Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Nie można załadować modułu [..]/appdata/local/ykrpack/pnvzyrvn.dll

20 Maj 2016 18:31 720 3
  • #1 20 Maj 2016 18:31
    2480222
    Użytkownik usunął konto  
  • #2 20 Maj 2016 19:17
    Kolobos
    Spec od komputerów

    Wykonaj Fixlist.txt dla FRST:
    Task: {042526E0-2638-49D4-854C-C29629AD88F1} - System32\Tasks\NetWork\Shell\Input Updater => C:\Program Files (x86)\MoshouInput\updater.exe
    Task: {067853CB-F634-4DE0-A2EE-FE13AB5C36C0} - System32\Tasks\{09771891-ED84-45B7-8087-3C1351B1DB16} => C:\Users\Maciek\AppData\Local\Temp\Rar$EXa0.764\StubInstallerCleanUp.bat <==== UWAGA
    Task: {3B3EFB46-5D0C-4E7F-B173-6F032A5FE9EF} - System32\Tasks\{8B1DA1A5-19C0-4DE3-A5B4-46DBE221AC0A} => C:\Program Files (x86)\KMSPico 10.0.6\StubInstallerCleanUp.bat <==== UWAGA
    Task: {63BEAFA7-35B6-4197-BD0B-EBB9815D2856} - System32\Tasks\{B1E10C62-AA30-4F79-B451-7705B40826EB} => C:\Users\Maciek\AppData\Local\Temp\Rar$EXa0.764\StubInstallerCleanUp.bat <==== UWAGA
    Task: {7BDB9C3F-B195-434D-A56F-63BE8A1F3E5B} - System32\Tasks\PED_Torrent_Search => Rundll32.exe 4mW3UU0.dll,#67
    Task: {90F26F64-5465-4C4B-BA56-5EC3152B9A73} - System32\Tasks\{B121ED8D-EAEF-40F9-A9CB-30444DDA9759} => pcalua.exe -a "C:\Stery\sterowniki płyta\Audio\CreativeZxRiW10\setup.exe" -d "C:\Stery\sterowniki płyta\Audio\CreativeZxRiW10"
    Task: {B5831FAD-CD59-4D52-8859-EEBFA483312C} - System32\Tasks\PPI Update => "hxxp://insightlk.com/download/index.php?mn=9995"
    Task: {BE3AF8CD-3615-4D52-B863-4E7B1403196B} - System32\Tasks\Shefale Cloud => C:\Program Files (x86)\Shefale\shefaleCloudtask.exe <==== UWAGA
    Task: {C6C4B05E-1874-484C-9BAC-679CEC72E970} - System32\Tasks\{7379270B-29FE-4B86-8C2D-B8D795C7D3B6} => C:\Program Files (x86)\KMSPico 10.0.6\StubInstallerCleanUp.bat <==== UWAGA
    Task: {CF0D91F6-6A6C-4A9C-A832-72089617C5E0} - System32\Tasks\{374A1AAA-A512-4C0D-B330-5F0F59F2DFB4} => C:\Program Files (x86)\KMSPico 10.0.6\StubInstallerCleanUp.bat <==== UWAGA
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\PED_Torrent_Search.job => C:\ProgramData\Torrent_Search_PED\rundll32.exe4mW3UU0.dll
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe" /regrun
    HKU\S-1-5-21-3253125812-3398480992-2909493202-1000\...\Run: [YkPack] => regsvr32.exe C:\Users\Maciek\AppData\Local\YkPack\wktdomdn.dll <===== UWAGA
    HKU\S-1-5-21-3253125812-3398480992-2909493202-1000\...\Run: [Agworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Maciek\AppData\Local\YkrPack\pnvzyrvn.dll
    HKU\S-1-5-21-3253125812-3398480992-2909493202-1000\...\Run: [mohpimyin.exe] => C:\Program Files (x86)\MoshouInput\mohpimyin.exe
    HKU\S-1-5-21-3253125812-3398480992-2909493202-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [YkPack] => regsvr32.exe C:\Users\Maciek\AppData\Local\YkPack\wktdomdn.dll <===== UWAGA
    HKU\S-1-5-21-3253125812-3398480992-2909493202-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Agworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Maciek\AppData\Local\YkrPack\pnvzyrvn.dll




