Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

DNS UNLOCKER jak usunąć (następny temat)

Agnieszkamy 27 Lip 2016 15:59 504 2
  • Pomocny post
    #2 27 Lip 2016 19:06
    Kolobos
    Spec od komputerów

    Wykonaj Fixlist.txt dla FRST:
    Task: {17D366A2-CFBA-4B5A-965D-F68DF836F453} - System32\Tasks\{087D7A47-0D04-7D0C-0B11-0D0C040A110A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand
    Task: {9585AC1B-1BA4-4D9E-9EB7-EF7766759A58} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
    Task: {F4A2A787-D7C4-4577-8DCF-AEBC78DE36A6} - System32\Tasks\Superclean => c:\programdata\{99d9d365-4f14-a694-99d9-9d3654f14d95}\hqghumeaylnlf.exe <==== UWAGA
    Task: C:\Windows\Tasks\Superclean.job => c:\programdata\{99d9d365-4f14-a694-99d9-9d3654f14d95}\hqghumeaylnlf.exe <==== UWAGA
    () C:\Program Files\Steady Pack\Steady Pack.exe
    HKU\S-1-5-21-2988388552-3253531442-2209542596-1000\...\MountPoints2: G - G:\autorun.exe
    HKU\S-1-5-21-2988388552-3253531442-2209542596-1000\...\MountPoints2: {07d73fbf-d190-11e4-973b-002219e8ec8b} - F:\LG_PC_Programs.exe
    HKU\S-1-5-21-2988388552-3253531442-2209542596-1000\...\MountPoints2: {18017ccf-2a18-11e5-9659-002219e8ec8b} - F:\DTLplus_Launcher.exe
    HKU\S-1-5-21-2988388552-3253531442-2209542596-1000\...\MountPoints2: {294d3e31-469a-11e2-bf59-002219e8ec8b} - G:\autorun.exe
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-24] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-2988388552-3253531442-2209542596-1000\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    Tcpip\Parameters: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{3244DC4F-59F4-4BEF-B4E2-2BE77B6FA3FD}: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{9285612C-1133-482B-A583-B5CC54B14A60}: [NameServer] 82.163.142.3 95.211.158.130
    Tcpip\..\Interfaces\{BA9AD41C-F62D-4040-8226-645DE0236FF6}: [NameServer] 82.163.142.3 95.211.158.130
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
    HKU\S-1-5-21-2988388552-3253531442-2209542596-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: delta-homes
    FF Extension: Website Blocker - C:\Users\Tomasz\AppData\Roaming\Mozilla\Firefox\Profiles\zpha2ps8.default\extensions\websiteblocker@lipocodes.xpi [2016-07-11]
    FF HKLM\...\Firefox\Extensions: [{94285e43-a27b-4f51-b280-ff763ae7cd81}] - C:\Users\Tomasz\AppData\Roaming\Mozilla\Firefox\{94285e43-a27b-4f51-b280-ff763ae7cd81}.xpi => nie znaleziono




    CHR StartupUrls: Profile 2 -> "hxxp://search.gboxapp.com/"
    CHR Extension: (Dysk Google) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-08] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (YouTube) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Google Search) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== UWAGA
    CHR Extension: (Gmail) - C:\Users\Tomasz\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-08] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== UWAGA
    CHR Extension: (QQueeineCCoupon) - C:\ProgramData\adlfcodlhhggbbocalocflaapikjaplg\ []
    R2 Steady Pack; C:\Program Files\Steady Pack\Steady Pack.exe [8016403 2015-07-11] () [Brak podpisu cyfrowego] <==== UWAGA
    C:\Program Files\Steady Pack\
    2016-07-27 15:41 - 2015-08-29 15:41 - 00000342 _____ C:\Windows\Tasks\Superclean.job
    2015-05-20 19:06 - 2015-08-11 21:04 - 0000079 _____ () C:\Program Files\prefs.js
    EmptyTemp:

    W FRST wybierz napraw.

    Po wykonaniu usun katalog C:\FRST.

    0
  • #3 30 Lip 2016 15:35
    Agnieszkamy
    Poziom 2  

    Dzięki, zadziałało.
    Temat do zamknięcia.

    0