Elektroda.pl
Elektroda.pl
X
CControls
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Sprawdzenie logów, nie da się zainstalować programów.

Stefan1121 29 Cze 2017 16:14 423 2
  • CControls
  • Pomocny post
    #2 29 Cze 2017 18:46
    Kolobos
    Spec od komputerów

    Uzyj: http://www.avg.com/pl-pl/utilities

    Odinstaluj:
    fst_pl_19
    fst_pl_7

    Uzyj AdwCleaner, opcja Scan/Szukaj i Clean/Usun: http://www.bleepingcomputer.com/download/adwcleaner/

    Wykonaj Fixlist.txt dla FRST:
    CloseProcesses:
    Task: {1817C99B-B2A4-4ADD-B823-52D5109AF476} - System32\Tasks\{A6B738AF-E02E-44E8-8F17-88F2E59D1A4D} => C:\Program Files (x86)\HP\HP Deskjet Ink Adv 2060 K110\bin\HPScan.exe [2010-11-16] (Hewlett-Packard Co.)
    Task: {221B8274-7684-4F66-89DF-B5A125A0A141} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2156839760-1016076217-932913964-1001
    Task: {28331F24-6530-4D12-A803-926EBFECFBBA} - System32\Tasks\PassWidget_wd => C:\Program Files (x86)\Pass-WidgetStf\PassWidget_wd.exe
    Task: {3EC6F75B-3023-441F-9ABB-5528CD7C3479} - System32\Tasks\{E6205218-61A9-4CF1-A731-2216EB07928D} => C:\Users\Pałlinka\Downloads\LeagueofLegends.exe
    Task: {7CEF404E-F3FC-426F-85DD-9C4A5F76129A} - System32\Tasks\{EA95621C-2019-4435-837E-82B77905CA72} => pcalua.exe -a "C:\Program Files (x86)\Mp3Tube Toolbar\uninstall.exe" -c bho /S
    Task: {8D45013C-94C1-49F0-B747-445FD0AF0B5D} - System32\Tasks\RunAsStdUser Task => C:\Users\Pałlinka\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe
    Task: {9640C3D5-D975-462E-AA1E-9151097EB43D} - System32\Tasks\{D142223B-6FAB-498F-9220-00782929E776} => C:\Program Files (x86)\HP\HP Deskjet Ink Adv 2060 K110\bin\HPScan.exe [2010-11-16] (Hewlett-Packard Co.)
    Task: {989CD079-392B-4A37-9E13-6ACFE8C6E854} - System32\Tasks\{40505301-F92E-4AF1-9947-F717BCC6C662} => pcalua.exe -a "C:\Program Files (x86)\Dia\dia-0.97-uninstall.exe"
    Task: {A1A4EFEE-1517-4DB6-A62A-D0A0C241A9B6} - System32\Tasks\PassWidget Update => C:\Program Files (x86)\Pass-WidgetStf\passw.exe
    Task: {AB68DCDC-EE8A-45A3-9A3C-533192F71057} - System32\Tasks\{E381B743-2AD7-4C80-8E72-9A10022B9E37} => C:\Program Files (x86)\HP\HP Deskjet Ink Adv 2060 K110\bin\HPScan.exe [2010-11-16] (Hewlett-Packard Co.)
    Task: {C3DB94C0-18F7-4400-81E6-8EFEC3992334} - System32\Tasks\{01008925-6D18-41E0-8658-FCEDFEF481E2} => pcalua.exe -a C:\Users\Pałlinka\Downloads\OptiFine+Mod+Installer.exe -d C:\Users\Pałlinka\Downloads
    Task: {D196D5CE-6D9E-4224-866D-56668F95E2BA} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== UWAGA
    Task: C:\Windows\Tasks\PassWidget Update.job => C:\Program Files (x86)\Pass-WidgetStf\passw.exe
    Task: C:\Windows\Tasks\PassWidget_wd.job => C:\Program Files (x86)\Pass-WidgetStf\PassWidget_wd.exe <==== UWAGA
    Task: C:\Windows\Tasks\YourFile DownloaderUpdate.job => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe #hxxp:/www.yourfiledownloader.com <==== UWAGA




