logo elektroda
logo elektroda
X
logo elektroda
Szukanie Zaawansowane
logo elektroda
Drukarka UV na Twoim biurku?
Drukarka UV na Twoim biurku? Poznaj eufyMake E1 »
REKLAMA
Dostępna jest polska wersja

Czy wolisz polską wersję strony elektroda?

Nie, dziękuję Przekieruj mnie tam
REKLAMA
REKLAMA
Adblock/uBlockOrigin/AdGuard mogą powodować znikanie niektórych postów z powodu nowej reguły.

Skan MBAM wykonany, CurelIt nie uruchamia się - analiza loga

Kasek21 16 Mar 2012 11:38 1871 6
REKLAMA
Zgłoś naruszenie prawa
Odpowiedz | Nowy temat
  • #1 10684245
    Kasek21
    Poziom 43  
    Posty: 45622
    Pomógł: 4974
    Ocena: 3535
    Witam!
    Proszę o sprawdzenie.

    Skan w MBAM wykonany, CurelIt nie uruchamia się.
    Załączniki:
    • Extras.Txt (45.55 KB) Musisz być zalogowany, aby pobrać ten załącznik.
    • OTL.Txt (81.22 KB) Musisz być zalogowany, aby pobrać ten załącznik.
  • REKLAMA
  • Pomocny post
    #2 10684623
    Kolobos
    Spec od komputerów
    Posty: 85165
    Pomógł: 17165
    Ocena: 10443
    Do aktualizacji:
    Java(TM) 6 Update 30
    Mozilla Firefox 8.0.1 (x86 pl)

    Odinstaluj:
    Adobe Reader 9.5.0 - Polish, zmien na Foxit
    SweetIM for Messenger 3.6
    Akamai NetSession Interface Service
    Babylon toolbar on IE
    Conduit Engine
    DealPly
    Facemoods Toolbar
    IncrediMail MediaBar 2 Toolbar
    Mario Forever Toolbar
    SFT_Polska Toolbar
    uTorrentBar Toolbar
    Crossrider


    Wykonaj skrypt w OTL:

    :OTL
    PRC - [2011-09-05 14:46:50 | 000,362,200 | ---- | M] (facemoods.com) -- C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf3&s={searchTerms}&f=4
    IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
    IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=c6930b58-b7bc-11e0-af99-0019db6a246c&q={searchTerms}
    IE - HKLM\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = http://startsear.ch/?q={searchTerms}
    IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={3703920F-E22E-11E0-B2A1-0019DB6A246C}
    IE - HKLM\..\SearchScopes\{F6FEF076-3DAB-4881-B78A-C0F68641F98A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2247187
    IE - HKCU\..\URLSearchHook: {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\prxtbMari.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\InprocServer32 File not found
    IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
    IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
    IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=bf3&s={searchTerms}&f=4
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=c6930b58-b7bc-11e0-af99-0019db6a246c&q={searchTerms}
    IE - HKCU\..\SearchScopes\{2CAA64E2-D7F9-49B7-8868-5BAF3011A7B4}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100996&mntrId=801d05a30000000000000019db6a246c
    IE - HKCU\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = http://startsear.ch/?q={searchTerms}
    IE - HKCU\..\SearchScopes\{91A02593-7680-458B-A63C-883D238020FB}: "URL" = http://mp3tubetoolbar.com/?tmp=toolbar_sb_results&prt=pinballtbfour01ie&Keywords={searchTerms}&clid=f113859b91bd4e468a00b6dd972af62b
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
    IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92260248914739776
    IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={3703920F-E22E-11E0-B2A1-0019DB6A246C}
    IE - HKCU\..\SearchScopes\{F6FEF076-3DAB-4881-B78A-C0F68641F98A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
    FF - prefs.js..browser.search.defaultengine: "Web Search"
    FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Mario Forever Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2247187&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.order.1: "Web Search"
    FF - prefs.js..browser.search.selectedEngine: "Mario Forever Customized Web Search"
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2247187&SearchSource=13"
    FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=c6930b58-b7bc-11e0-af99-0019db6a246c&q="
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
    FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Web Search"
    FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=c6930b58-b7bc-11e0-af99-0019db6a246c"
    [2012-03-09 18:53:23 | 000,000,000 | ---D | M] (Mario Forever Community Toolbar) -- C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\8pjp622h.default\extensions\{707db484-2428-402d-afb5-d85b387544c7}
    [2012-01-21 16:19:09 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\8pjp622h.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
    [2012-03-05 18:00:26 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\8pjp622h.default\searchplugins\conduit.xml
    [2011-12-20 22:26:04 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\8pjp622h.default\searchplugins\startsear.xml
    [2012-02-23 16:47:54 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\8pjp622h.default\searchplugins\SweetIM Search.xml
    [2012-02-23 16:47:37 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\ppp\Dane aplikacji\Mozilla\Firefox\Profiles\8pjp622h.default\searchplugins\sweetim.xml
    O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)
    O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (RewardsArcade) - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files\RewardsArcade\RewardsArcade.dll (215 Apps)
    O2 - BHO: (SFT_Polska Toolbar) - {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
    O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
    O2 - BHO: (Mario Forever Toolbar) - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\prxtbMari.dll (Conduit Ltd.)
    O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll File not found
    O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
    O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll ()
    O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll File not found
    O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
    O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (SFT_Polska Toolbar) - {5c5b9468-d672-4eb7-b52f-b5afabf28c5b} - C:\Program Files\SFT_Polska\prxtbSFT_.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Mario Forever Toolbar) - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\prxtbMari.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll File not found
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
    O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll File not found
    O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
    O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTor.dll File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
    O24 - Desktop Components:1 () - http://ggao.hit.gemius.pl/hitredir/id=0iJFNK9...utm_medium=display&utm_campaign=4900-detektyw
  • REKLAMA
  • #3 10684934
    Kasek21
    Poziom 43  
    Posty: 45622
    Pomógł: 4974
    Ocena: 3535
    Skrypt wykonany.

