Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Bład RUNDLL na pendrive, pliko OTL i ECTRAS do analizy

Erev 21 Cze 2015 12:23 588 3
  • #1 21 Cze 2015 12:23
    Erev
    Poziom 2  

    Mam problem z uruchomieniem pendrive. Podczas podlączenia pena do PC wyskakuje folder z pendrive, klikam go i wyskakuje błąd DLL.

    Zrobiłem logi. Pliki OTL i EXTRAS w załączniku. :)

    Co robić Pany? Dzięki wielkie za pomoc!

    0 3
  • CControls
  • CControls
  • Pomocny post
    #4 21 Cze 2015 14:14
    Acorus 20
    Spec od komputerów

    Odinstaluj ASUS WebStorage Sync Agent, AVG Security Toolbar, Delta Chrome Toolbar, Delta toolbar, Skype Packages. Otwórz notatnik systemowy i wklej:

    Cytat:
    CloseProcesses:
    Task: {7D6C9BDE-08C1-4873-957D-28F5FDD4D928} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3617607761-2901432426-2915282113-1002Core => C:\Users\Kinga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-10] (Facebook Inc.)
    Task: {C7D34F78-DA7D-4D6D-A78B-2DF49B4AF864} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3617607761-2901432426-2915282113-1002UA => C:\Users\Kinga\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-10] (Facebook Inc.)
    Task: {D628D8AA-44B0-4043-87E3-0C021F58050F} - System32\Tasks\EPUpdater => C:\Users\Kinga\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3617607761-2901432426-2915282113-1002Core.job => C:\Users\Kinga\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3617607761-2901432426-2915282113-1002UA.job => C:\Users\Kinga\AppData\Local\Facebook\Update\FacebookUpdate.exe
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-23] (Realtek Semiconductor)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\RunOnce: [] => [X]
    HKU\S-1-5-21-3617607761-2901432426-2915282113-1002\...\Run: [Facebook Update] => C:\Users\Kinga\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-10] (Facebook Inc.)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File




    SearchScopes: HKU\S-1-5-21-3617607761-2901432426-2915282113-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3617607761-2901432426-2915282113-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6A1968172913F5A7&affID=119357&tsp=5008
    SearchScopes: HKU\S-1-5-21-3617607761-2901432426-2915282113-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={3ABBCD9D-B345-4BDF-9AEC-BCFA3CE1F466}&mid=9c7c7cdb0f9947d39dcdb95e6ff71c59-a69222f8250f64870fe296b2428f79bbe1675734&lang=pl&ds=AVG&pr=fr&d=2013-09-09 22:00:57&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
    BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-13] (AVG Secure Search)
    BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll [2013-08-15] (Delta-search.com)
    Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-13] (AVG Secure Search)
    Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-13] (AVG Secure Search)
    Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll [2013-08-15] (Delta-search.com)
    CHR Extension: (Delta Toolbar) - C:\Users\Kinga\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-09-17]
    CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Kinga\AppData\Roaming\BabSolution\CR\Delta.crx [2013-09-17]
    S2 vToolbarUpdater18.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-13] (AVG Secure Search)
    C:\ProgramData\SetStretch.exe
    C:\ProgramData\SetStretch.VBS
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix. Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    1