Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Windows XP - RUNDLL - Wystąpił błąd podczas ładowania...

Krystiannnn 18 Mar 2016 19:02 927 10
  • #4 19 Mar 2016 13:51
    krzychupar
    Poziom 40  

    Odinstaluj:
    PC Tools Spyware Doctor with AntiVirus
    Network System Driver
    PC Data App
    Update Manager for SweetPacks 1.1

    Otwórz notatnik systemowy i wklej:
    Task: C:\WINDOWS\Tasks\4773e52f-abbc-4348-8baa-390bcd11faa5-1.job => C:\Program Files\Total-1.8\Total-1.8-codedownloader.exeɎ/iNlXQ /IZSOsP=task /QKznSGga='Total-1.8' /bVBjfdNQ=53360 /kQSbsKe='001301' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404473649 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /XwkgZpB=hxxp:/js.demogensrv.com /mAHikT=ff /pjbTgehYw='Total-1.8' /eJPVqQJEd=hxxp:/js.clientdemocloud.com /ZmxvjFWYH /nzJPxyFiY='{asw:[2, 8388676, 0]}' /LgXrNxBX='hxxp:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\WINDOWS\Tasks\4773e52f-abbc-4348-8baa-390bcd11faa5-11.job => C:\Program Files\Total-1.8\4773e52f-abbc-4348-8baa-390bcd11faa5-11.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\4773e52f-abbc-4348-8baa-390bcd11faa5-3.job => C:\Program Files\Total-1.8\4773e52f-abbc-4348-8baa-390bcd11faa5-3.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\4773e52f-abbc-4348-8baa-390bcd11faa5-4.job => C:\Program Files\Total-1.8\4773e52f-abbc-4348-8baa-390bcd11faa5-4.exeϻ/lhmWTQtHR /QKznSGga='Total-1.8' /GCypiblgD C:\Program Files\Total-1.8\53360.xpi' /bVBjfdNQ=53360 /kQSbsKe='001301' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404473649 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /UOEXBoMoc=300 /Ogmvo=9ee595b4-f5ec-4afb-bea5-3c873daf5e4a@9725de39-97db-467b-bf84-04c276190009.com /XhHWnQGUk=0.94 /WifGDThA=a9ee595b4f5ec4afbbea53c873daf5e4a9725de3997db467bbf8404c276190009com53360 /RqQkQc=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/53360.rdf /kpdUhhFgO='Total-1.8' /eyzOJ='HD-Total is an add-on for your Internet browser that enhances your online experience by displaying online videos in their highest quality format available.' /YZyHu='HQ-VPro' /mAHikT=ff /nzJPxyFiY='{asw:[2, 8388676, 0]}' /ZmxvjFWYH /lQpUGoTHm /RUyzNYJ /LgXrNxBX='hxxp:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\WINDOWS\Tasks\4773e52f-abbc-4348-8baa-390bcd11faa5-5.job => C:\Program Files\Total-1.8\4773e52f-abbc-4348-8baa-390bcd11faa5-5.exeȋ/DplMAPRMI /QKznSGga='Total-1.8' /bVBjfdNQ=53360 /kQSbsKe='001301' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /PymIVkWe=1404473649 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /ZkhxjVpda=hxxp:/ipgeoapi.com/ /wGlHrCD=hxxp:/update.demogensrv.com /kbOtJ=2 /COnYWTE=hxxp:/logs.demogensrv.com /LgXrNxBX='hxxp:/update.demogensrv.com/updater_agent_updates/{CAMP_ID}/update.jso <==== UWAGA




