Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 08-07-2020 01 Uruchomiony przez Maciej (18-07-2020 09:58:36) Run:1 Uruchomiony z C:\Users\Maciej\Downloads Załadowane profile: Maciej Tryb startu: Normal ============================================== fixlist - zawartość: ***************** VirusTotal: C:\Users\Maciej\AppData\Roaming\systray\systrayamd64.dll Task: {2761B2B9-FC90-4366-B791-4384E85CC8A0} - System32\Tasks\GOOGLEUPDATETASKMACHINEUAC => C:\Users\Maciej\AppData\Roaming\d_temp\service.exe [1084928 2020-06-26] () [Brak podpisu cyfrowego] <==== UWAGA C:\Users\Maciej\AppData\Roaming\d_temp Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} C:\WINDOWS\Minidump\*.dmp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk EmptyTemp: ***************** VirusTotal: C:\Users\Maciej\AppData\Roaming\systray\systrayamd64.dll => https://www.virustotal.com/gui/file/b4a66c8a25ea63409c65cadd1b55e041970e48cd35e2965fc78fc99c005beafd/detection/f-b4a66c8a25ea63409c65cadd1b55e041970e48cd35e2965fc78fc99c005beafd-1545842370 "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2761B2B9-FC90-4366-B791-4384E85CC8A0}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2761B2B9-FC90-4366-B791-4384E85CC8A0}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\GOOGLEUPDATETASKMACHINEUAC => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GOOGLEUPDATETASKMACHINEUAC" => pomyślnie usunięto C:\Users\Maciej\AppData\Roaming\d_temp => pomyślnie przeniesiono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= wevtutil : Failed to clear log Microsoft-Windows-LiveId/Analytic. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...iveId/Analytic.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Odmowa dostŕpu. wevtutil : Failed to clear log Microsoft-Windows-LiveId/Operational. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...Id/Operational.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Odmowa dostŕpu. wevtutil : Failed to clear log Microsoft-Windows-USBVideo/Analytic. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...Video/Analytic.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Przekazana nazwa wyst╣pienia nie zosta│a uznana przez dostawcŕ danych WMI za prawid│ow╣. ========= Koniec Powershell: ========= =========== "C:\WINDOWS\Minidump\*.dmp" ========== C:\WINDOWS\Minidump\071520-32593-01.dmp => pomyślnie przeniesiono ========= Koniec -> "C:\WINDOWS\Minidump\*.dmp" ======== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk => pomyślnie przeniesiono C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk => pomyślnie przeniesiono =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21085280 B Java, Flash, Steam htmlcache => 52463807 B Windows/system/drivers => 2782071 B Edge => 154133 B Chrome => 481005411 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 3931 B LocalService => 97721 B NetworkService => 97721 B Maciej => 116481111 B RecycleBin => 0 B EmptyTemp: => 650.5 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 10:00:40 ====