Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Windows 7 - RunDLL nie można odnaleźć określonego modułu. Idź

Smietana5643 17 Cze 2016 12:27 507 1
  • CControls
  • #2 17 Cze 2016 12:47
    Acorus 20
    Spec od komputerów

    Odinstaluj Click Caption 1.10.0.5, FlvPlayer, PriceFountain, Update for PriceFountain, WindowsMangerProtect20.0.0.1277. Otwórz notatnik systemowy i wklej:

    Cytat:
    Task: {90C3D99F-4C09-477B-ACCD-6FB81E5B3DE9} - System32\Tasks\BartekReutilizingHorologyV2 => Rundll32.exe MinderContortion.dll,main 7 1 <==== UWAGA
    Task: {EE654A27-F137-4A1E-A2F9-D4BD55427366} - System32\Tasks\Opera scheduled Autoupdate 1414282468 => C:\Program Files\Opera\launcher.exe [2016-06-13] (Opera Software)
    ShortcutWithArgument: C:\Users\Bartek\Desktop\Nowy folder\USB device MF63.lnk -> C:\Program Files\Hostless Modem\USB device MF63\LaunchWebUI.exe () -> hxxp://router.setup/
    ShortcutWithArgument: C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoodGameEmpire\GoodGameEmpire.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://a2g-secure.com/?E=bwsPamg0MAiwFF%2bnM1a0Fg%3d%3d&s1= --app-window-size=1920,1080
    ShortcutWithArgument: C:\Users\Bartek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GoodGameEmpire.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://a2g-secure.com/?E=bwsPamg0MAiwFF%2bnM1a0Fg%3d%3d&s1= --app-window-size=1920,1080
    ShortcutWithArgument: C:\Users\Bartek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
    AlternateDataStreams: C:\ProgramData:NT [40]
    AlternateDataStreams: C:\ProgramData:NT2 [344]
    AlternateDataStreams: C:\Users\All Users:NT [40]
    AlternateDataStreams: C:\Users\All Users:NT2 [344]
    AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
    AlternateDataStreams: C:\ProgramData\Application Data:NT2 [344]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [344]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
    AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [344]
    AlternateDataStreams: C:\Users\Bartek\Dane aplikacji:NT [40]
    AlternateDataStreams: C:\Users\Bartek\Dane aplikacji:NT2 [344]
    AlternateDataStreams: C:\Users\Bartek\AppData\Roaming:NT [40]
    AlternateDataStreams: C:\Users\Bartek\AppData\Roaming:NT2 [344]
    HKLM\...\Run: [gmsd_pl_4] => [X]
    GroupPolicy: Ograniczenia - Chrome <======= UWAGA
    CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://q.search-simple.com/?affID=bl_bf3f68fc-309a-4836-ad41-a74ccb490c43
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts...=cor&uid=395049983_266035_6C134AE1&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts...=cor&uid=395049983_266035_6C134AE1&q={searchTerms}
    HKU\S-1-5-21-2594140167-4193045014-193496485-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...UX14GD5ha50b0Nx5l88CvdQxtAs8uIA1Tz6ROr&q={searchTerms}
    HKU\S-1-5-21-2594140167-4193045014-193496485-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%...PL0o2Yuu_-J9cQVp4b4MI1wOEERdoupKpNa6nOtCBqImk
    HKU\S-1-5-21-2594140167-4193045014-193496485-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...UX14GD5ha50b0Nx5l88CvdQxtAs8uIA1Tz6ROr&q={searchTerms}
    HKU\S-1-5-21-2594140167-4193045014-193496485-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...UX14GD5ha50b0Nx5l88CvdQxtAs8uIA1Tz6ROr&q={searchTerms}
    SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
    SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...UX14GD5ha50b0Nx5l88CvdQxtAs8uIA1Tz6ROr&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://q.search-simple.com/?affID=bl_bf3f68fc-309a-4836-ad41-a74ccb490c43&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2594140167-4193045014-193496485-1001 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...UX14GD5ha50b0Nx5l88CvdQxtAs8uIA1Tz6ROr&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2594140167-4193045014-193496485-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://q.search-simple.com/?affID=bl_bf3f68fc-309a-4836-ad41-a74ccb490c43&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2594140167-4193045014-193496485-1001 -> {C85E34B1-3DC9-4F8C-946A-63AB916A9C49} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=198
