\ProgramData\d580ab30-44e5-1
    2016-03-09 20:50 - 2016-03-09 20:50 - 00000000 ____D C:\ProgramData\d580ab30-13f3-0
    2016-03-09 14:50 - 2016-03-11 03:17 - 00000000 ____D C:\ProgramData\d580ab30-0ff1-1
    2016-03-09 14:50 - 2016-03-09 14:50 - 00000000 ____D C:\ProgramData\d580ab30-6581-0
    2016-03-08 14:50 - 2016-03-11 03:17 - 00000000 ____D C:\ProgramData\d580ab30-6803-0
    2016-03-08 14:50 - 2016-03-08 14:50 - 00000000 ____D C:\ProgramData\d580ab30-47c5-1
    2016-03-07 20:50 - 2016-03-11 03:17 - 00000000 ____D C:\ProgramData\d580ab30-38c1-0
    2016-03-07 20:50 - 2016-03-07 20:50 - 00000000 ____D C:\ProgramData\d580ab30-3203-1
    2016-03-05 08:50 - 2016-03-05 08:50 - 00000000 ____D C:\ProgramData\d580ab30-4fe7-0
    2016-03-05 08:50 - 2016-03-05 08:50 - 00000000 ____D C:\ProgramData\d580ab30-2f05-1
    2016-03-04 20:50 - 2016-03-04 20:50 - 00000000 ____D C:\ProgramData\d580ab30-73c5-1
    2016-03-04 20:50 - 2016-03-04 20:50 - 00000000 ____D C:\ProgramData\d580ab30-2b15-0
    2016-03-04 13:13 - 2016-03-04 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4
    2016-03-04 13:13 - 2016-03-04 13:13 - 00000000 ____D C:\Program Files\Enigma Software Group
    2016-03-04 11:11 - 2016-03-04 11:11 - 00003352 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
    2016-03-04 11:11 - 2015-12-19 12:24 - 00030080 _____ C:\WINDOWS\SysWOW64\sh4native.exe
    2016-03-04 11:09 - 2016-03-04 17:41 - 00000000 ___HD C:\j7IBzJuD5ULbD2YH
    2016-03-04 11:09 - 2016-03-04 11:09 - 00204029 _____ C:\spyhunter.fix
    2016-03-04 09:33 - 2016-03-04 09:33 - 00000000 _____ C:\autoexec.bat
    2016-03-04 09:32 - 2015-12-16 10:38 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-03-04 09:31 - 2016-03-04 09:31 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Użytkownik\Downloads\SpyHunter-Installer.exe
    2016-02-27 20:50 - 2016-03-04 17:42 - 00000000 ____D C:\ProgramData\d580ab30-0781-0
    2016-02-27 20:45 - 2016-03-04 17:42 - 00000000 ____D C:\ProgramData\d580ab30-3177-0
    2016-02-27 20:45 - 2016-02-27 20:45 - 00003892 _____ C:\WINDOWS\System32\Tasks\{176392B1-3923-396E-31AB-80D556779502}
    2016-02-27 20:45 - 2016-02-27 20:45 - 00000000 ____D C:\ProgramData\f4537686
    2016-02-27 20:45 - 2016-02-27 20:45 - 00000000 ____D C:\ProgramData\{0b2ebe9a-612c-0}
    2016-02-27 20:45 - 2016-02-27 20:45 - 00000000 ____D C:\ProgramData\{0208647f-612c-1}
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.

    0
  • #4 11 Mar 2016 14:28
    jkociemski
    Poziom 2  

    Dziękuję. Wydaje się, że pomogło.
    Pozdrawiam.

    0