Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Reklamy DNS Unlocker - logi z FRST

delsebastian 29 Mar 2016 13:57 453 4
  • CControls
  • #2 29 Mar 2016 14:15
    willyvmm
    Poziom 26  

    Nie dalej jak 2 dni temu miałem z tym problem. FRST nie dał rady, Awdcleaner nie dał rady.
    Dopiero Bitdefender i potem poprawka Malwarerebytes rozwiązała problem.

    0
  • CControls
  • Pomocny post
    #3 29 Mar 2016 14:22
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:
    Task: {A27E41CE-B1B0-4781-9EB6-A041AB96F6F5} - System32\Tasks\System Healer Task => C:\PROGRA~2\SYSTEM~2\RESCUE~1.EXE
    Task: {F989E88C-2019-41B9-9A10-7906FF74723E} - System32\Tasks\{ABD7E16C-A5D2-4AF7-906D-58CC3331032A} => pcalua.exe -a C:\Users\Dell\Downloads\A140609_ENU_2K.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    ShortcutWithArgument: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1439...d=WDCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61
    ShortcutWithArgument: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> hxxp://www.istartpageing.com/?type=sc&ts=1451...d=wdcxwd3200bevt-75a23t0_wd-wxe1e11duz61duz61
    ShortcutWithArgument: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mystartsearch.com/?type=sc&ts=1439...d=WDCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61
    HKU\S-1-5-21-2433359948-3305009044-3167852544-1000\...\MountPoints2: {0f04f3c3-63a4-11e0-a884-806e6f6e6963} - E:\Autorun.exe
    HKU\S-1-5-21-2433359948-3305009044-3167852544-1000\...\MountPoints2: {3fad447d-d2dd-11e0-8164-8ca9825fc428} - F:\LaunchU3.exe -a
    HKU\S-1-5-21-2433359948-3305009044-3167852544-1000\...\MountPoints2: {b8a5a0ff-decf-11e0-91cd-782bcbe5be15} - G:\SETUP.EXE
    HKU\S-1-5-21-2433359948-3305009044-3167852544-1000\...\MountPoints2: {f6d02c88-4c1e-11e2-bb48-782bcbe5be15} - F:\setup.exe
    AppInit_DLLs-x32: c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll => Brak pliku
    Tcpip\..\Interfaces\{4693A2A4-92E6-49E1-B7FF-B4C178273824}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{4F5374F1-B32D-4E0C-B475-7611C0C39217}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{55EF4D21-B74B-4E67-87C8-CCE00F69A2FD}: [NameServer] 82.163.142.7 95.211.158.134
    Tcpip\..\Interfaces\{A25E6629-EB39-45B0-962F-7F52EE54B3D2}: [NameServer] 82.163.142.7 95.211.158.134
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910...706&GUID=00000000-0000-0000-0000-000000000000




    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910...710&GUID=00000000-0000-0000-0000-000000000000
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=...DCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=...DCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1439...d=WDCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=...DCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=...DCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61&q={searchTerms}
    HKU\S-1-5-21-2433359948-3305009044-3167852544-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-2433359948-3305009044-3167852544-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    SearchScopes: HKU\S-1-5-21-2433359948-3305009044-3167852544-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112250&babsrc=SP_ss&mntrId=7c4e86d40000000000008ca9825fc429
    SearchScopes: HKU\S-1-5-21-2433359948-3305009044-3167852544-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-2433359948-3305009044-3167852544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
    Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Brak pliku
    Toolbar: HKU\S-1-5-21-2433359948-3305009044-3167852544-1000 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} - Brak pliku
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1439...d=WDCXWD3200BEVT-75A23T0_WD-WXE1E11DUZ61DUZ61
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\g56uc0kr.default\extensions\defsearchp@gmail.com => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\g56uc0kr.default\extensions\deskCutv2@gmail.com => nie znaleziono
    S2 HPSLPSVC; C:\Users\Dell\AppData\Local\Temp\7zS2214\hpslpsvc64.dll [X]
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-29] ()
    S3 cpuz134; \??\C:\Users\Dell\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    2016-03-07 21:05 - 2016-03-07 21:05 - 00000000 ____D C:\ProgramData\35a92d46-23e7-1
    2016-03-07 21:05 - 2016-03-07 21:05 - 00000000 ____D C:\ProgramData\35a92d46-1687-0
    2016-03-07 21:00 - 2016-02-27 15:07 - 00000000 ____D C:\ProgramData\35a92d46-4543-0
    2016-03-07 21:00 - 2016-02-27 15:00 - 00000000 ____D C:\ProgramData\35a92d46-18d3-0
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze C:\Users\Dell\Downloads\
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #4 29 Mar 2016 15:08
    delsebastian
    Poziom 9  

    Działa przez fixlist dla FRST, dziękuję.

    0
  • #5 29 Mar 2016 15:34
    Domino_2
    Pomocny dla użytkowników

    Możesz skasować folder C:\FRST.
    Reklamy DNS Unlocker - logi z FRST

    0