Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS Unlocker - Jak Usunąć

Long001 15 Mar 2016 21:22 681 2
  • Pomocny post
    #2 16 Mar 2016 07:32
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:

    Spoiler:
    Task: {22B6C138-AE19-4397-A31A-7C18898955C5} - System32\Tasks\{0B047D47-0A7D-0C0E-7E11-0E0D0F0D1104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (dane wartości zawierają 9464 znaków więcej).
    Task: {4513A7E4-659C-42B5-9044-4CF74E7E45E1} - System32\Tasks\Opera scheduled Autoupdate 1452966878 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-01] (Opera Software)
    Task: {9EF4E11F-199A-49FD-BB56-EDE0BE0EF15E} - System32\Tasks\{85C22305-8EFC-EB5A-A525-1D2109351F15} => C:\WINDOWS\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
    Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1452966878.job => C:\Program Files (x86)\Opera\launcher.exe
    Winlogon\Notify\igfxcui: igfxdev.dll [X]
    HKU\S-1-5-21-2802215445-2514643384-1820862395-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-2802215445-2514643384-1820862395-1001\...\MountPoints2: {51ce8624-b2d3-11e5-bcdc-dc0ea1ee3f65} - "G:\setup.exe"
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{188df6ce-fb1d-4746-b9e1-8817c25f89ea}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{b7aa4c8a-12d9-4dd8-a0c6-38e9dbe8c16a}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{bfdb21c9-011c-465b-ad29-be66a13473f5}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{bfdb21c9-011c-465b-ad29-be66a13473f5}: [DhcpNameServer] 82.163.143.171
    Tcpip\..\Interfaces\{cf7de635-734b-4199-aef5-6a9a661d99d1}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{e41ab970-5b6e-4e8d-81b7-f8e3a86f3d6b}: [NameServer] 82.163.143.171 82.163.142.173
    HKU\S-1-5-21-2802215445-2514643384-1820862395-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11433&guid={E841193C-C17F-41DC-AFDC-F91469CB334D}&i=
    SearchScopes: HKU\S-1-5-21-2802215445-2514643384-1820862395-1001 -> {882DA55B-C13E-48F2-BF9D-1DE9453084FB} URL = hxxp://search.eshield.com/serp?guid={E841193C-C17F-41DC-AFDC-F91469CB334D}&action=default_search&k={searchTerms}
    SearchScopes: HKU\S-1-5-21-2802215445-2514643384-1820862395-1001 -> {BFAFAEFA-37D7-456C-A5E9-FB5B887F6F24} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433




    BHO-x32: Brak nazwy -> {c7c5384f-d9e9-4db1-8c72-135ecccbc571} -> Brak pliku
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
    BHO-x32: Brak nazwy -> {c7c5384f-d9e9-4db1-8c72-135ecccbc571} -> Brak pliku
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
    2016-03-11 00:37 - 2016-03-15 19:04 - 00000000 ____D C:\ProgramData\211d25a4-71d3-0
    2016-03-11 00:37 - 2016-03-15 14:42 - 00000000 ____D C:\ProgramData\211d25a4-1597-1
    2016-03-10 00:37 - 2016-03-10 00:37 - 00000000 ____D C:\ProgramData\211d25a4-42d7-0
    2016-03-10 00:37 - 2016-03-10 00:37 - 00000000 ____D C:\ProgramData\211d25a4-0203-1
    2016-03-09 18:37 - 2016-03-09 18:37 - 00000000 ____D C:\ProgramData\211d25a4-4c33-1
    2016-03-09 18:37 - 2016-03-09 18:37 - 00000000 ____D C:\ProgramData\211d25a4-3945-0
    2016-03-09 12:37 - 2016-03-09 12:37 - 00000000 ____D C:\ProgramData\211d25a4-2705-1
    2016-03-09 12:37 - 2016-03-09 12:37 - 00000000 ____D C:\ProgramData\211d25a4-22f3-0
    2016-03-09 00:37 - 2016-03-09 00:37 - 00000000 ____D C:\ProgramData\211d25a4-4683-0
    2016-03-09 00:37 - 2016-03-09 00:37 - 00000000 ____D C:\ProgramData\211d25a4-35b3-1
    2016-03-03 18:32 - 2016-03-03 18:32 - 00000000 ____D C:\ProgramData\d5b754fb
    2016-03-03 18:31 - 2016-03-03 18:31 - 00000000 ____D C:\ProgramData\{18444f3a-712c-1}
    2016-03-03 18:31 - 2016-03-03 18:31 - 00000000 ____D C:\ProgramData\{14378811-112c-0}
    2016-03-03 18:31 - 2016-03-03 18:31 - 00000000 ____D C:\ProgramData\{12ed68d1-012c-0}
    2016-03-03 18:31 - 2016-03-03 18:31 - 00000000 ____D C:\ProgramData\{0e7deeb2-012c-1}
    2016-03-02 16:21 - 2016-03-02 16:21 - 00000000 ____D C:\ProgramData\TXQMPC
    2016-03-02 16:16 - 2016-03-02 17:03 - 00000000 ____D C:\Users\marcin\AppData\Roaming\gplyra
    2016-03-02 16:16 - 2016-03-02 16:16 - 00000000 ____D C:\Users\marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
    2016-03-02 16:16 - 2016-03-02 16:16 - 00000000 ____D C:\Users\marcin\AppData\Roaming\cpuminer
    2016-03-02 16:16 - 2016-03-02 16:16 - 00000000 ____D C:\Program Files\Common Files\Tencent
    2016-03-02 16:15 - 2016-03-02 16:21 - 00000000 ____D C:\Users\marcin\AppData\Roaming\Tencent
    2016-03-02 16:15 - 2016-03-02 16:19 - 00000000 ____D C:\ProgramData\Tencent
    2016-03-02 16:15 - 2016-03-02 16:15 - 00000000 ____D C:\Program Files (x86)\Tencent
    2016-03-02 16:14 - 2016-03-02 17:04 - 00000000 ____D C:\Program Files (x86)\thirteen degrees
    2016-03-02 16:12 - 2016-03-02 17:04 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
    2016-03-02 16:12 - 2016-03-02 17:04 - 00000000 ____D C:\Program Files (x86)\qq
    2016-03-11 23:02 - 2016-01-12 10:35 - 00000000 ____D C:\ProgramData\VMware
    2016-03-03 18:32 - 2016-01-16 18:55 - 00000000 ____D C:\ProgramData\8f16044a-4f73-1
    2016-03-03 18:32 - 2016-01-16 18:55 - 00000000 ____D C:\ProgramData\8f16044a-0741-0
    EmptyTemp:



    Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\marcin\Downloads\FRST64.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 16 Mar 2016 17:02
    Long001
    Poziom 2  

    Wszystko hula, dziękuję! :)
    DNS Unlocker - Jak Usunąć

    0