    Nowy w załączniku.

    Cały czas pokazuje się błąd:

    AppName: msfeedssyinc.exe AppVer: 8.0.6001.18702 ModName: user32.dll

    Java zaktualizowana.

    Co do FF to na razie Opera.
    Załączniki:
    • OTL.Txt (62.96 KB) Musisz być zalogowany, aby pobrać ten załącznik.
  • REKLAMA
  • Pomocny post
    #4 10685354
    Kolobos
    Spec od komputerów
    Posty: 85165
    Pomógł: 17165
    Ocena: 10443
    Usun: C:\WINDOWS\tasks\User_Feed_Synchronization-{EE9105B0-6E07-4498-ABA2-8F4166BA3182}.job i problem z msfeed zniknie.
  • REKLAMA
  • #5 10689847
    Kasek21
    Poziom 43  
    Posty: 45622
    Pomógł: 4974
    Ocena: 3535
    W tym problem, że ten katalog jest pusty.
  • Pomocny post
    #6 10689867
    Kolobos
    Spec od komputerów
    Posty: 85165
    Pomógł: 17165
    Ocena: 10443
    Wykonaj skrypt:

    :OTL

    :Files
    C:\WINDOWS\tasks\User_Feed_Synchronization-{EE9105B0-6E07-4498-ABA2-8F4166BA3182}.job
  • #7 10767582
    Kasek21
    Poziom 43  
    Posty: 45622
    Pomógł: 4974
    Ocena: 3535
    Dzięki za pomoc.
Odpowiedz | Nowy temat
Zgłoś naruszenie prawa

Podsumowanie tematu

✨ Użytkownik zgłosił problem z uruchomieniem programu CurelIt po wykonaniu skanu w Malwarebytes Anti-Malware (MBAM). W odpowiedziach zasugerowano odinstalowanie kilku programów, w tym Adobe Reader i różnych toolbarów, oraz wykonanie skryptu w OTL, aby usunąć niepożądane pliki. Użytkownik zaktualizował Javę i zgłosił błąd związany z plikiem msfeedssyinc.exe. Ostatecznie zasugerowano usunięcie zadania synchronizacji feedów użytkownika, co miało rozwiązać problem.
REKLAMA