Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 22-11-2020 01 Uruchomiony przez A (23-11-2020 17:05:00) Run:2 Uruchomiony z G:\Program Files\First Załadowane profile: A Tryb startu: Normal ============================================== fixlist - zawartość: ***************** Task: {73B39BC9-9F2B-445E-A68E-8DD36EA0C82F} - System32\Tasks\Spooler SubSystem App => C:\Users\A\AppData\Roaming\WinRAR\Spooler\spoolsp.exe [6026752 2019-09-25] () [Brak podpisu cyfrowego] Task: {D7A30751-4350-4157-89E3-145E53AA92AD} - System32\Tasks\Virtual Machine Integration Component Service => C:\Users\A\AppData\Roaming\WinRAR\VMICS\vmicsvc.exe VirusTotal: C:\Users\A\AppData\Roaming\WinRAR\Spooler\spoolsp.exe VirusTotal: C:\Users\A\AppData\Roaming\WinRAR\VMICS\vmicsvc.exe Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} EmptyTemp: ***************** "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{73B39BC9-9F2B-445E-A68E-8DD36EA0C82F}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73B39BC9-9F2B-445E-A68E-8DD36EA0C82F}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Spooler SubSystem App => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Spooler SubSystem App" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D7A30751-4350-4157-89E3-145E53AA92AD}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7A30751-4350-4157-89E3-145E53AA92AD}" => pomyślnie usunięto C:\WINDOWS\System32\Tasks\Virtual Machine Integration Component Service => pomyślnie przeniesiono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Virtual Machine Integration Component Service" => pomyślnie usunięto VirusTotal: C:\Users\A\AppData\Roaming\WinRAR\Spooler\spoolsp.exe => https://www.virustotal.com/gui/file/badcf30264a7a570341e1b93a15e7f7b42204bd64251d7143f6873b6f0298550/detection/f-badcf30264a7a570341e1b93a15e7f7b42204bd64251d7143f6873b6f0298550-1603723204 "VirusTotal: C:\Users\A\AppData\Roaming\WinRAR\VMICS\vmicsvc.exe" => nie znaleziono ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= wevtutil : Failed to clear log Microsoft-Windows-LiveId/Analytic. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...iveId/Analytic.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Odmowa dostŕpu. wevtutil : Failed to clear log Microsoft-Windows-LiveId/Operational. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...Id/Operational.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Odmowa dostŕpu. ========= Koniec Powershell: ========= =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11651779 B Java, Flash, Steam htmlcache => 1194 B Windows/system/drivers => 60270 B Edge => 87277 B Chrome => 0 B Firefox => 797802444 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 12228 B A => 54386245 B RecycleBin => 0 B EmptyTemp: => 834 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 17:06:35 ====