Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Windows 7 64 - RegSvr32, wyskakuje info przy starcie o braku pliku MSNWIKit.dll.

frico55 26 Mar 2016 13:36 621 2
  • Pomocny post
    #2 26 Mar 2016 13:56
    Kolobos
    Spec od komputerów

    Zmien dnsy z 8.8.8.8, 8.8.8.8 na 8.8.8.8 oraz 8.8.4.4

    Odinstaluj:
    DLL Suite 2013
    Dll-Files Fixer
    Spybot - Search & Destroy

    Fixlist.txt dla FRST:
    Task: {5F77B572-8A19-4A47-83F5-E1FE22EE58E3} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
    Task: {5FEADB46-6877-4C32-9E84-8E79A7C101BA} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
    Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    ShortcutWithArgument: C:\Users\user\Desktop\programy\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\Desktop\programy\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\Desktop\programy\Opera 17.lnk -> C:\Program Files (x86)\OperaChrome\launcher.exe (Opera Software) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"




    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera 36.lnk -> C:\Program Files (x86)\OperaChrome\launcher.exe (Opera Software) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 36.lnk -> C:\Program Files (x86)\OperaChrome\launcher.exe (Opera Software) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://trustedsurf.com/?ssid=1458991562&a=1053341&src=sh&uuid=9a3baef8-37e2-49e8-acca-b2027a037e0d"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
    (Dll-FIles.Com) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    HKU\S-1-5-21-3028791237-4280855367-4132324969-1000\...\Run: [] => regsvr32.exe C:\Users\user\AppData\Local\YcwxPack\MSNWIKit.dll
    BootExecute:
    AutoConfigURL: [S-1-5-21-3028791237-4280855367-4132324969-1000] => hxxp://un-stop.org/wpad.dat?aed56437e7bd29f5250152f28c2778c18066714
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    FF NewTab: hxxp://www.yessearches.com/?ts=AHEpBnIoAXIrC0...06D7E2B6EF50F1B3&ptid=wak&mode=ffseng
    FF DefaultSearchEngine: yessearches
    FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=yessearches
    FF SelectedSearchEngine: yessearches
    FF Keyword.URL: hxxp://www.yessearches.com/chrome.php?uid=350....&v=20160301&mode=ffexttoolbar&q=
    CHR HomePage: Default -> hxxp://pl.yahoo.com?fr=fpc-comodo
    CHR Extension: (LogitechVideoMail Class) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-11-14] [UpdateUrl: hxxps://clients2.google/service/fefjkpofffpnoleccinbcfhemjakkhgn] <==== UWAGA
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    U3 a2epa5og; C:\Windows\System32\Drivers\a2epa5og.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
    S3 BOCDRIVE; \??\C:\Program Files (x86)\Comodo\CBOClean\BOCDRIVE.sys [X]
    S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
    S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
    2016-03-26 12:26 - 2016-03-26 12:26 - 00000000 ____D C:\Users\user\AppData\Roaming\SpringFiles
    2016-03-26 12:08 - 2016-03-26 12:08 - 00003038 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
    2016-03-26 12:08 - 2016-03-26 12:08 - 00003024 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
    2016-03-26 12:08 - 2016-03-26 12:08 - 00000290 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
    2016-03-26 12:08 - 2016-03-26 12:08 - 00000274 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
    2016-03-26 12:08 - 2016-03-26 12:08 - 00000000 ____D C:\Users\user\AppData\Roaming\dll-files.com
    2016-03-26 12:06 - 2016-03-26 12:08 - 00001098 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
    2016-03-26 12:06 - 2016-03-26 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
    2016-03-26 12:06 - 2016-03-26 12:08 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
    2016-03-26 11:33 - 2015-11-25 13:01 - 00021624 _____ (solvusoft) C:\Windows\system32\roboot64.exe
    2016-03-26 11:30 - 2016-03-26 11:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Solvusoft
    2016-03-01 08:01 - 2015-01-05 22:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    C:\Users\Public\Remediate2015010117040567211000000.dat
    EmptyTemp:

    Po wykonaniu zrob pelny skan przy pomocy Mbam i usun to co wykryje:
    http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

    Usun katalog C:\FRST.

    1
  • #3 26 Mar 2016 16:26
    frico55
    Poziom 5  

    Dzięki. :) Jest OK!
    Windows 7 64 - RegSvr32, wyskakuje info przy starcie o braku pliku MSNWIKit.dll.

    0