Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

ASUS F5R - błędy RunDLL po uruchomieniu systemu

sylwia9876 23 Gru 2015 00:06 825 3
  • #2 23 Gru 2015 11:37
    Kolobos
    Spec od komputerów

    Zly dzial.

    Odinstaluj:
    AVG PC TuneUp 2015
    Remote Desktop Access (VuuPC)
    Setup

    Uzyj http://www.bleepingcomputer.com/download/adwcleaner/ opcja Szukaj i Usun.

    Obok frst.exe utworz plik fixlist.txt z zawartoscia:
    CustomCLSID: HKU\S-1-5-21-810447069-1464696716-1206607570-1001_Classes\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InprocServer32 -> C:\Users\Sylwia\AppData\Local\Ajdworks\jflgibwx.dll => Brak pliku
    Task: {049E08B0-1BEA-40C5-8BFA-66D7CF5CD5FE} - System32\Tasks\Cigif => C:\PROGRA~1\GROOVE~1\Lursic.bat
    Task: {0C28D397-4333-4804-92F3-688BBAA495B1} - System32\Tasks\{10D74560-DF83-4B03-9E6E-CF49FE42642E} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATK_Hotkey_XP_071206.zip\ATK_Hotkey_V1.00.0018_XP32_Vista32_64\setup.exe
    Task: {0FA45026-56CE-4EB7-89FE-BB2066ABCAC2} - System32\Tasks\{20803E70-2789-4AFE-83E7-2D2DBAABF3C5} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp2_ATK_Hotkey_XP_071206.zip\ATK_Hotkey_V1.00.0018_XP32_Vista32_64\setup.exe
    Task: {17097F8F-261D-47E3-ABE0-8DF4E8FF8EA3} - \LuckyBrowse -> Brak pliku <==== UWAGA
    Task: {1CEC3D98-44C4-439B-9CDF-35D039CDAA46} - System32\Tasks\Builder Diner => Rundll32.exe "C:\Users\Sylwia\AppData\Local\Builder Diner\{5B41CBBB-E755-9877-F52E-6A9759ED94FF}\BuilderDiner.dll",#1 <==== UWAGA
    Task: {323F937C-0F3A-4066-B2BF-75D8FA4CD664} - System32\Tasks\Opera scheduled Autoupdate 1448117514 => C:\Program Files\Opera\launcher.exe [2015-11-17] (Opera Software)
    Task: {363F7ADD-7A5C-4C7B-B03D-0890C1446EB8} - System32\Tasks\task Update => C:\Program Files\Window Update\task Update\task.exe [2015-12-10] ()
    Task: {36D6F870-7617-4FAF-A592-21511545E5EB} - System32\Tasks\{DC22D9E4-ADE6-4E61-8CED-FE4EE05FF752} => pcalua.exe -a "C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATK_Hotkey_WIN7_32_64_z100056 (1).zip\Setup.exe"
    Task: {40DF0AAA-8CED-4D18-AF1F-43CCF5CB0A30} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2015-05-15] (AVG Technologies)
    Task: {4FB469BB-B131-4C32-B5ED-3EB91F0F2E68} - System32\Tasks\{FBFA01F0-8FD4-48EF-94C1-029DB5F18C1F} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_atk_hotkey_vista_070315.zip\setup.exe
    Task: {60C218F3-FDD7-4576-872D-2FF3B0A6D383} - System32\Tasks\Comp Bubble => Rundll32.exe "C:\Users\Sylwia\AppData\Local\Comp Bubble\{5B41CBBB-E755-9877-F52E-6A9759ED94FF}\CompBubble.dll",#1 <==== UWAGA
    Task: {6192F9F6-AFB9-4474-8846-F76EE7B9FC41} - \Price Fountain -> Brak pliku <==== UWAGA
    Task: {7F3BD7C2-8114-4CF9-8885-746674337E73} - \Price Fountain -> Brak pliku <==== UWAGA
    Task: {88578C96-8B6F-458D-8F5F-9B3B13A2C563} - System32\Tasks\{A7C47CBE-5031-4972-A651-B1AC3321D222} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATKHotkey_WIN7_32_z100055.zip\Setup.exe