    SearchScopes: HKU\S-1-5-21-2594140167-4193045014-193496485-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61...UX14GD5ha50b0Nx5l88CvdQxtAs8uIA1Tz6ROr&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2594140167-4193045014-193496485-1001 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
    FF Homepage: C:\ProgramData\Quotenamrons\ff.HP
    FF NewTab: C:\ProgramData\Quotenamrons\ff.NT
    FF SearchPlugin: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\gxx4isfy.default\searchplugins\dsrlte.xml [2014-11-04]
    FF SearchPlugin: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\gxx4isfy.default\searchplugins\findit.xml [2016-06-15]
    FF SearchPlugin: C:\Users\Bartek\AppData\Roaming\Mozilla\Firefox\Profiles\gxx4isfy.default\searchplugins\szukaj-gazeta-pl.xml [2015-01-23]
    CHR DefaultSearchURL: Default -> hxxp://feed.safefinder.biz/?fext=true&pub...publisher=extensiondefaultap&st=ed&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> SafeFinder
    CHR Extension: (SafeFinder Search) - C:\Users\Bartek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidkebcigjgheaahopdnlfaohgnocfai [2016-06-15]
    CHR HKLM\...\Chrome\Extension: [jidkebcigjgheaahopdnlfaohgnocfai] - hxxps://clients2.google.com/service/update2/crx
    OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-sw-20__alt__ddc_dsssyc_bd_com"
    S4 Quotenamron; C:\ProgramData\\Quotenamron\\Quotenamron.exe [1106432 2016-06-15] () [Brak podpisu cyfrowego]
    S4 servervo; C:\Users\Bartek\AppData\Roaming\VOPackage\VOsrv.exe [X] <==== UWAGA
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2016-06-15 23:39 - 2016-06-15 23:39 - 00000000 ____D C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
    2016-06-15 23:18 - 2016-06-16 00:13 - 00000000 ____D C:\Program Files\Common Files\Latjob
    2016-06-15 23:18 - 2016-06-15 23:18 - 00002397 _____ C:\Windows\system32\findit.xml
    2016-06-15 23:18 - 2016-06-15 23:18 - 00000000 ____D C:\ProgramData\Quotenamrons
    2016-06-15 23:18 - 2016-06-15 23:18 - 00000000 ____D C:\ProgramData\Logic Handler
    2016-06-15 23:17 - 2016-06-16 06:36 - 00000000 ____D C:\ProgramData\Quotenamron
    2016-06-15 23:17 - 2016-06-16 02:17 - 00000000 ____D C:\Users\Bartek\AppData\Roaming\PriceFountainUpdateVer
    2016-06-15 23:17 - 2016-06-16 00:01 - 00000000 ____D C:\Users\Bartek\AppData\Local\ReutilizingHorology
    2016-06-15 23:17 - 2016-06-15 23:17 - 06867968 _____ C:\Users\Bartek\AppData\Roaming\agent.dat
    2016-06-15 23:17 - 2016-06-15 23:17 - 01759964 _____ C:\Users\Bartek\AppData\Roaming\Rebam.tst
    2016-06-15 23:17 - 2016-06-15 23:17 - 00126464 _____ C:\Users\Bartek\AppData\Roaming\noah.dat
    2016-06-15 23:17 - 2016-06-15 23:17 - 00067968 _____ C:\Users\Bartek\AppData\Roaming\Config.xml
    2016-06-15 23:17 - 2016-06-15 23:17 - 00018432 _____ C:\Users\Bartek\AppData\Roaming\Main.dat
    2016-06-15 23:17 - 2016-06-15 23:17 - 00005568 _____ C:\Users\Bartek\AppData\Roaming\md.xml
    2016-06-15 23:17 - 2016-06-15 23:16 - 01106432 _____ C:\Users\Bartek\AppData\Roaming\Rebam.exe
    2016-06-15 23:16 - 2016-06-15 23:16 - 00983624 _____ ( ) C:\Users\Bartek\Downloads\Visual-C-2010-Redistributable-63998-dp.exe
    2016-06-15 23:16 - 2016-06-15 23:16 - 00128512 _____ C:\Users\Bartek\AppData\Roaming\Installer.dat
    2016-06-15 23:16 - 2016-06-15 23:16 - 00014304 _____ C:\Users\Bartek\AppData\Roaming\InstallationConfiguration.xml
    2016-06-15 23:15 - 2016-06-15 23:15 - 00137522 _____ C:\Users\Bartek\Downloads\Super Simple Wallhack 5.21.rar
    2016-06-15 23:14 - 2016-06-15 23:15 - 00983624 _____ ( ) C:\Users\Bartek\Downloads\NET-Framework-35626-dp.exe
    EmptyTemp:


    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom jako administrator FRST i kliknij w Fix/Napraw.
    Pobierz i uruchom jako administrator AdwCleaner https://toolslib.net/downloads/finish/1/ Kliknij Scan i później Cleaning.

    0