    Task: C:\WINDOWS\Tasks\Browser Updater.job => C:\WINDOWS\system32\rundll32.exeBC:\Program Files\Browser Updater\TBUpdater.dll <==== UWAGA
    Task: C:\WINDOWS\Tasks\d864d1e6-1cf4-4692-b365-338635fd5302-1.job => C:\Program Files\Torntv V9.0\Torntv V9.0-codedownloader.exeɎ/iNlXQ /IZSOsP=task /QKznSGga='Torntv V9.0' /bVBjfdNQ=51390 /kQSbsKe='001602' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404473457 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /XwkgZpB=hxxp:/cr.install-daddy.com /mAHikT=ff /pjbTgehYw='Torntv V9.0' /eJPVqQJEd=hxxp:/cr.install-daddy.com /ZmxvjFWYH /nzJPxyFiY='{asw:[2, 68, 0]}' /LgXrNxBX='hxxp:/update.demogensrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\WINDOWS\Tasks\d864d1e6-1cf4-4692-b365-338635fd5302-11.job => C:\Program Files\Torntv V9.0\d864d1e6-1cf4-4692-b365-338635fd5302-11.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\d864d1e6-1cf4-4692-b365-338635fd5302-2.job => C:\Program Files\Torntv V9.0\d864d1e6-1cf4-4692-b365-338635fd5302-2.exeǞ/RSGlzJJ /QKznSGga='Torntv V9.0' /bVBjfdNQ=51390 /kQSbsKe='001602' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /PymIVkWe=1404473457 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /mrSPztd=11111111-1111-1111-1111-110511131190 /mAHikT=ff /ZmxvjFWYH /LgXrNxBX='hxxp:/update.demogensrv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\WINDOWS\Tasks\d864d1e6-1cf4-4692-b365-338635fd5302-4.job => C:\Program Files\Torntv V9.0\d864d1e6-1cf4-4692-b365-338635fd5302-4.exeτ/lhmWTQtHR /QKznSGga='Torntv V9.0' /GCypiblgD C:\Program Files\Torntv V9.0\51390.xpi' /bVBjfdNQ=51390 /kQSbsKe='001602' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /HgYue=1.34.7.1 /PymIVkWe=1404473457 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /UOEXBoMoc=300 /Ogmvo=5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com /XhHWnQGUk=0.94 /WifGDThA=a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390 /RqQkQc=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/51390.rdf /kpdUhhFgO='Torntv V9.0' /eyzOJ='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /YZyHu='installdaddy' /mAHikT=ff /nzJPxyFiY='{asw:[2, 68, 0]}' /ZmxvjFWYH /lQpUGoTHm /RUyzNYJ /LgXrNxBX='hxxp:/update.demogensrv.com/ff_agent_updates/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\WINDOWS\Tasks\d864d1e6-1cf4-4692-b365-338635fd5302-5.job => C:\Program Files\Torntv V9.0\d864d1e6-1cf4-4692-b365-338635fd5302-5.exeȍ/DplMAPRMI /QKznSGga='Torntv V9.0' /bVBjfdNQ=51390 /kQSbsKe='001602' /gzMygfn='0' /LKiWVdB='0' /LgRGCP=0FE19290D5C34E05ADB50ECD4E53867AIE /axcjFnQ=06887c64446380e3c7fda70c98ac8e27 /crxHkjy=1_34_07_01 /PymIVkWe=1404473457 /RnpoOm=hxxp:/stats.demogensrv.com /nevRquvFu=hxxp:/errors.demogensrv.com /ZkhxjVpda=hxxp:/ipgeoapi.com/ /wGlHrCD=hxxp:/update.demogensrv.com /kbOtJ=2 /COnYWTE=hxxp:/logs.demogensrv.com /LgXrNxBX='hxxp:/update.demogensrv.com/updater_agent_updates/{CAMP_ID}/update.jso <==== UWAGA
    Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\Google Software Updater.job => <==== UWAGA
    Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Protected Search.job => C:\Program Files\Protected Search\ProtectedSearch.exe <==== UWAGA
    Task: C:\WINDOWS\Tasks\SMupdate1.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== UWAGA
    Task: C:\WINDOWS\Tasks\SMupdate2.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== UWAGA
    Task: C:\WINDOWS\Tasks\SMupdate3.job => C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll <==== UWAGA
    Task: C:\WINDOWS\Tasks\YTDownloaderUpd.job => C:\Program Files\YTDownloader\Updater.exe <==== UWAGA
    HKU\S-1-5-18\...\Run: [] => 0
    HKU\S-1-5-18\...\RunOnce: [Del5680046] => cmd.exe /Q /D /c del "C:\WINDOWS\TEMP\0.del" <===== UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    CHR HKU\S-1-5-21-1606980848-1275210071-839522115-1004\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-1606980848-1275210071-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=43251&...623-1365245026796-634206&st=chrome&q=
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&t...=amt&uid=ST3320620AS_6QF238XZXXXX6QF238XZ
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43251&...623-1365245026796-634206&st=chrome&q=
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1606980848-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1606980848-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
    HKU\S-1-5-21-1606980848-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43251&...623-1365245026796-634206&st=chrome&q=
    HKU\S-1-5-21-1606980848-1275210071-839522115-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&t...=amt&uid=ST3320620AS_6QF238XZXXXX6QF238XZ
    URLSearchHook: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 - (Brak nazwy) - {472734EA-242A-422b-ADF8-83D1E48CC825} - Brak pliku
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://newtab.certified-toolbar.com/nie?si=43251&tid=3623&st=newtab&ts=1365245032593&tguid=43251-3623-1365245026796-634206" <======= UWAGA
    HKU\S-1-5-21-1606980848-1275210071-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://newtab.certified-toolbar.com/nie?si=43251&tid=3623&st=newtab&ts=1365245032593&tguid=43251-3623-1365245026796-634206" <======= UWAGA
    SearchScopes: HKLM -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20320&r=2015/01/09&hid=11961794369597290035&lg=EN&cc=PL&unqvl=74
    SearchScopes: HKLM -> %SearchDefender_IESearchEngineGuid% URL = hxxp://search.gboxapp.com/?q={searchTerms}
    SearchScopes: HKLM -> {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.gboxapp.com/?q={searchTerms}&pid=388&src=ie2&r=2014/01/10&hid=11961794369597290035&lg=EN&cc=PL
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&a...p;uid=ST3320620AS_6QF238XZXXXX6QF238XZ&q={searchTerms}
    SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
    SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={71223E8F-B698-11E0-AF83-001A4DF8CF46}
    SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20320&r=2015/01/09&hid=11961794369597290035&lg=EN&cc=PL&unqvl=74
    SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.certified-toolbar.com?si=43251&...;tguid=43251-3623-1365245026796-634206&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0D6F000C-41F4-4ED5-91F8-2940B0B0B1F2} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0D6F000C-41F4-4ED5-91F8-2940B0B0B1F2} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0D6F000C-41F4-4ED5-91F8-2940B0B0B1F2} URL =
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20320&r=2015/01/09&hid=11961794369597290035&lg=EN&cc=PL&unqvl=74
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> %SearchDefender_IESearchEngineGuid% URL = hxxp://search.gboxapp.com/?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.gboxapp.com/?q={searchTerms}&pid=388&src=ie2&r=2014/01/10&hid=11961794369597290035&lg=EN&cc=PL
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {046B0895-5E4F-498C-89B7-2804A3E078EF} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=f3a8efd85574476e8e49ddaef5ec0f90&tu=10GX0008D2B000v&sku=&tstsId=&ver=&&r=828
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {04DE432D-8386-4D14-B648-07693B80188C} URL = hxxp://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GPEA_pl
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112060&tt=120812_bandext_3312_1&babsrc=SP_ss&mntrId=2812542b000000000000001a4df8cf46
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&a...p;uid=ST3320620AS_6QF238XZXXXX6QF238XZ&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {A1A196F4-518C-4639-B533-33212D561187} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={71223E8F-B698-11E0-AF83-001A4DF8CF46}
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20320&r=2015/01/09&hid=11961794369597290035&lg=EN&cc=PL&unqvl=74
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8C2rCkwJ&i=26
    SearchScopes: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.certified-toolbar.com?si=43251&...;tguid=43251-3623-1365245026796-634206&q={searchTerms}
    BHO: Brak nazwy -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Brak pliku
    BHO: Brak nazwy -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> Brak pliku
    Toolbar: HKLM - Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} - Brak pliku
    Toolbar: HKLM - Brak nazwy - {472734EA-242A-422B-ADF8-83D1E48CC825} - Brak pliku
    Toolbar: HKLM - Brak nazwy - {98889811-442D-49dd-99D7-DC866BE87DBC} - Brak pliku
    Toolbar: HKLM - Brak nazwy - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - Brak pliku
    Toolbar: HKLM - Brak nazwy - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - Brak pliku
    Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22] (Check Point Software Technologies)
    Toolbar: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> Brak nazwy - {D4027C7F-154A-4066-A1AD-4243D8127440} - Brak pliku
    Toolbar: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-22] (Check Point Software Technologies)
    Toolbar: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> Brak nazwy - {472734EA-242A-422B-ADF8-83D1E48CC825} - Brak pliku
    Toolbar: HKU\S-1-5-21-1606980848-1275210071-839522115-1004 -> Brak nazwy - {EEE6C35B-6118-11DC-9C72-001320C79847} - Brak pliku
    FF Extension: Brak nazwy - C:\Documents and Settings\oem\Dane aplikacji\Mozilla\Firefox\profiles\extensions\extensions [2015-04-28] [Brak podpisu cyfrowego]
    FF Extension: Brak nazwy - C:\Documents and Settings\oem\Dane aplikacji\Mozilla\Firefox\profiles\extensions\searchplugins [2014-10-10] [Brak podpisu cyfrowego]
    FF HKLM\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox => nie znaleziono
    FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2013-04-10] <==== UWAGA
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nie znaleziono>
    StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera\Opera.exe hxxp://www.delta-homes.com/?utm_source=b&...d=395049983_397234_2812542B&ts=1380449602
    StartMenuInternet: (HKLM) Opera.exe - C:\Program Files\Opera\Opera.exe hxxp://www.delta-homes.com/?utm_source=b&...d=395049983_397234_2812542B&ts=1380449602
    S3 PCTBD; C:\WINDOWS\System32\Drivers\PCTBD.sys [56840 2011-09-28] (PC Tools)
    R0 PCTCore; C:\WINDOWS\System32\drivers\PCTCore.sys [331880 2011-11-14] (PC Tools)
    R0 pctDS; C:\WINDOWS\System32\drivers\pctDS.sys [341656 2011-10-07] (PC Tools)
    R0 pctEFA; C:\WINDOWS\System32\drivers\pctEFA.sys [660992 2011-10-07] (PC Tools)
    R1 PCTSD; C:\WINDOWS\System32\Drivers\PCTSD.sys [185560 2011-11-22] (PC Tools)
    S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
    S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
    S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
    S3 catchme; \??\C:\DOCUME~1\oem\USTAWI~1\Temp\catchme.sys [X]
    S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [X]
    S3 elnputbv; Brak ImagePath
    S4 IntelIde; Brak ImagePath
    S3 SNP325; system32\DRIVERS\snp325.sys [X]
    S0 srescan; system32\ZoneLabs\srescan.sys [X]
    S3 tcpip_patcher; \??\C:\Program Files\e-zasoby\tcpip_patcher.sys [X]
    S3 TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [X]
    U3 a6nqwf6l; Brak ImagePath
    U3 af7tdm27; Brak ImagePath
    C:\Documents and Settings\oem\Counter-Strike_1.6_V42_DiGiTALZONE_www_SoftMania_pl.exe
    C:\Documents and Settings\oem\cs16full_v7.exe
    C:\Documents and Settings\oem\Ivona_Demo-1.0-7_Install(Dobrepliki.pl).exe
    C:\Documents and Settings\oem\WormsWorldParty-dm.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść w folderze gdzie znajduje się FRST.exe
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #5 19 Mar 2016 15:31
    Krystiannnn
    Poziom 3  