    Task: {9C6EFB47-CD9A-45E7-BF8B-C6BA4E55E141} - \SmartWeb Upgrade Trigger Task -> Brak pliku <==== UWAGA
    Task: {9E235463-36A4-43EB-AE6E-FD60FECD3E2D} - System32\Tasks\Builder Diner2 => Rundll32.exe "C:\Users\Sylwia\AppData\Local\Builder Diner\{5B41CBBB-E755-9877-F52E-6A9759ED94FF}\irzvmi.dll",#1 <==== UWAGA
    Task: {9F7F5212-107D-4D26-A5E6-60A2B44C6E63} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-19] ()
    Task: {BC693FD2-3EB3-4547-AD89-57EF76F7038F} - \PlantationMismatchV2 -> Brak pliku <==== UWAGA
    Task: {CAFF06D2-02F8-4EC2-9EDB-1738101BCDE4} - System32\Tasks\{E2DA3353-3294-4A2D-BDE9-B5BAA55652E0} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATKDrv_V1043.2.31.100_logo_Vista32.zip\2KSETUP.EXE
    Task: {D2058BB4-803D-4663-8D3B-28FB65246F43} - System32\Tasks\{E5F379D3-1A9C-43F0-AEE7-98FC53DBC576} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATK_Hotkey_Win7_32_64_100053.zip\Setup.exe
    Task: {DF77D6E1-BC04-448E-B3B0-32A566BBFE86} - System32\Tasks\{AA254CD0-5EAC-4B0F-BFC1-F57E53E1E922} => pcalua.exe -a C:\Users\Sylwia\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor
    Task: {F067EBAD-9A6A-4E3D-AFAB-DCF4A4D48AF7} - System32\Tasks\{40B69D73-0627-4F5D-8857-A7E03E1D7BB0} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATKOSD2_WIN7_32_WIN7_64_700004.zip\Setup.exe
    Task: {F52111C8-0FF6-43BA-8F09-79132CADF4D0} - System32\Tasks\{36733406-6231-46F6-A758-A68899AA7437} => pcalua.exe -a C:\Users\Sylwia\AppData\Local\Temp\Temp1_ATK_Hotkey_WIN7_32_64_z100056.zip\Setup.exe
    Task: {FA4D749D-57DF-41B6-802F-7ADF7AC8CE7D} - System32\Tasks\Comp Bubble2 => Rundll32.exe "C:\Users\Sylwia\AppData\Local\Comp Bubble\{5B41CBBB-E755-9877-F52E-6A9759ED94FF}\qbtrarz.dll",#1 <==== UWAGA
    Task: {FC71D224-68AA-4466-BAE9-E549743F8235} - \PlantationMismatchV2 -> Brak pliku <==== UWAGA
    Task: C:\Windows\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core.job => C:\Program Files\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== UWAGA
    () C:\Program Files\Bioplus\bioplus.exe
    () C:\Users\Sylwia\AppData\Local\Temp\HXC9Cx\runner.exe
    () C:\Users\Sylwia\AppData\Roaming\NetService\netservice.exe
    () C:\Users\Sylwia\AppData\Local\Silcan.exe
    () C:\Users\Sylwia\AppData\Local\Tinfax.exe
    (AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    () C:\Users\Sylwia\AppData\Local\ospd_us_013010184\upospd_us_013010184.exe
    (Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
    () C:\Program Files\Bioplus\packages\eaea6024-eea8-4613-ad8d-b02fd9d9e71a\biol.exe
    () C:\Users\Sylwia\AppData\Roaming\WinNetSvc\WinNetSvc.exe
    HKLM\...\RunOnce: [upospd_us_013010184.exe] => C:\Users\Sylwia\AppData\Local\ospd_us_013010184\upospd_us_013010184.exe [3321008 2015-12-22] ()
    Winlogon\Notify\ScCertProp: wlnotify.dll [X]
    HKU\S-1-5-21-810447069-1464696716-1206607570-1001\...\Run: [UPmedia] => C:\Windows\System32\regsvr32.exe C:\Users\Sylwia\AppData\Local\Ajdworks\jflgibwx.dll
    HKU\S-1-5-21-810447069-1464696716-1206607570-1001\...\MountPoints2: F - F:\setup.exe
