Reštart prieskumníka vo Win 7

[Conder]

Na vlozenie textu pouzi moznost Paste (Prilepit)

[kekesko]

Vyhodilo to toto.


Ten druhý príkaz v čom mám spustiť? V spustiť len blikne a zmizne.

[Conder]

Ten druhy prikaz sa mal tiez spustit v prikazovom riadku tak ako ten prvy, ale kedze "sfc /scannow" neprebehol ako ma, tak je to v tomto pripade zbytocne.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  
  ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustedInstaller
  CMD: sc query trustedinstaller
  CMD: sc qc trustedinstaller
  CMD: sc config trustedinstaller start= demand
  CMD: net start trustedinstaller
  
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Pockaj na dokoncenie
• Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

[kekesko]

Fix result of Farbar Recovery Scan Tool (x86) Version: 28.12.2018 01
Ran by PC (03-01-2019 01:06:12) Run:7
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustedInstaller
CMD: sc query trustedinstaller
CMD: sc qc trustedinstaller
CMD: sc config trustedinstaller start= demand
CMD: net start trustedinstaller

End
*****************

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustedInstaller]
"BlockTime"="10800"
"BlockTimeIncrement"="900"
"PreshutdownTimeout"="3600000"
"DisplayName"="@%SystemRoot%\servicing\TrustedInstaller.exe,-100"
"Group"="ProfSvc_Group"
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
"Description"="@%SystemRoot%\servicing\TrustedInstaller.exe,-101"
"ObjectName"="localSystem"
"ErrorControl"="1"
"Start"="2"
"Type"="16"
"ServiceSidType"="1"
"FailureActions"="840300000000000000000000030000001400000001000000c0d4010001000000e09304000000000000000000"
[HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller\Security]
HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller\Security => Access Denied.

=== End of ExportKey ===

========= sc query trustedinstaller =========


SERVICE_NAME: trustedinstaller
TYPE : 10 WIN32_OWN_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

========= End of CMD: =========


========= sc qc trustedinstaller =========

[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: trustedinstaller
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Windows\servicing\TrustedInstaller.exe
LOAD_ORDER_GROUP : ProfSvc_Group
TAG : 0
DISPLAY_NAME : TrustedInstaller
DEPENDENCIES :
SERVICE_START_NAME : localSystem

========= End of CMD: =========


========= sc config trustedinstaller start= demand =========

[SC] ChangeServiceConfig SUCCESS

========= End of CMD: =========


========= net start trustedinstaller =========

System error 2 has occurred.

Syst‚m nem“§e n jsś zadaně sŁbor.


========= End of CMD: =========


==== End of Fixlog 01:06:14 ====

[Conder]

Otvor FRST

• Do textoveho pola Search vloz tento text:

  Kód: Vybrat vše

  trustedinstaller.exe

• Klikni na Search Files a pockaj na dokoncenie (toto moze trvat dlhsi cas)
• Posli vysledny log

[kekesko]

Farbar Recovery Scan Tool (x86) Version: 28.12.2018 01
Ran by PC (03-01-2019 16:45:58)
Running from C:\Users\PC\Desktop\Qone8-omiga
Boot Mode: Normal

================== Search Files: "trustedinstaller.exe" =============

C:\Windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06\TrustedInstaller.exe
[2010-11-20 22:29][2010-11-20 22:29] 000204800 _____ (Microsoft Corporation) 2C49B175AEE1D4364B91B531417FE583 [File is digitally signed]


====== End of Search ======

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Windows\servicing\TrustedInstaller.exe
  Replace: C:\Windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06\TrustedInstaller.exe C:\Windows\servicing\TrustedInstaller.exe
  
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[kekesko]

Nepýtal si reštart len vyhodil toto:

Fix result of Farbar Recovery Scan Tool (x86) Version: 28.12.2018 01
Ran by PC (05-01-2019 16:09:54) Run:8
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses
CreateRestorePoint

File CWindowsservicingTrustedInstaller.exe
Replace CWindowswinsxsx86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06TrustedInstaller.exe CWindowsservicingTrustedInstaller.exe

End
*****************

CloseProcesses => Error: No automatic fix found for this entry.
CreateRestorePoint => Error: No automatic fix found for this entry.
File CWindowsservicingTrustedInstaller.exe => Error: No automatic fix found for this entry.
Replace CWindowswinsxsx86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06TrustedInstaller.exe CWindowsservicingTrustedInstaller.exe => Error: No automatic fix found for this entry.