    HKU\S-1-5-21-3253125812-3398480992-2909493202-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [mohpimyin.exe] => C:\Program Files (x86)\MoshouInput\mohpimyin.exe
    ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll Brak pliku
    BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => Brak pliku
    S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
    S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
    2016-05-20 17:53 - 2016-05-20 17:53 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2016-05-20 17:48 - 2016-05-20 17:48 - 00000000 ____D C:\Users\Maciek\AppData\LocalLow\MoshouInput
    2016-05-20 17:38 - 2016-01-29 10:48 - 04726504 _____ () C:\ProgramData\usbboxlite_3001_s_8008_hn.exe
    2016-05-20 17:36 - 2016-05-20 17:36 - 00000000 ____D C:\Program Files (x86)\Thunder Network
    2016-05-20 17:36 - 2015-10-20 10:54 - 27712808 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\XMPSetupLite-SIjhaqws55.exe
    2016-05-20 17:32 - 2016-04-23 09:11 - 04516224 _____ C:\ProgramData\qudao18.exe
    2016-05-20 17:30 - 2016-02-18 10:10 - 05267952 _____ () C:\ProgramData\ziptool_wc-9015_setup.exe
    2016-05-20 17:29 - 2016-05-20 18:20 - 00000000 ____D C:\Program Files (x86)\MoshouInput
    2016-05-20 17:29 - 2016-05-20 17:36 - 00000000 ____D C:\Users\Public\Thunder Network
    2016-05-20 17:29 - 2016-05-20 17:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\NetWork
    2016-05-20 17:29 - 2016-05-20 17:29 - 00000000 ____D C:\Users\Maciek\AppData\Roaming\MoshouInput
    2016-05-20 17:29 - 2016-05-20 17:29 - 00000000 ____D C:\ProgramData\Thunder Network
    2016-05-20 17:29 - 2016-05-20 17:29 - 00000000 ____D C:\ProgramData\MoshouInput
    2016-05-20 17:29 - 2016-05-20 17:29 - 00000000 ____D C:\ProgramData\download
    2016-05-20 17:29 - 2015-11-20 04:42 - 02511936 _____ (hxxp://moshoushurufa.com/) C:\ProgramData\moshou_gl_010.exe
    2016-05-20 17:23 - 2016-05-20 17:23 - 00003560 _____ C:\WINDOWS\System32\Tasks\{8B1DA1A5-19C0-4DE3-A5B4-46DBE221AC0A}
    2016-05-20 17:17 - 2016-05-20 18:28 - 00000368 _____ C:\WINDOWS\Tasks\PED_Torrent_Search.job
    2016-05-20 17:17 - 2016-05-20 17:35 - 00000000 ____D C:\ProgramData\Torrent_Search_PED
    2016-05-20 17:17 - 2016-05-20 17:17 - 00008942 _____ C:\WINDOWS\System32\Tasks\Shefale Cloud
    2016-05-20 17:17 - 2016-05-20 17:17 - 00003428 _____ C:\WINDOWS\System32\Tasks\PED_Torrent_Search
    2016-05-20 17:17 - 2016-05-20 17:17 - 00000000 ____D C:\extensions
    2016-05-20 17:16 - 2016-05-20 18:18 - 00000266 __RSH C:\ProgramData\ntuser.pol
    2016-05-20 17:16 - 2016-05-20 17:40 - 00000000 ____D C:\Users\Maciek\AppData\Local\YkrPack
    2016-05-20 17:16 - 2016-05-20 17:40 - 00000000 ____D C:\Users\Maciek\AppData\Local\YkPack
    2016-05-20 17:16 - 2016-05-20 17:16 - 00003560 _____ C:\WINDOWS\System32\Tasks\{374A1AAA-A512-4C0D-B330-5F0F59F2DFB4}
    2016-05-20 17:14 - 2016-05-20 17:23 - 00003596 _____ C:\WINDOWS\System32\Tasks\PPI Update
    2016-05-20 17:14 - 2016-05-20 17:14 - 00003560 _____ C:\WINDOWS\System32\Tasks\{7379270B-29FE-4B86-8C2D-B8D795C7D3B6}
    2016-05-20 17:13 - 2016-05-20 18:16 - 00000000 ____D C:\AdwCleaner
    2016-05-20 17:13 - 2016-05-20 17:13 - 00003580 _____ C:\WINDOWS\System32\Tasks\{09771891-ED84-45B7-8087-3C1351B1DB16}
    2016-05-20 17:11 - 2016-05-20 17:11 - 00003580 _____ C:\WINDOWS\System32\Tasks\{B1E10C62-AA30-4F79-B451-7705B40826EB}
    2016-05-20 14:56 - 2016-05-20 14:56 - 00303616 _____ (WZT) C:\Users\Maciek\Downloads\DWS_Lite (1).exe
    1992-01-06 02:00 - 1992-01-06 02:00 - 0001525 _____ () C:\Users\Maciek\AppData\Roaming\CoteDreck.s
    1989-10-23 01:00 - 1989-10-23 01:00 - 0049764 _____ () C:\Users\Maciek\AppData\Roaming\Stick.e
    2016-05-20 17:29 - 2015-11-20 04:42 - 2511936 _____ (http://moshoushurufa.com/) C:\ProgramData\moshou_gl_010.exe
    2016-05-20 17:29 - 2016-05-04 10:44 - 4232400 _____ (Kingsoft Corp. Ltd.) C:\ProgramData\OfficeAssist.0172.80.1384.exe
    2016-05-20 17:32 - 2016-04-23 09:11 - 4516224 _____ () C:\ProgramData\qudao18.exe
    2016-05-20 17:38 - 2016-01-29 10:48 - 4726504 _____ () C:\ProgramData\usbboxlite_3001_s_8008_hn.exe
    2016-05-20 17:36 - 2015-10-20 10:54 - 27712808 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\XMPSetupLite-SIjhaqws55.exe
    2016-05-20 17:30 - 2016-02-18 10:10 - 5267952 _____ () C:\ProgramData\ziptool_wc-9015_setup.exe
    C:\ProgramData\moshou_gl_010.exe
    C:\ProgramData\OfficeAssist.0172.80.1384.exe
    C:\ProgramData\qudao18.exe
    C:\ProgramData\usbboxlite_3001_s_8008_hn.exe
    C:\ProgramData\XMPSetupLite-SIjhaqws55.exe
    C:\ProgramData\ziptool_wc-9015_setup.exe
    EmptyTemp:

    Po wykonaniu usun katalog C:\FRST.

    0
  • #3 20 Maj 2016 20:45
    2480222
    Użytkownik usunął konto  
  • Pomocny post
    #4 20 Maj 2016 20:48
    Kolobos
    Spec od komputerów

    Instalujesz szkodliwe chinskie programy, ktore chyba zadbaly o poprawne wyswietlanie znakow ;)

    0