Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14-09-2019 Uruchomiony przez Recepcja (16-09-2019 22:23:24) Uruchomiony z C:\Users\Recepcja\Desktop Windows 10 Home Wersja 1809 17763.737 (X64) (2019-02-11 21:33:08) Tryb startu: Safe Mode (with Networking) ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1133247490-2179822280-128119213-500 - Administrator - Disabled) Gość (S-1-5-21-1133247490-2179822280-128119213-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1133247490-2179822280-128119213-503 - Limited - Disabled) Recepcja (S-1-5-21-1133247490-2179822280-128119213-1001 - Administrator - Enabled) => C:\Users\Recepcja WDAGUtilityAccount (S-1-5-21-1133247490-2179822280-128119213-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: COMODO Advanced Protection (Disabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40} AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3} FW: COMODO Firewall (Disabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.3.2 - philandro Software GmbH) BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden Brother iPrint&Scan (HKLM-x32\...\{613ce488-8460-4831-ad3a-dd0b4c39fdaf}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Brother iPrint&Scan (HKLM-x32\...\{A7B27ABE-950F-48B4-B74F-F3F87C9E9BCD}) (Version: 4.3.2.0 - Brother Industries, Ltd.) Hidden Brother MFL-Pro Suite DCP-T500W (HKLM-x32\...\{BA07A125-6AC7-4293-89D6-391676FFD041}) (Version: 1.0.2.0 - Brother Industries, Ltd.) Brother Printer Driver (HKLM-x32\...\{06BCEEF5-5FFD-482B-98C6-6DA2F34A023D}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden Brother Scanner Driver (HKLM-x32\...\{11936670-B976-4471-AF27-E0DAABEF7F20}) (Version: 1.0.14.1 - Brother Industries Ltd.) Hidden BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden COMODO Internet Security Premium (HKLM\...\{8E048D96-59B5-4BD8-A5D0-8FFCFC161A5A}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) ControlCenter4 (HKLM-x32\...\{CAFE5834-5440-41B8-8C56-4DD946A1A5E1}) (Version: 4.6.21.1 - Brother Industries, Ltd.) Hidden ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden DeviceDetect (HKLM-x32\...\{97BCFAD0-8BC5-480B-ADA2-F54809F48267}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden InsERT GT 1.48 SP2 (HKLM-x32\...\{57BA1854-A84B-4E4A-B4CA-8085C1935E38}) (Version: 1.48.30 - InsERT) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) K-Lite Codec Pack 13.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.3.0 - KLCP) KWHotel Free (0.44.104) (HKLM-x32\...\KWHotel) (Version: 0.44.104.0 - KajWare) LibreOffice 5.4.0.3 (HKLM-x32\...\{A58CEA35-2B5F-4720-B5BE-D0B6A1E645FB}) (Version: 5.4.0.3 - The Document Foundation) Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A22EED3F-6DB6-4987-8023-6C6B7030E554}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Command Line Utilities (HKLM\...\{D9F711D3-3C90-4D79-9292-47C90C722E2A}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{C20DACBE-19F2-47FF-AD22-BBB493499346}) (Version: 11.2.5643.3 - Microsoft Corporation) Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation) Microsoft SQL Server 2014 Setup (English) (HKLM\...\{E0AE1947-4991-475D-B972-15C90905915A}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{E8C99927-8E6E-4B6B-B80C-1B8B23B1767D}) (Version: 12.2.5000.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.2.5000.0 - Microsoft Corporation) Mozilla Firefox 69.0 (x64 pl) (HKLM\...\Mozilla Firefox 69.0 (x64 pl)) (Version: 69.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0 - Mozilla) NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden Norton Family (HKLM-x32\...\NSM) (Version: 3.7.3.55 - Symantec Corporation) Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.) Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.) Opera Stable 63.0.3368.71 (HKLM-x32\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden Service Pack 2 for SQL Server 2014 (KB3171021) (64-bit) (HKLM\...\KB3171021) (Version: 12.2.5000.0 - Microsoft Corporation) SoftwareUpdateNotification (HKLM-x32\...\{C2430580-570A-48D4-BF61-FA55E35BD052}) (Version: 1.0.8.0 - Brother Insutries Ltd.) Hidden SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.2.5000.0 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.2.5000.0 - Microsoft Corporation) Hidden StatusMonitor (HKLM-x32\...\{624AB804-EE0E-4AD5-AB8F-15BB29C54065}) (Version: 1.22.8.0 - Brother Insutries Ltd.) Hidden Sterowniki firmy InsERT 5.34 (HKLM-x32\...\{204BE422-4E2A-4C33-88E6-31387C89C7A2}) (Version: 5.34 - InsERT) Synchronizator vendero (HKLM-x32\...\{C507DF93-1E96-4AA0-95A1-FA153236B248}) (Version: 7.0.1087.0 - InsERT) Hidden Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden Packages: ========= Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.147.500.0_x86__kgqvnymyfvs32 [2019-09-09] (king.com) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft News - Wiadomości -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Studios) [MS Ad] MSN Pogoda -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad] OpenFM - Radio dostrojone do Ciebie -> C:\Program Files\WindowsApps\WirtualnaPolska.OpenFM-RadiodostrojonedoCiebie_2.1.0.0_neutral__thkbbxcrkrpcw [2017-09-28] (Wirtualna Polska) Poczta i Kalendarz -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1133247490-2179822280-128119213-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Recepcja\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1133247490-2179822280-128119213-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Recepcja\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1133247490-2179822280-128119213-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Recepcja\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Recepcja\Downloads\KWHotel_0_44_104.exe:$CmdTcID [130] AlternateDataStreams: C:\Users\Recepcja\Downloads\KWHotel_0_44_104.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Recepcja\Downloads\kwhotel_0_44_47.exe:$CmdTcID [130] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1133247490-2179822280-128119213-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 62.21.99.94 - 62.21.99.95 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "RtHDVCpl" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "ISUSPM" HKLM\...\StartupApproved\Run32: => "PDFProHook" HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification" HKLM\...\StartupApproved\Run32: => "I17D" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{B3F8E420-972E-461B-932C-6714793D69C0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{F165B2F7-73E9-4633-A6D5-41D7E7EF3B65}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{1B3E1F5C-9EC2-40AB-8567-807239714CDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CDDE204B-F5EE-43B2-86DB-84B7E9887E37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CEE6D7CF-F38A-4C90-9BE3-61A414D7F18E}] => (Allow) C:\Program Files\Opera\62.0.3331.116\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{696003B4-0876-432E-AEAA-9415F74899D0}] => (Allow) LPort=54950 FirewallRules: [{EBC15FA3-2A5E-4A45-8657-5326D6DD6E70}] => (Allow) LPort=54955 FirewallRules: [{A6B337F1-5960-48D2-916A-D0F00C68ACE4}] => (Allow) C:\Program Files\Opera\63.0.3368.71\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{0A0C0A72-8C07-4DB8-AC30-DECEDDDB7DBA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{3DC0535B-2538-48E1-B2D6-84181D1F9B5C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{228A56D1-6997-4137-9594-45AB5E4BBE71}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{387B9787-1286-4EF1-847E-B43F93F28704}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) ==================== Punkty Przywracania systemu ========================= 31-08-2019 17:12:30 Zaplanowany punkt kontrolny 09-09-2019 21:56:47 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Sterownik infrastruktury wirtualizacji funkcji Microsoft Hyper-V Description: Sterownik infrastruktury wirtualizacji funkcji Microsoft Hyper-V Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Vid Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: IntcAzAudAddService Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Audio dla wyświetlaczy Intel(R) Description: Audio dla wyświetlaczy Intel(R) Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Intel(R) Corporation Service: IntcDAud Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/16/2019 10:21:12 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (09/16/2019 10:15:12 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (09/16/2019 10:15:12 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (09/16/2019 10:13:11 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (09/16/2019 10:10:17 PM) (Source: PerfNet) (EventID: 2002) (User: ) Description: Nie można otworzyć obiektu wydajności usługi przekierowania. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (09/16/2019 10:10:16 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (09/16/2019 10:10:16 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: ) Description: Próba pobrania stanu węzła klastra nie powiodła się. Zwrócony kod błędu: 0x8007085A Error: (09/16/2019 07:15:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: BRAL160.EXE, wersja: 1.2.0.1, sygnatura czasowa: 0x56cbb9c8 Nazwa modułu powodującego błąd: BRRBI17D.DLL, wersja: 1.3.0.0, sygnatura czasowa: 0x59fa804e Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00007f74 Identyfikator procesu powodującego błąd: 0x6fa4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d56c4dcba91f23 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\spool\DRIVERS\x64\3\BRAL160.EXE Ścieżka modułu powodującego błąd: C:\WINDOWS\system32\spool\DRIVERS\x64\3\BRRBI17D.DLL Identyfikator raportu: bbb47970-e2b7-4756-9ebe-aa6995108430 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (09/16/2019 10:25:04 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami Niedostępny w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (09/16/2019 10:23:24 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/16/2019 10:22:42 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/16/2019 10:22:22 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/16/2019 10:21:46 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/16/2019 10:21:08 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/16/2019 10:20:53 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (09/16/2019 10:20:43 PM) (Source: DCOM) (EventID: 10005) (User: MAGNAT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} CodeIntegrity: =================================== Date: 2019-09-16 22:07:00.225 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 22:06:37.409 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 22:06:37.287 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 13:44:17.837 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 13:41:57.182 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 13:14:46.509 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 11:57:04.851 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-09-16 11:41:16.322 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. F3 08/10/2015 Motherboard: Gigabyte Technology Co., Ltd. B85M-HD3 R4 Procesor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz Procent pamięci w użyciu: 63% Całkowita pamięć fizyczna: 3996.38 MB Dostępna pamięć fizyczna: 1466.16 MB Całkowita pamięć wirtualna: 6556.38 MB Dostępna pamięć wirtualna: 3871.39 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:199.64 GB) (Free:143.51 GB) NTFS Drive d: () (Fixed) (Total:731.32 GB) (Free:726.19 GB) NTFS \\?\Volume{07c3dc75-1c9b-4bca-b805-9fb42bdb59e7}\ () (Fixed) (Total:0.44 GB) (Free:0.03 GB) NTFS \\?\Volume{4b37e218-c968-496b-a718-fa9a12bf2d76}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================