wgsdgsdgdsgsd.dll Wystąpił błąd

przez **emsi8900** » 11 Mar 2013, 21:10

Prośba o pomoc jak wyżej
Logi Linki:
OTL.txt http://www.wklej.eu/index.php?id=e17be7d243
EXTRAS.txt http://www.wklej.eu/index.php?id=9e4698e68d
TDSSKIller http://www.wklej.eu/index.php?id=55bee086a8

Z góry dziękuję za pomoc

przez **mateo8898** » 11 Mar 2013, 22:43

Wykonaj nowe logi z OTL, ale przestaw opcję Rejestr na "Wszystko".

A temat wydzielam.

przez **emsi8900** » 12 Mar 2013, 00:21

OTL http://wklej.eu/index.php?id=6bfb2d55e4
Extras http://wklej.eu/index.php?id=5b20a52a67

przez **mateo8898** » 12 Mar 2013, 00:29

Z rozszerzeń w Chrome wywal Conduit Chrome Plugin

Uruchom OTL

w oknie Własne opcje skanowania/skrypt wklej:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=vlt2&from=vlt2&uid=Hitachi_HTS547550A9E384_J2150050CV0HECCV0HECX&ts=1350940834
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=vlt2&from=vlt2&uid=Hitachi_HTS547550A9E384_J2150050CV0HECCV0HECX&ts=1350940834
IE - HKLM\..\SearchScopes\{A2091BEC-AC70-4420-844C-63B6C823A49C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=vlt2&from=vlt2&uid=Hitachi_HTS547550A9E384_J2150050CV0HECCV0HECX&ts=1350940834
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\SearchScopes\{424FAC8A-937B-4845-96C7-47A6BA1DEB64}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=73F5AD0E-1A80-4AF9-BA7C-0FD18BD0EDAA&apn_sauid=7BA5B92E-DAA5-44BF-85FA-0F5FF8E87169
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\SearchScopes\{A2091BEC-AC70-4420-844C-63B6C823A49C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=1d20922c-0cc0-11e2-b453-b870f4f75874&q={searchTerms}
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=vlt2&from=vlt2&uid=Hitachi_HTS547550A9E384_J2150050CV0HECCV0HECX&ts=1350940834
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={8EDF8529-035E-4D23-8400-B1CC556BAB64}&mid=a153ddfe069347d0b95f6939b213b187-
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\SearchScopes\{424FAC8A-937B-4845-96C7-47A6BA1DEB64}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=73F5AD0E-1A80-4AF9-BA7C-0FD18BD0EDAA&apn_sauid=7BA5B92E-DAA5-44BF-85FA-0F5FF8E87169
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={8EDF8529-035E-4D23-8400-B1CC556BAB64}&mid=a153ddfe069347d0b95f6939b213b187-5b3ea34fe52f2b2e4a7d8e6dca95416788e763c0&lang=pl&ds=xn011&pr=sa&d=2012-10-07 17:05:46&v=13.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\SearchScopes\{A2091BEC-AC70-4420-844C-63B6C823A49C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=1d20922c-0cc0-11e2-b453-b870f4f75874&q={searchTerms}
[2012-10-22 22:20:36 | 000,000,402 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKU\S-1-5-21-2719609786-126122716-2321867961-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007..\Run: [] File not found
O4 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007..\Run: [EPSON SX130 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /FU "C:\Windows\TEMP\E_S9584.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007..\Run: [PlayNC Launcher] File not found
O4 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007..\Run: [ROC_JAN2013_TB] "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2719609786-126122716-2321867961-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
[2013-03-11 19:37:21 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job

:Files
C:\Users\MC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"GrooveMonitor"=-
"IAStorIcon"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"Facebook Update"=-

:Commands
[clearallrestorepoints]
[emptytemp]

Klikasz Wykonaj skrypt. Podajesz log z usuwania + nowe logi z OTL.

przez **emsi8900** » 12 Mar 2013, 01:27

Nigdzie nie widze tego conduit w rozszerzeniach, ani w opcjach ani nawet w otwieranych stronach po uruchomieniu ale skanuje spyhunterem i wykryło mi troche paskudztwo m.in. ten conduit. Czy jak po skanowaniu to usune to bedzie jednoznaczne z usunieciem całego conduit?

przez **emsi8900** » 12 Mar 2013, 02:09

log z usuwania http://wklej.eu/index.php?id=200df4fa30
nowy OTL http://wklej.eu/index.php?id=2c07a7fb82
nowy EXTRAS http://wklej.eu/index.php?id=4b9cd53592

przez **mateo8898** » 12 Mar 2013, 10:56

Czy jak po skanowaniu to usune to bedzie jednoznaczne z usunieciem całego conduit?

Nie wiem, trzeba by było wiedzieć, jakie dokładnie wpisy i pliki usunie.

W OTL

Sprzątanie

Przeczyść dysk oraz rejestr CCleaner

Zainstaluj SP1

http://www.instalki.pl/programy/downloa ... ack_1.html

Zaktualizuj IE do najnowszej wersji (nawet jeśli go nie używasz)

http://www.instalki.pl/programy/downloa ... lorer.html

wgsdgsdgdsgsd.dll Wystąpił błąd

wgsdgsdgdsgsd.dll Wystąpił błąd

Re: wgsdgsdgdsgsd.dll Wystąpił błąd

Re: wgsdgsdgdsgsd.dll Wystąpił błąd

Re: wgsdgsdgdsgsd.dll Wystąpił błąd

Re: wgsdgsdgdsgsd.dll Wystąpił błąd

Re: wgsdgsdgdsgsd.dll Wystąpił błąd

Re: wgsdgsdgdsgsd.dll Wystąpił błąd

Kto jest na forum