proszę o sprawdzenie logów; załączam jedynie Addition.txt i FRST.txt, FRST nie może wygenerować nowego Shortcut.txt, zawiesza się przy skanowaniu na „Skanowanie: inne zasoby” (coś w tym stylu).
Przed skanowaniem FRST robiłem skanowanie MBAM, ale program niczego nie znalazł; raport w załączeniu.
Jaki jest problem: filmiki na YT buforują się w momencie, kiedy próbuję przesunąć odtwarzany fragment w okienku odtwarzacza. Ponadto od ok. miesiąca mam problem z pobraniem aktualizacji sygnatur do Win Defendera (teraz, po odinstalowaniu MBAM nie mogę go włączyć). Jest też mały problem z FF - po włączeniu z początku dosyć długo ładują się strony, później jest już ok (ale to szczegół).
7-Zip 16.02 i 7-Zip 9.20 (zaktualizuj do najnowszej wersji)
2. Uruchom FRST/FRST64.exe, wciśnij kombinację klawiszy ctrl + y. Otworzy się notatnik, do którego wklej zawartość skryptu. Zamknij i zapisz. W FRST kliknij „napraw” →
CloseProcesses:
CreateRestorePoint:
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Ograniczenia <==== UWAGA
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Ograniczenia <==== UWAGA
HKU\S-1-5-21-3486298909-2668279709-3669421771-1001\...\MountPoints2: {714a2876-22ee-11e5-826e-c0389687e08c} - "F:\AutoRun.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-12-09] (Apple Inc.) [Brak podpisu cyfrowego]
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4094672 2021-08-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3486298909-2668279709-3669421771-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3486298909-2668279709-3669421771-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3486298909-2668279709-3669421771-1001\...\Run: [MicrosoftEdgeAutoLaunch_3CA2D981C7A8A76DF66CC681714E3FC8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188608 2023-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2265755D-A27D-478C-9228-00894FBDC793} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {8E454B48-AAD1-4AA1-8626-31CC9C650580} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E3B253B7-F021-4AA3-865C-17FFEA5536E8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "94d55e45-edba-4a08-81b3-cfde18070c16" --version "6.15.10623" --silent
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: {838CA121-6006-4734-BF66-6E813AC17F2E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {7EBE6ED4-B426-41E1-BE1A-B1F434E1FBF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {BF01F496-BECD-4118-97FD-046BA6287B3A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {0080DC45-1C8C-4BF8-AA86-8F1305E02506} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {CCD651F6-FCE4-4038-B5F4-26A015AB2169} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {075EDFD6-2DFE-483A-A253-1DDBA9A12B14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {72C6378B-0E7E-4D3F-99FD-146AE9ECABB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {7BD9BCDC-24E2-46C5-8354-9087A400C2E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {573CC29D-5F29-439D-9F4F-D5213E10B667} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.)
Task: {6D5147C6-1808-490B-8B03-9A8C55E9485D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {8C96E440-5D08-404B-A21A-3A1DA63FC24A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3486298909-2668279709-3669421771-1001 => C:\Users\Oskar\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2016-08-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {41FEC2D2-9BAF-47A8-A813-8BDD147E3036} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8747BAA5-FA28-41E4-A89E-D11BA12AC2EF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-04] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5C32D3C5-C237-4D55-95F0-16212A1198D7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-08-04] (Mozilla Corporation -> Mozilla Foundation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{5F378D1A-A266-4809-A59D-47DF451B0FC5}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{AB2CED5A-6AAC-41CE-86EB-9E636472CAAB}: [DhcpNameServer] 192.168.1.1 192.168.1.1
FF Extension: (ADB Helper) - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\s9z8vrye.default\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] [Przestarzałe]
FF Extension: (Valence) - C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\s9z8vrye.default\Extensions\fxdevtools-adapters@mozilla.org [2017-08-03] [Przestarzałe]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) [Brak podpisu cyfrowego]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
C:\Users\Oskar\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk
2023-08-22 14:03 - 2023-08-22 14:03 - 000000000 ____D C:\Users\Oskar\Downloads\FRST-OlderVersion
HKU\S-1-5-21-3486298909-2668279709-3669421771-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPALL14/178
HKU\S-1-5-21-3486298909-2668279709-3669421771-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/178
SearchScopes: HKU\S-1-5-21-3486298909-2668279709-3669421771-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3486298909-2668279709-3669421771-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3486298909-2668279709-3669421771-1004 -> {E32F57D4-FD6A-4C04-8172-FBEE8EB93C45} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
EmptyEventLogs:
EmptyTemp:
*Plik naprawczy przeznaczony jest tylko dla autora wątku! * Po wykonaniu skryptu i ponownym uruchomieniu załącz utworzony fixlog.txt
Wykonaj skan RogueKiller Anti Malware Zalecane pobranie wersji przenośnej (portable). Przed uruchomieniem pełnego skanowania należy włączyć w ustawieniach bezsygnaturowy „moduł MaIPE (BETA)”; opcjonalnie „skanuj z pełną wydajnością” (ustawienia → ustawienia skanowania).
Zmień serwer DNS na Quad9 → YouTube (podstawowy 9.9.9.9, zapasowy 149.112.112.112)