Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 23-02-2020 Uruchomiony przez Biezon (25-02-2020 16:35:58) Run:1 Uruchomiony z C:\Users\Biezon\Desktop Załadowane profile: Biezon (Dostępne profile: Biezon) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CloseProcesses: CreateRestorePoint: EmptyTemp: VirusTotal: C:\Users\Biezon\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe HKU\S-1-5-21-3590867538-1801098156-3626726041-1001\...\MountPoints2: {3d3c0c8e-3bb6-11ea-95ea-00d861c240be} - "D:\setup.exe" HKU\S-1-5-21-3590867538-1801098156-3626726041-1001\...\Winlogon: [Shell] %comspec% <==== UWAGA HKU\S-1-5-21-3590867538-1801098156-3626726041-1001\...\Command Processor: @mode 20,5 & tasklist /FI "IMAGENAME eq SoundModule.exe" 2>NUL | find /I /N "SoundModule.exe">NUL && exit & if exist "C:\Users\Biezon\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" ( start /MIN "" "C:\Users\Biezon\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) <==== UWAGA Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa Task: {FB779186-3798-4A61-877A-A476A97F001E} - \Microsoft\Windows\Maintenance\InstallWinSAT -> Brak pliku <==== UWAGA Tcpip\..\Interfaces\{823f2c23-abab-467c-952a-dd8b29e03695}: [DhcpNameServer] 192.168.1.1 ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe Brak pliku ***************** Procesy zostały pomyślnie zamknięte. Punkt przywracania został pomyślnie utworzony. "VirusTotal: C:\Users\Biezon\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" => nie znaleziono HKU\S-1-5-21-3590867538-1801098156-3626726041-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d3c0c8e-3bb6-11ea-95ea-00d861c240be} => pomyślnie usunięto "HKU\S-1-5-21-3590867538-1801098156-3626726041-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => pomyślnie usunięto "HKU\S-1-5-21-3590867538-1801098156-3626726041-1001\Software\Microsoft\Command Processor\\AutoRun" => pomyślnie usunięto HKLM\System\CurrentControlSet\Control\Lsa\\"Authentication Packages"="msv1_0" => Wartość pomyślnie przywrócono "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB779186-3798-4A61-877A-A476A97F001E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB779186-3798-4A61-877A-A476A97F001E}" => pomyślnie usunięto "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\InstallWinSAT" => nie znaleziono "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{823f2c23-abab-467c-952a-dd8b29e03695}\\DhcpNameServer" => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => pomyślnie usunięto HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => pomyślnie usunięto HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => pomyślnie usunięto HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => pomyślnie usunięto HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => pomyślnie usunięto HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => pomyślnie usunięto "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\OpenSSH-Server-In-TCP" => pomyślnie usunięto =========== EmptyTemp: ========== BITS transfer queue => 9199616 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9562767 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 2335458 B Edge => 4137272 B Chrome => 327953372 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B Biezon => 2453438 B RecycleBin => 0 B EmptyTemp: => 339.2 MB danych tymczasowych Usunięto. ================================ System wymagał restartu. ==== Koniec Fixlog 16:36:12 ====