    Odinstalowałem Network System Driver i PC Data App, ale na liście zainstalowanych programów nie widać: PC Tools Spyware Doctor with AntiVirus i Update Manager for SweetPacks 1.1.

    0
  • #6 19 Mar 2016 15:33
    krzychupar
    Poziom 40  

    Pomiń to i wykonaj resztę i zamieść nowe logi z FRST.

    0
  • #7 19 Mar 2016 15:53
    Krystiannnn
    Poziom 3  

    Wszystko szło ok dopóki nie pokazało się 'usuwanie plików tymczasowych' zaraz po tym FRST przestaje działać (drugie zdjęcie).

    Acha i jeszcze jedno... dosłownie przed chwilą pokazał mi się drugi komunikat : (pierwsze zdjęcie)

    0
  • #8 19 Mar 2016 16:13
    Kolobos
    Spec od komputerów

    Nowy Fixlist.txt dla FRST:
    Task: C:\WINDOWS\Tasks\RMSchedule.job => C:\Program Files\Registry Mechanic\RegMech.exe
    AlternateDataStreams: C:\Documents and Settings\All Users\Pulpit:$SS_DESCRIPTOR_PVX2VCGFMV89VFN4TK1RVDNGCMLPHJKCUEDLJTEVX4FTJS6FM4V5 [85]
    HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,userinit.exe
    BHO: Brak nazwy -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> Brak pliku
    FF Extension: 2YourFace - C:\Documents and Settings\oem\Dane aplikacji\Mozilla\Firefox\profiles\extensions\support@2yourface.com [2011-08-17] [Brak podpisu cyfrowego]
    2015-07-13 13:02 - 2015-07-13 13:02 - 0000000 _____ () C:\Program Files\GUM6F.tmp
    2016-01-28 19:55 - 2016-01-28 19:55 - 0000016 _____ () C:\Documents and Settings\All Users\Dane aplikacji\mntemp
    2016-01-28 19:55 - 2016-01-28 19:55 - 0004881 _____ () C:\Documents and Settings\All Users\Dane aplikacji\rxsmznjf.zcp
    EmptyTemp:

    Mozesz wykonac w trybie awaryjnym.

    SysMenu juz nie widac logach.

    0
  • #10 19 Mar 2016 21:03
    Kolobos
    Spec od komputerów

    Wykonaj fixlist.txt w trybie awaryjnym.

    0
  • #11 29 Mar 2016 19:19
    Krystiannnn
    Poziom 3  

    Kolobos napisał:
    Wykonaj fixlist.txt w trybie awaryjnym.


    Mimo iż nie wykonałem tego fixlist.txt w trybie awaryjnym, to oba komunikaty znikły. Dzięki za pomoc wszystkim :)

    0