Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Niechciany komunikat RegSvr32

2876499 21 Mar 2017 15:21 381 3
  • Pomocny post
    #2 21 Mar 2017 15:42
    krzychupar
    Poziom 40  

    Otwórz notatnik systemowy i wklej:

    Task: {76744F93-F6F9-406E-843D-926C5A5DB56E} - System32\Tasks\{7B34587D-42AC-48DA-A32E-30407979BB57} => pcalua.exe -a "C:\Program Files\HP\HP LaserJet Professional CP1020 Series\Uninstall.exe"
    Task: {97953372-3F65-4116-B727-ADCCB212CBE6} - System32\Tasks\{26ECE186-2A2E-4ED0-AB1D-9BB4B98D1655} => pcalua.exe -a C:\Users\Emanuel\Downloads\Programs\BotHunter-Win32-v1.0.2.exe -d C:\Users\Emanuel\AppData\Roaming\IDM
    Task: {C59B286B-7D11-4F20-84BC-9B317779F4B0} - \1481e6842e6539H4014 -> Brak pliku <==== UWAGA
    Task: {F206B594-6564-4322-BCCB-F0DFA631BF77} - System32\Tasks\Opera scheduled Autoupdate 1482926012 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
    Shortcut: C:\Users\Emanuel\Desktop\BotHunter.lnk -> C:\Program Files (x86)\SRI\BotHunter\BotHunter.bat ()
    Shortcut: C:\Users\Emanuel\Desktop\PROGRAM\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <===== Cyrillic
    Shortcut: C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr (64-bit).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <===== Cyrillic
    Shortcut: C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <===== Cyrillic
    Shortcut: C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BotHunter\BotHunter.lnk -> C:\Program Files (x86)\SRI\BotHunter\BotHunter.bat ()
    Shortcut: C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) <===== Cyrillic
    Shortcut: C:\Users\Emanuel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <===== Cyrillic
    Shortcut: C:\Users\Emanuel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <===== Cyrillic
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <===== Cyrillic
    Hosts:
    HKU\S-1-5-21-1213760762-2782222740-1777680439-1000\...\Run: [Oggqics] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Emanuel\AppData\Local\YfgPack\kbjxuggw.dll <===== UWAGA
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    GroupPolicy: Ograniczenia - Windows Defender <======= UWAGA
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    HKU\S-1-5-21-1213760762-2782222740-1777680439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    FF Plugin-x32: @google.com/zxwebplugin -> C:\Windows\system32\npzxwebplugin.dll [Brak pliku]
    U0 aswVmm; Brak ImagePath
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
    S3 MSICDSetup; \??\E:\CDriver64.sys [X]
    S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
    S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
    2017-03-21 15:05 - 2017-03-21 15:10 - 00000000 ____D C:\AdwCleaner
    2017-03-20 18:44 - 2017-03-20 18:45 - 05659355 _____ (Swearware) C:\Users\Emanuel\Downloads\ComboFix.exe
    EmptyTemp:

    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 21 Mar 2017 15:47
    2876499
    Poziom 2  

    Dobra wielkie dzięki, wszystko działa :)

    0
  • #4 22 Mar 2017 06:13
    krzychupar
    Poziom 40  

    Usuń katalog C:\FRST i zamknij temat.

    0