Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja: 14-12-2020 Uruchomiony przez xXx (16-12-2020 21:50:19) Run:2 Uruchomiony z D:\Programy\FRST Załadowane profile: xXx Tryb startu: Normal ============================================== fixlist - zawartość: ***************** CreateRestorePoint: CloseProcesses: EmptyTemp: File: C:\Windows\system32\conhost.exe MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ***************** Punkt przywracania został pomyślnie utworzony. Procesy zostały pomyślnie zamknięte. ========================= File: C:\Windows\system32\conhost.exe ======================== C:\Windows\system32\conhost.exe Catalog: C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_822_for_KB4534310~31bf3856ad364e35~amd64~~6.1.1.9.cat Plik podpisany cyfrowo MD5: 584852299641A3E1740B0E4F91E15B38 Data utworzenia i modyfikacji: 2020-01-15 11:56 - 2020-01-03 04:01 Rozmiar: 000338432 Atrybuty: ----A Firma: Microsoft Windows -> Microsoft Corporation Wewnętrzna nazwa: ConHost Oryginalna nazwa: CONHOST.EXE Produkt: Microsoft® Windows® Operating System Opis: Console Window Host Plik Wersja: 6.1.7601.24545 (win7sp1_ldr_escrow.200102-1707) Produkt Wersja: 6.1.7601.24545 Prawa autorskie: © Microsoft Corporation. All rights reserved. VirusTotal: https://www.virustotal.com/gui/file/13ff4989c521bb56953949fea98cdad7493abf3dcdbaa3db648c9b2c750c4069/detection/f-13ff4989c521bb56953949fea98cdad7493abf3dcdbaa3db648c9b2c750c4069-1607188483 ====== Koniec File: ====== HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvastUI.exe => pomyślnie usunięto "CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => pomyślnie usunięto "BVTFilter" => pomyślnie usunięto "BVTConsumer" => pomyślnie usunięto =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13580496 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 464634 B Edge => 0 B Chrome => 105597654 B Firefox => 291436532 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B