Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Dns unlocker jak usunąć z komputera

100s 15 Mar 2016 20:54 510 1
  • Pomocny post
    #2 16 Mar 2016 08:15
    Kolobos
    Spec od komputerów

    Fixlist.txt dla FRST:
    Task: {0CC449F8-4EE3-471F-BF02-AEADEC45F492} - System32\Tasks\{087D0847-087F-7E0A-0F11-050B090F110C} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand
    Task: {28ADC353-DBBB-47A5-AE06-37692093755D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {3C2EBC50-0E59-4C56-8B1A-235D95E101C6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {3D67C04B-146E-4594-9F4B-8A189C616AB4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {3F32D054-5800-4EFD-8740-DB2F24A706DB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    Task: {40FC598F-7DBF-4983-9459-5C89015D35A6} - System32\Tasks\Opera scheduled Autoupdate 1397061407 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-01] (Opera Software)
    Task: {43591495-F2C7-4077-A4DC-FDBE5A79BC7E} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA
    Task: {489BA2B8-B471-438F-AB35-0E5789734558} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {58E5E63C-EEF2-4DAE-BB55-96CD3BA6C113} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {87BCD625-301A-4027-B3BD-2294646B7171} - System32\Tasks\{AB457057-B826-5146-D753-BD6554DC2C38} => C:\WINDOWS\system32\regsvr32.exe [2015-10-30] (Microsoft Corporation)
    Task: {92B55924-6614-4FB2-97CF-F508D4F9128E} - System32\Tasks\{85A3FA9B-28D3-4C4C-A3EB-27F693BA2345} => c:\program files (x86)\opera\launcher.exe [2016-03-01] (Opera Software)
    Task: {C583A66C-E2E7-4C98-A5C1-84570AC66EE9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {CD5C90BD-B0FF-4814-8C38-CA45B6859AA0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {DA37BAD9-05A0-4CC8-AE14-266CCD64B42F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {E4D7B8B0-5A6F-47D7-B1E2-7C395BA30E87} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Brak pliku
    ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Brak pliku
    ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => Brak pliku
    ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{268a5903-4785-48b6-bbf3-6b154c1e5de4}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{268a5903-4785-48b6-bbf3-6b154c1e5de4}: [DhcpNameServer] 82.163.143.171




