Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

[Rozwiązano] Dziwne zachowanie sytemu przy starcie

Pawel D 02 Sty 2016 16:59 765 2
  • Pomocny post
    #2 02 Sty 2016 18:26
    krzychupar
    Poziom 40  

    Odinstaluj WinThruster

    Otwórz notatnik systemowy i wklej:
    Task: {020A46B5-D320-4516-9128-BD67740482C4} - System32\Tasks\{812C11F2-91F7-4B6B-B02A-65486BD69480} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {2613842C-7CC5-42DB-B73C-5BA4A6886417} - System32\Tasks\WinThruster_DEFAULT => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== UWAGA
    Task: {8E3A8523-3215-4292-BD88-779830B204EC} - System32\Tasks\{23C7D6DA-2E4A-4E83-87AE-53C9D5982F68} => pcalua.exe -a E:\setup.exe -d E:\
    Task: {EBC340F4-B621-474D-BA5E-FD3BC1CB35A6} - System32\Tasks\WinThruster => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== UWAGA
    Task: {FF8EB323-4554-4698-8D6E-5761284BB9A5} - System32\Tasks\WinThruster_UPDATES => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== UWAGA
    Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== UWAGA
    Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== UWAGA
    HKU\S-1-5-21-3929538359-2945771756-3218933461-1000\...\Run: [WinThrusterReminder] => C:\Program Files (x86)\WinThruster\WinThruster.exe -rem
    HKU\S-1-5-21-3929538359-2945771756-3218933461-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
    HKU\S-1-5-21-3929538359-2945771756-3218933461-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
    HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinThrusterReminder] => C:\Program Files (x86)\WinThruster\WinThruster.exe -rem
    HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP08&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP08&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000 -> DefaultScope {28AB1D2E-5559-44dd-B03D-26A839CA15B9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox




    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000 -> {1AA7B00D-F949-4e16-99B0-6C1631DDAACC} URL = hxxp://www.google.com/custom?client=pub-37942...%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000 -> {28AB1D2E-5559-44dd-B03D-26A839CA15B9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000 -> {E4BA6720-746C-4614-9216-1A18669E6D31} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061213&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {28AB1D2E-5559-44dd-B03D-26A839CA15B9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1AA7B00D-F949-4e16-99B0-6C1631DDAACC} URL = hxxp://www.google.com/custom?client=pub-37942...%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {28AB1D2E-5559-44dd-B03D-26A839CA15B9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
    SearchScopes: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E4BA6720-746C-4614-9216-1A18669E6D31} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=061213&q={searchTerms}&src=IE-SearchBox
    Toolbar: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    Toolbar: HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
    FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku]
    CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pl-pl
    CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
    CHR DefaultSearchKeyword: Default -> bing.com
    CHR HKU\S-1-5-21-3929538359-2945771756-3218933461-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-3929538359-2945771756-3218933461-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/Pakiet Bezpieczeństwa UPC/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-09-08]
    S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
    S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]


    EmptyTemp:




    Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.
    Uruchom FRST i kliknij w Fix/Napraw.

    0
  • #3 23 Lut 2018 10:53
    Pawel D
    Poziom 7  

    Skorzystałem ze wskazówek

    0