    HKU\S-1-5-21-810447069-1464696716-1206607570-1001\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\Sylwia\AppData\Local\Ajdworks\jflgibwx.dll UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-810447069-1464696716-1206607570-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://houmpage.com/?src=hp&ssid=14508177...amp;uuid=3a676129-858e-462d-ad71-1e1e995e529f
    CHR HKU\S-1-5-21-810447069-1464696716-1206607570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
    R2 Bioplus; C:\Program Files\Bioplus\bioplus.exe [379392 2015-12-20] () [Brak podpisu cyfrowego] <==== UWAGA
    R2 FinwarmSvc; C:\Users\Sylwia\AppData\Local\Temp\HXC9Cx\runner.exe [45568 2015-12-22] () [Brak podpisu cyfrowego]
    R2 NETTCPHANDLER; C:\Users\Sylwia\AppData\Roaming\NetService\netservice.exe [173088 2015-07-09] ()
    R2 nqeproductcomwedatey; C:\Users\Sylwia\AppData\Local\Silcan.exe [82944 2015-12-22] () [Brak podpisu cyfrowego]
    R2 pyodqctuodateao; C:\Users\Sylwia\AppData\Local\Tinfax.exe [82944 2015-12-22] () [Brak podpisu cyfrowego]
    S2 server; C:\Program Files\Window Update\server Update\server.exe [289496 2015-12-10] ()
    R2 WinNetSvc; C:\Users\Sylwia\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] ()
    2015-12-22 23:56 - 2015-12-22 23:56 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\WinNetSvc
    2015-12-22 23:56 - 2015-12-22 23:56 - 00000000 _____ C:\END
    2015-12-22 23:13 - 2015-12-22 23:13 - 00082944 _____ C:\Users\Sylwia\AppData\Local\Silcan.exe
    2015-12-22 23:13 - 2015-12-22 23:13 - 00000464 _____ C:\Windows\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core.job
    2015-12-22 23:13 - 2015-12-22 23:13 - 00000187 _____ C:\Users\Sylwia\AppData\Local\Silcan.exe.config
    2015-12-22 23:06 - 2015-12-22 23:06 - 00000000 ____D C:\Program Files\DC8128E8-1450821966-EA35-2B00-001BFCDC3D9E
    2015-12-22 23:05 - 2015-12-22 23:16 - 00000000 ____D C:\Program Files\baidu
    2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\NetService
    2015-12-22 23:03 - 2015-12-22 23:46 - 00000000 ____D C:\Users\Sylwia\AppData\Local\ospd_us_013010184
    2015-12-22 23:03 - 2015-12-22 23:24 - 00000000 ____D C:\Program Files\Bioplus
    2015-12-22 23:03 - 2015-12-22 23:03 - 00082944 _____ C:\Users\Sylwia\AppData\Local\Tinfax.exe
    2015-12-22 23:03 - 2015-12-22 23:03 - 00000187 _____ C:\Users\Sylwia\AppData\Local\Tinfax.exe.config
    2015-12-22 23:03 - 2015-12-22 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONESOFTPERDAY
    2015-12-22 23:03 - 2015-12-22 23:03 - 00000000 ____D C:\Program Files\ospd_us_013010184
    2015-12-22 23:03 - 2015-12-22 23:03 - 00000000 ____D C:\Program Files\DC8128E8-1450821796-EA35-2B00-001BFCDC3D9E
    2015-12-22 23:02 - 2015-12-22 23:02 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\VOPackage
    2015-12-22 23:02 - 2015-12-22 23:02 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
    2015-12-22 23:02 - 2015-12-22 23:02 - 00000000 ____D C:\Program Files\DC8128E8-1450821777-EA35-2B00-001BFCDC3D9E
    2015-12-22 23:00 - 2015-12-22 23:00 - 00061776 _____ C:\Windows\ntbtlog.txt
    2015-12-22 22:56 - 2015-12-22 22:56 - 00000000 ____D C:\Program Files\SFK
    2015-12-22 22:55 - 2015-12-22 23:03 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\mysites123
    2015-12-22 22:55 - 2015-12-22 22:56 - 00000000 ____D C:\ProgramData\Tmp0x0x