    HKLM-x32\...\Run: [] => [X]
    AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => Brak pliku
    AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => Brak pliku
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
    Startup: C:\Users\12345\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    Startup: C:\Users\Gość\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    Startup: C:\Users\Paulina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    Startup: C:\Users\xD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2014-02-05]
    ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    GroupPolicy: Ograniczenia - Chrome <==== UWAGA
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&...65GSXN_90DAS8BXSXX90DAS8BXS&ts=1393427856
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&...65GSXN_90DAS8BXSXX90DAS8BXS&ts=1393427856
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    HKU\S-1-5-21-2156839760-1016076217-932913964-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={267F988C-46A2-4E0B-A15C-D3DCBA48696E}&mid=a16bf877086947d2a3ac59e75b09827a-7a99c22b026ce652747d42aac2349b43fbd58a68&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2014-12-11 19:40:17&v=4.2.4.155&pid=wtu&sg=&sap=hp
    SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {12BFA2CB-481E-E94D-3DA4-0EDC60597D98} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
    SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    SearchScopes: HKLM -> {9019A524-A277-4EAD-BDBB-DDEE293814C9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
    SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1Qzu0EzztAzy0D0F0E0F0AyDyBzz0ByB0AyDtN0D0Tzu0CyDtByDtN1L2XzutN1L1Czu&cr=281056563&ir=
    SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {13CC980E-F27A-417D-89BE-D79DAB6F906C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1...OSHIBAXMK3265GSXN_90DAS8BXSXX90DAS8BXS&q={searchTerms}
    SearchScopes: HKLM-x32 -> {7219BACC-7A74-4930-BABC-3752CACAE70C} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=2&sr=0&q={searchTerms}
    SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1Qzu0EzztAzy0D0F0E0F0AyDyBzz0ByB0AyDtN0D0Tzu0CyDtByDtN1L2XzutN1L1Czu&cr=281056563&ir=
    SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2670199
    SearchScopes: HKU\.DEFAULT -> {33524C00-63FB-43DB-A6BF-0A4E14B24649} URL = hxxp://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-2156839760-1016076217-932913964-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={267F988C-46A2-4E0B-A15C-D3DCBA48696E}&mid=a16bf877086947d2a3ac59e75b09827a-7a99c22b026ce652747d42aac2349b43fbd58a68&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1016tb&pr=fr&d=2014-12-11 19:40:17&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2156839760-1016076217-932913964-1000 -> {9019A524-A277-4EAD-BDBB-DDEE293814C9} URL =
    SearchScopes: HKU\S-1-5-21-2156839760-1016076217-932913964-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={267F988C-46A2-4E0B-A15C-D3DCBA48696E}&mid=a16bf877086947d2a3ac59e75b09827a-7a99c22b026ce652747d42aac2349b43fbd58a68&lang=pl&ds=AVG&coid=avgtbavg&cmpid=1016tb&pr=fr&d=2014-12-11 19:40:17&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
    BHO: Brak nazwy -> {B939CF93-F2CB-443d-956C-DC523D85C9DB} -> Brak pliku
    BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-11-19] (AVG)
    BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
    BHO-x32: Brak nazwy -> {B939CF93-F2CB-443d-956C-DC523D85C9DB} -> Brak pliku
    Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
    Toolbar: HKLM - Brak nazwy - !{98889811-442D-49dd-99D7-DC866BE87DBC} - Brak pliku
    Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
    Toolbar: HKLM-x32 - Brak nazwy - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - Brak pliku
    Toolbar: HKLM-x32 - Brak nazwy - !{98889811-442D-49dd-99D7-DC866BE87DBC} - Brak pliku
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
    FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-12-28] [Brak podpisu cyfrowego]
    FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Pałlinka\AppData\Roaming\okitSpace\Firefox => nie znaleziono
    FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
    FF Extension: (RelevantKnowledge) - C:\Program Files (x86)\RelevantKnowledge\firefox [2015-12-28] [Brak podpisu cyfrowego]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-07-05]
    CHR HKLM-x32\...\Chrome\Extension: [fhpaoccafjodfmbnkkfdfbihaajedhfl] - C:\Users\Pałlinka\AppData\Local\CRE\fhpaoccafjodfmbnkkfdfbihaajedhfl.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Pałlinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Pałlinka\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [lbidgdoiglndbjlcnnifemecdhnpeabo] - C:\Users\Małgorzata\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx <nie znaleziono>
    CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2012-04-09]
    S2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [205728 2016-09-23] (TMRG, Inc.) <==== UWAGA
    S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [X]
    S3 aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [X]
    U0 aswVmm; Brak ImagePath
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 vserial; System32\DRIVERS\vserial.sys [X]
    2017-06-29 15:23 - 2014-12-25 14:32 - 00000000 ____D C:\Program Files\AVAST Software
    2017-06-29 15:23 - 2014-12-25 14:31 - 00000000 ____D C:\ProgramData\AVAST Software
    2014-04-03 15:29 - 2014-04-03 15:30 - 6000640 _____ () C:\Program Files (x86)\GUT18A0.tmp
    2015-09-02 19:27 - 2015-09-02 19:30 - 6420480 _____ () C:\Program Files (x86)\GUT1EB7.tmp
    2015-07-28 18:46 - 2015-07-28 19:41 - 6420480 _____ () C:\Program Files (x86)\GUT342A.tmp
    2015-02-04 09:25 - 2015-02-04 09:27 - 6103040 _____ () C:\Program Files (x86)\GUTF96C.tmp
    EmptyTemp:

    0
  • CControls
  • #3 01 Lip 2017 12:42
    Stefan1121
    Poziom 20  

    Niestety dalej system dziwnie się zachowywał, podejrzewam że pliki systemowe były uszkodzone, więc szybciej było przeinstalować system niż bawić się w to :)

    Dziękuje za pomoc i zamykam.

    0