Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

błąd z Windows 7 na Windows 10 - RunDLL

lukadzu7 25 Sie 2015 13:38 612 1
  • CControls
  • #2 25 Sie 2015 15:01
    Kolobos
    Spec od komputerów

    Na przyszlosc nie uzywaj zainfekowanych aktywatorow do windows.

    Odinstaluj:
    bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== UWAGA
    CutaThePrice (HKLM-x32\...\{1DE30A2D-4C8C-2B78-AB3B-88A2944D7CA1}) (Version: - )
    CutThePrice (HKLM-x32\...\{A2C98B47-B5F4-94AA-281D-4135416774CF}) (Version: - )
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    Task: {01BB068F-C345-454D-B817-45021681EDEB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
    Task: {044418BE-CDD7-4327-9F8B-A9A1CC19E5F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
    Task: {2D8A4939-F4C2-46D2-B88B-A89D0CA54E17} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: {436B3AB0-D242-4612-B965-2C816BEDDFB1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
    Task: {459B3EE7-43AE-43C7-871C-FB0D4E36BC83} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
    Task: {5342AD59-64B7-460F-9019-830A30B4E58E} - \RDReminder -> Brak pliku <==== UWAGA
    Task: {5A387D7D-272B-4DDC-9480-F2A6C043507D} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== UWAGA
    Task: {BE8FF6D6-AFDC-4F52-BED5-4F470BE9E468} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
    Task: {C8A6AC92-C53C-48C6-B5CF-625AE3C4F7E4} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== UWAGA
    Task: {D41C100B-8106-48C2-BC33-F81F96ADD496} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
    Task: {DB52524A-CE26-40CE-904D-185833B4EF5A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
    Task: {E6F62821-3EB0-46F6-A101-0F37304CC21E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
    Task: {EBAE2978-D008-49EA-89E1-D04FC5B86418} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
    Task: {F037FA9A-5BD2-43E4-B1FD-283ACF29C7E9} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== UWAGA
    Task: {F70C3DE9-71E9-4D19-AB02-CF07FEDFD893} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA
    Task: {F805AC4E-018B-44D3-BDAF-9EB37AFD787D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
    HKLM-x32\...\Run: [] => [X]
    CHR HKLM\SOFTWARE\Policies\Google: Zasada ograniczeń <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&...XHTS545050A7E680_RBF50AM51EL7VP1EL7VPX&q={searchTerms}




    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&...XHTS545050A7E680_RBF50AM51EL7VP1EL7VPX&q={searchTerms}
    HKU\S-1-5-21-297314800-2497014605-2162592214-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...cuU4GOm_ncv92BeE_MZ1XbIFMMJCH7tgjWJQ,,&q={searchTerms}
    HKU\S-1-5-21-297314800-2497014605-2162592214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-297314800-2497014605-2162592214-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...cuU4GOm_ncv92BeE_MZ1XbIFMMJCH7tgjWJQ,,&q={searchTerms}
    HKU\S-1-5-21-297314800-2497014605-2162592214-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...cuU4GOm_ncv92BeE_MZ1XbIFMMJCH7tgjWJQ,,&q={searchTerms}
    SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...cuU4GOm_ncv92BeE_MZ1XbIFMMJCH7tgjWJQ,,&q={searchTerms}
    SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.hotsearches.info/?l=1&q={searchTerms}&pid=24449&r=2015/07/14&hid=1236373041517437635&lg=EN&cc=PL&unqvl=90
    SearchScopes: HKU\S-1-5-21-297314800-2497014605-2162592214-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.hotsearches.info/?l=1&q={searchTerms}&pid=24449&r=2015/07/14&hid=1236373041517437635&lg=EN&cc=PL&unqvl=90
    SearchScopes: HKU\S-1-5-21-297314800-2497014605-2162592214-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...cuU4GOm_ncv92BeE_MZ1XbIFMMJCH7tgjWJQ,,&q={searchTerms}
    BHO: bestadblocker -> {0D0BE9D7-E65C-42C4-91C6-5ACC467B0D83} -> C:\Program Files (x86)\bestadblocker\i6K1YH7mwrk41R.x64.dll Brak pliku
    BHO: CutThePrice -> {3D11F9C9-459D-47EA-861E-680CD203D4C1} -> C:\Program Files (x86)\CutThePrice\ihIe5JluRZqTj0.x64.dll [2015-07-14] ()
    S2 Application Hosting; C:\ProgramData\Application Hosting\Application Hosting.exe [70656 2015-08-12] () [Brak podpisu cyfrowego]
    2015-08-24 17:36 - 2015-08-24 18:37 - 00000000 ____D C:\AdwCleaner
    2015-08-24 15:57 - 2015-08-25 10:25 - 00003888 _____ C:\WINDOWS\System32\Tasks\SMupdate1
    2015-08-24 15:57 - 2015-08-24 16:00 - 00000000 ____D C:\Users\Komput\AppData\Local\BrowserHelper
    2015-08-24 15:49 - 2015-08-24 15:49 - 00000000 ____D C:\Users\Komput\AppData\Local\GWX
    2015-08-24 15:38 - 2015-08-24 15:38 - 00000000 ____D C:\Users\Komput\AppData\Local\CrashRpt
    2015-08-24 15:38 - 2015-08-24 15:38 - 00000000 ____D C:\Program Files (x86)\mbot_pl_014010070
    2015-08-24 15:36 - 2015-08-24 15:36 - 00002385 _____ C:\WINDOWS\SysWOW64\findit.xml
    2015-08-24 15:36 - 2015-08-24 15:36 - 00000000 ____D C:\ProgramData\Sublights
    2015-08-24 15:35 - 2015-08-24 15:35 - 00000000 ____D C:\ProgramData\Application Hosting
    2015-07-06 10:05 - 2015-07-06 10:05 - 0000000 ____H () C:\Users\Komput\AppData\Local\BITC5F.tmp
    EmptyTemp:

    W FRST wybierz Fix.

    2