    2015-12-22 22:27 - 2015-12-22 22:27 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
    2015-12-22 22:24 - 2015-12-22 22:26 - 39651632 _____ (IObit ) C:\Users\Sylwia\Downloads\advanced-systemcare-setup-v9.exe
    2015-12-22 22:24 - 2015-12-22 22:25 - 39651632 _____ (IObit ) C:\Users\Sylwia\Downloads\advanced-systemcare-setup-v9 (1).exe
    2015-12-22 21:01 - 2015-12-22 21:01 - 00260876 _____ (VuuPC Limited) C:\Users\Sylwia\AppData\Local\nsm3F9B.tmp
    2015-12-22 21:01 - 2015-12-22 21:01 - 00260876 _____ (VuuPC Limited) C:\Users\Sylwia\AppData\Local\nsk2E07.tmp
    2015-12-22 20:57 - 2015-12-22 21:08 - 00000000 ____D C:\Program Files\yessearches-bnd
    2015-12-22 20:57 - 2015-12-22 20:57 - 00000000 ____D C:\Program Files\Window Update
    2015-12-22 20:11 - 2015-12-22 20:11 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\WarThunder
    2015-12-22 20:06 - 2015-12-22 20:08 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\systweak
    2015-12-22 20:05 - 2015-12-22 20:06 - 00000000 ____D C:\Users\Sylwia\AppData\Local\Tempfolder
    2015-12-22 20:05 - 2015-12-22 20:05 - 00000000 ____D C:\Windows\system32\ura
    2015-12-22 20:05 - 2015-12-22 20:05 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\EzuhejNifveb
    2015-12-22 20:04 - 2015-12-22 20:21 - 00000000 ____D C:\Users\Sylwia\AppData\LocalLow\Company
    2015-12-22 20:04 - 2015-12-22 20:04 - 00000000 _____ C:\Windows\system32\Number of results
    2015-12-22 20:01 - 2015-12-22 23:55 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\RunDir
    2015-12-22 20:01 - 2015-12-22 20:15 - 00000000 ____D C:\Users\Sylwia\AppData\Local\SmartWeb
    2015-12-14 09:25 - 2015-12-14 20:14 - 00000000 ____D C:\Program Files\WinZipper
    2015-12-14 09:25 - 2015-12-14 09:25 - 00000000 ____D C:\Users\Sylwia\AppData\Roaming\WinZipper
    2015-11-23 06:22 - 2015-12-13 10:27 - 0000090 _____ () C:\Users\Sylwia\AppData\Roaming\WB.CFG
    2015-12-22 21:01 - 2015-12-22 21:01 - 0260876 _____ (VuuPC Limited) C:\Users\Sylwia\AppData\Local\nsk2E07.tmp
    2015-12-22 21:01 - 2015-12-22 21:01 - 0260876 _____ (VuuPC Limited) C:\Users\Sylwia\AppData\Local\nsm3F9B.tmp
    2015-12-22 23:13 - 2015-12-22 23:13 - 0082944 _____ () C:\Users\Sylwia\AppData\Local\Silcan.exe
    2015-12-22 23:13 - 2015-12-22 23:13 - 0000187 _____ () C:\Users\Sylwia\AppData\Local\Silcan.exe.config
    2015-12-22 23:03 - 2015-12-22 23:03 - 0082944 _____ () C:\Users\Sylwia\AppData\Local\Tinfax.exe
    2015-12-22 23:03 - 2015-12-22 23:03 - 0000187 _____ () C:\Users\Sylwia\AppData\Local\Tinfax.exe.config
    C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
    Hosts:
    EmptyTemp:

    W FRST wybierz Napraw.

    Zrob pelny skan przy pomocy mbam i usun wszystko co znajdzie.

    Po wykonaniu zamiesc nowe logi z FRST, ze skanowania.

    0
  • #4 24 Gru 2015 08:31
    Kolobos
    Spec od komputerów

    W ktorej przegladarce?

    Nowy Fixlist.txt dla FRST:
    CHR HKU\S-1-5-21-810447069-1464696716-1206607570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
    S2 Bamcof; C:\ProgramData\\Bamcof\\Bamcof.exe -f "C:\ProgramData\\Bamcof\\Bamcof.dat" -l -a
    2015-12-23 19:59 - 2015-12-23 20:11 - 00000000 ____D C:\AdwCleaner

    0