Elektroda.pl
Elektroda.pl
X

Search our partners

Find the latest content on electronic components. Datasheets.com
Elektroda.pl
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

RunDLL - komunikat o bledzie

zolwik1397 04 Oct 2014 19:47 2283 5
  • [28-30.06.2022, targi] PowerUP EXPO 2022 - zasilanie w elektronice. Zarejestruj się za darmo
  • Helpful post
    #4
    Kolobos
    IT specialist
    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {54C81E8B-B797-4C9D-BDF4-1BB1FEF45466} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
    Task: {79118A53-C784-4712-9D3D-B888F904DBA4} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
    HKU\S-1-5-21-1431847280-367056189-821936272-1001\Software\Classes\.exe: exefile => <===== ATTENTION!
    HKU\S-1-5-21-1431847280-367056189-821936272-1001\Software\Classes\exefile: <===== ATTENTION!
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&ts=1411...7038A1347038&i=psd&t=34978c211&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1411...7038A1347038&i=psd&t=34978c211&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&ts=1411...7038A1347038&i=psd&t=34978c211&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1411...7038A1347038&i=psd&t=34978c211&q={searchTerms}
    SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://astromenda.com/results.php?f=4&q={searchTerms}
    SearchScopes: HKLM - {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}
    SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://astromenda.com/results.php?f=4&q={searchTerms}
    SearchScopes: HKCU - {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}
    SearchScopes: HKCU - {FBCD7E89-1B06-47A6-B9B5-001A6844C209} URL = http://astromenda.com/results.php?f=4&q={searchTerms}
    BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
    BHO-x32: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
    CHR HKCU\...\Chrome\Extension: [iahagolkpaghhinaljhjihagjgomdokb] - C:\Users\zolwikq\AppData\Local\Alexa\atbpg-w2DORF-1.2.crx [2013-03-12]
    CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2013-03-12]
    CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\zolwikq\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-09-26]
    R2 GlobalUpdater; C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152 2014-09-26] (SIEN S.A.)
    S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
    S3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
    2014-10-04 12:21 - 2014-10-04 12:21 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\zolwikq\Downloads\SpyHunter-Installer.exe
    2014-10-04 12:21 - 2014-10-04 12:21 - 00707664 _____ (iS3, Inc.) C:\Users\zolwikq\Downloads\SZSetup_AID10121_AV (1).exe
    2014-09-09 12:58 - 2014-09-10 09:42 - 00000000 ____D () C:\Users\zolwikq\AppData\Roaming\Software Informer
    2014-09-09 12:58 - 2014-09-09 12:58 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
    EmptyTemp:

    W FRST wybierz Fix.

    Usun katalog C:\FRST i to wszystko.
  • #6
    Kolobos
    IT specialist
    Nie podczepiaj sie pod inne watki!

    Odinstaluj:
    BlockAndSurf (HKLM-x32\...\3B58DF9C-98B4-7D63-2052-5CE87BE3CCC5) (Version: - BlockAndSurf-software) <==== ATTENTION
    ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
    Ge-Force (HKLM-x32\...\Ge-Force) (Version: 1.35.9.29 - iWebar) <==== ATTENTION
    MyBestOffersToday 008.95 (HKLM-x32\...\mbot_pl_95_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION
    PriceFountain (remove only) (HKU\S-1-5-21-1771183612-3100856877-1797468011-1001\...\PriceFountain) (Version: 1.0.6.8 - Price Fountain)
    RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
    SavePass 1.1 (HKLM-x32\...\SavePass 1.1) (Version: 1.35.9.29 - OB) <==== ATTENTION
    Sense (HKLM-x32\...\Sense) (Version: 1.35.9.29 - Object Browser) <==== ATTENTION
    Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - ) <==== ATTENTION
    snipsmart (HKLM\...\snipsmart) (Version: 2014.11.08.142136 - snipsmart)
    Term Tutor (HKLM-x32\...\TermTutor) (Version: 1.9.0.8 - Term Tutor) <==== ATTENTION
    Update for PriceFountain (HKU\S-1-5-21-1771183612-3100856877-1797468011-1001\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATTENTION
    WindowsMangerProtect20.0.0.1064 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1064 - WindowsProtect LIMITED) <==== ATTENTION

    Uzyj AdwCleaner, opcja Scan i Clean/Szukaj i Usun:
    http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

    Zrob pelny skan przy pomocy Mbam:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Po wykonaniu daj nowe logi z FRST, ze skanowania.