Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS Unlocker jak usunąć? Pliki z logami załączone.

bargru21 26 Cze 2016 11:54 501 2
  • Pomocny post
    #2 26 Cze 2016 11:58
    Kolobos
    Spec od komputerów

    Fixlist.txt dla FRST:
    Task: {61777A26-CD09-4071-8FC0-A71D8415B093} - System32\Tasks\{4ACBA987-7D21-4B94-B456-FBD2707EA110} => pcalua.exe -a D:\AutoStart.exe -d D:\
    Task: {75521086-9340-4B72-9698-0463798E07B3} - System32\Tasks\{3F3B3FED-B439-434C-ABE2-D7724ECAF160} => C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\CorelDRW.exe [2006-11-04] (Corel Corporation)
    Task: {A51235EB-16E2-428D-B1D6-FD141C5965DD} - System32\Tasks\{F8C9C5E3-AD81-D185-C2E3-39524C5BBB77} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\3da76f2a\5947b11b.dll" <==== UWAGA
    Task: {CA285D03-63EB-4BF0-B2A6-CE16A876C0E2} - System32\Tasks\{4BA43B48-49DB-44D7-8872-B0E33F1D4F4E} => pcalua.exe -a C:\Windows\Installer\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}\NewShortcut1.exe -d C:\Users\Bartek\Downloads -c "C:\Users\Bartek\Downloads\wrap.jpg"
    ShortcutWithArgument: C:\Users\Bartek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Users\Bartek\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/...k_id=e76e033a1eb59bddc55cb1cbd20bbbec239c6ff8
    Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{09EDFF24-363F-4799-9736-6596D0C5FC4F}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{09EDFF24-363F-4799-9736-6596D0C5FC4F}: [DhcpNameServer] 82.163.143.171
    Tcpip\..\Interfaces\{0E81D73E-DB88-4429-9988-3CC48934FA34}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{0E81D73E-DB88-4429-9988-3CC48934FA34}: [DhcpNameServer] 82.163.143.171
    Tcpip\..\Interfaces\{43DD7291-55C4-45C1-AA3D-CD9861B1C9A5}: [NameServer] 82.163.143.171 82.163.142.173
    Tcpip\..\Interfaces\{43DD7291-55C4-45C1-AA3D-CD9861B1C9A5}: [DhcpNameServer] 82.163.143.171
    Tcpip\..\Interfaces\{D486FD75-DED7-4927-AD60-F179B9A5EC5F}: [NameServer] 82.163.143.171 82.163.142.173
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKU\S-1-5-21-3219835231-3024729636-3396668602-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]
    2016-06-26 08:35 - 2016-06-26 08:35 - 00000000 ____D C:\ProgramData\5239e3c2-3fc5-1
    2016-06-26 08:35 - 2016-06-26 08:35 - 00000000 ____D C:\ProgramData\5239e3c2-0023-0
    2016-06-20 21:31 - 2016-06-25 21:22 - 00000000 ____D C:\ProgramData\5239e3c2-08e5-0
    2016-06-20 21:25 - 2016-06-25 21:22 - 00000000 ____D C:\ProgramData\5239e3c2-3f43-0
    2016-06-20 21:25 - 2016-06-20 21:26 - 00003730 _____ C:\Windows\System32\Tasks\{F8C9C5E3-AD81-D185-C2E3-39524C5BBB77}
    2016-06-20 21:25 - 2016-06-20 21:25 - 00000000 ____D C:\ProgramData\{1729048b-312c-0}
    2016-06-20 21:25 - 2016-06-20 21:25 - 00000000 ____D C:\ProgramData\{1010a507-512c-0}
    2016-06-20 21:25 - 2016-06-20 21:25 - 00000000 ____D C:\ProgramData\{05dfe23a-512c-1}
    2016-06-20 21:25 - 2016-06-20 21:25 - 00000000 ____D C:\ProgramData\{0136a1aa-712c-1}
    2016-06-20 21:26 - 2016-04-13 13:06 - 00000000 ____D C:\ProgramData\3da76f2a
    2016-06-20 21:26 - 2016-04-13 13:04 - 00000000 ____D C:\ProgramData\{1dd3dd58-012c-0}
    2016-06-20 21:26 - 2016-04-13 13:04 - 00000000 ____D C:\ProgramData\{05b55ccd-612c-1}
    2016-03-23 13:26 - 2016-03-23 13:26 - 1026152 _____ (Nifalise ) C:\Program Files\Adobe-Reader-XI-21590-dp.exe
    EmptyTemp:

    Po wykonaniu usun katalog C:\FRST i to wszystko.

    0
  • #3 26 Cze 2016 23:56
    bargru21
    Poziom 3  

    Problem naprawiony, reklamy już się nie pojawiają.

    Jeszcze raz dziękuję!

    0