    Tcpip\..\Interfaces\{906a1788-b8c9-485f-9307-4f230367e7f5}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{906a1788-b8c9-485f-9307-4f230367e7f5}: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{e677edf2-80fa-47ae-8290-859cc4f080fb}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{e677edf2-80fa-47ae-8290-859cc4f080fb}: [DhcpNameServer] 82.163.143.171
    Tcpip\..\Interfaces\{fccc2f6e-b692-4c03-a592-02773541c28d}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{fccc2f6e-b692-4c03-a592-02773541c28d}: [DhcpNameServer] 82.163.143.171
    HKU\S-1-5-21-3268305230-3990383548-3428484576-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11467&guid={3449C483-2F42-4DED-BD64-EBC5071DB98C}&i=
    HKU\S-1-5-21-3268305230-3990383548-3428484576-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11467&guid={3449C483-2F42-4DED-BD64-EBC5071DB98C}&i=
    SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
    SearchScopes: HKU\S-1-5-21-3268305230-3990383548-3428484576-1002 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
    SearchScopes: HKU\S-1-5-21-3268305230-3990383548-3428484576-1002 -> {08388BC7-DDDA-4F23-A8E5-3F33FF595794} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11467
    SearchScopes: HKU\S-1-5-21-3268305230-3990383548-3428484576-1002 -> {20B120A6-47F2-44F3-B1D1-137AE801729C} URL = hxxp://search.eshield.com/serp?guid={3449C483-2F42-4DED-BD64-EBC5071DB98C}&action=default_search&k={searchTerms}
    SearchScopes: HKU\S-1-5-21-3268305230-3990383548-3428484576-1002 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1708250
    SearchScopes: HKU\S-1-5-21-3268305230-3990383548-3428484576-1002 -> {F6804B11-6F9A-49E9-BC39-C7FB7F7949AC} URL =
    FF DefaultSearchEngine: eShield Safe Web
    FF SelectedSearchEngine: eShield Safe Web
    FF Homepage: hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11467&guid={3449C483-2F42-4DED-BD64-EBC5071DB98C}&i=
    FF Keyword.URL: hxxp://search.eshield.com/serp?guid={3449C483-2F42-4DED-BD64-EBC5071DB98C}&action=default_search&k=
    FF user.js: detected! => C:\Users\Dylan LaRusso\AppData\Roaming\Mozilla\Firefox\Profiles\cjaco4kb.default\user.js [2016-03-06]
    FF SearchPlugin: C:\Users\Dylan LaRusso\AppData\Roaming\Mozilla\Firefox\Profiles\cjaco4kb.default\searchplugins\eshield-safe-web.xml [2016-01-26]
    CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-06] ()
    2016-03-15 20:14 - 2016-03-15 20:15 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
    2016-03-14 21:46 - 2016-03-14 21:46 - 00000000 ____D C:\ProgramData\65bd53d6-02d3-0
    2016-03-09 19:17 - 2016-03-14 21:46 - 00000000 ____D C:\ProgramData\65bd53d6-6623-0
    2016-03-09 19:17 - 2016-03-14 21:46 - 00000000 ____D C:\ProgramData\65bd53d6-1be5-1
    2016-03-08 19:17 - 2016-03-08 19:17 - 00000000 ____D C:\ProgramData\65bd53d6-55f1-0
    2016-03-08 19:17 - 2016-03-08 19:17 - 00000000 ____D C:\ProgramData\65bd53d6-0b33-1
    2016-03-06 19:17 - 2016-03-06 19:17 - 00000000 ____D C:\ProgramData\65bd53d6-69d3-0
    2016-03-06 19:17 - 2016-03-06 19:17 - 00000000 ____D C:\ProgramData\65bd53d6-3b95-1
    2016-03-06 18:11 - 2016-03-06 18:11 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
    2016-03-06 17:27 - 2016-03-06 17:27 - 00000000 _____ C:\autoexec.bat
    2016-03-06 16:26 - 2016-03-06 16:26 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Dylan LaRusso\Downloads\SpyHunter-Installer.exe
    2016-03-04 19:17 - 2016-03-04 19:17 - 00000000 ____D C:\ProgramData\65bd53d6-7273-0
    2016-03-04 19:17 - 2016-03-04 19:17 - 00000000 ____D C:\ProgramData\65bd53d6-3b13-1
    2016-03-04 19:12 - 2016-03-04 19:13 - 00000000 ____D C:\ProgramData\65bd53d6-3ba1-0
    2016-03-04 19:12 - 2016-03-04 19:12 - 00000000 ____D C:\ProgramData\{0b0558a6-512c-0}
    2016-03-04 19:12 - 2016-03-04 19:12 - 00000000 ____D C:\ProgramData\{008070d2-312c-1}
    2016-02-21 12:45 - 2016-03-06 18:02 - 00000000 ____D C:\ProgramData\65bd53d6-4917-1
    2016-02-21 12:45 - 2016-03-04 19:12 - 00000000 ____D C:\ProgramData\65bd53d6-3da1-0
    2016-02-19 18:45 - 2016-02-19 18:45 - 00000000 ____D C:\ProgramData\65bd53d6-04c7-0
    2016-02-19 18:40 - 2016-03-14 21:46 - 00000000 ____D C:\ProgramData\7d84fe7e
    2016-02-19 18:40 - 2016-02-19 18:40 - 00000000 ____D C:\ProgramData\65bd53d6-47e3-0
    2016-02-19 18:40 - 2016-02-19 18:40 - 00000000 ____D C:\ProgramData\{1a0798d9-212c-1}
    2016-02-19 18:40 - 2016-02-19 18:40 - 00000000 ____D C:\ProgramData\{15735759-012c-0}
    2016-03-03 19:03 - 2014-06-03 17:01 - 00003992 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1397061407
    2016-02-19 18:41 - 2015-12-22 19:07 - 00000000 ____D C:\ProgramData\11dbb1d2-76b7-0
    2016-02-19 18:40 - 2015-12-22 19:07 - 00000000 ____D C:\ProgramData\11dbb1d2-6fa3-1
    C:\Users\Dylan LaRusso\AppData\Local\Temp*.html
    2015-03-02 17:54 - 2015-03-02 17:54 - 0000000 _____ () C:\Users\Dylan LaRusso\AppData\Local\{075CD65F-FE28-4D90-9DE1-EC51C3
    C:\Users\Dylan LaRusso\xobglu16.dll
    C:\Users\Dylan LaRusso\xobglu32.dll
    EmptyTemp:

    0