==== End of Fixlog 16:09:54 ====

[Conder]

Fixlist bol zle skopirovany, chybaju tam niektore znaky (lomitko, dvojbodka). Skus to este raz.

[kekesko]

Fix result of Farbar Recovery Scan Tool (x86) Version: 28.12.2018 01
Ran by PC (05-01-2019 20:55:29) Run:9
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Windows\servicing\TrustedInstaller.exe
Replace: C:\Windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06\TrustedInstaller.exe C:\Windows\servicing\TrustedInstaller.exe

End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Windows\servicing\TrustedInstaller.exe ========================

"C:\Windows\servicing\TrustedInstaller.exe" => not found
====== End of File: ======

"C:\Windows\servicing\TrustedInstaller.exe" => not found
Could not replace C:\Windows\servicing\TrustedInstaller.exe


The system needed a reboot.

==== End of Fixlog 20:56:02 ====

[Conder]

Stiahni aktualnu verziu FRST z https://www.bleepingcomputer.com/downlo ... scan-tool/

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  CMD: takeown /F c:\windows\servicing /A
  CMD: icacls c:\windows\servicing /grant administrators:F
  Replace: C:\Windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06\TrustedInstaller.exe C:\Windows\servicing\TrustedInstaller.exe
  
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[kekesko]

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-01-2019
Ran by PC (06-01-2019 23:39:33) Run:10
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

CMD: takeown /F c:\windows\servicing /A
CMD: icacls c:\windows\servicing /grant administrators:F
Replace: C:\Windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06\TrustedInstaller.exe C:\Windows\servicing\TrustedInstaller.exe

End
*****************

Processes closed successfully.
Restore point was successfully created.

========= takeown /F c:\windows\servicing /A =========


SUCCESS: The file (or folder): "c:\windows\servicing" now owned by the administrators group.

========= End of CMD: =========


========= icacls c:\windows\servicing /grant administrators:F =========

processed file: c:\windows\servicing
Successfully processed 1 files; Failed processing 0 files

========= End of CMD: =========

"C:\Windows\servicing\TrustedInstaller.exe" => not found
Could not replace C:\Windows\servicing\TrustedInstaller.exe


The system needed a reboot.

==== End of Fixlog 23:40:29 ====

[Conder]

FRST zlyhava pri skopirovani suboru, tak skusime to rucne.

• Stlac Win+R a otvor tento priecinok:

  Kód: Vybrat vše

  C:\Windows\winsxs\x86_microsoft-windows-trustedinstaller_31bf3856ad364e35_6.1.7601.17514_none_93149d6fab68cf06\

• V tam by sa mal nachadzat subor "TrustedInstaller.exe", klikni nanho a skopiruj ho stlacenim Ctrl+C
• Nasledne opat cez Win+R otvor priecinok:

  Kód: Vybrat vše

  C:\Windows\servicing\

• Stlacenim Ctrl+V sem vloz skopirovany subor
• Ak sa vyskytnu nejake hlasky, potvrd ich

Ak sa to podari, spusti vo FRST tento fixlist (taky isty postup ako predtym, toto bude bez restartovania) a posli vysledok:

• Kód: Vybrat vše

  Start
  File: C:\Windows\servicing\TrustedInstaller.exe
  End

[kekesko]

Ten program tam bol ale v nulovej hodnote. Musel som dať admin vstup aby sa prekopíroval.

Fix result of Farbar Recovery Scan Tool (x86) Version: 07-01-2019
Ran by PC (08-01-2019 01:21:57) Run:11
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
File: C:\Windows\servicing\TrustedInstaller.exe
End
*****************


========================= File: C:\Windows\servicing\TrustedInstaller.exe ========================

C:\Windows\servicing\TrustedInstaller.exe
File is digitally signed
MD5: 2C49B175AEE1D4364B91B531417FE583
Creation and modification date: 2019-01-06 23:40 - 2010-11-20 22:29
Size: 000204800
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: TrustedInstaller.exe
Original Name: TrustedInstaller.exe
Product: Microsoft® Windows® Operating System
Description: Windows Modules Installer
File Version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
Product Version: 6.1.7601.17514
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/6c7995e ... 545976351/

====== End of File: ======


==== End of Fixlog 01:21:58 ====

[Conder]

OK, zda sa ze sa podarilo. Skus teraz znovu spustit tu kontrolu integrity:

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"

• Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC