Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 27.01.2024 01 Uruchomiony przez Marek (30-01-2024 11:11:56) Uruchomiony z C:\Users\Marek\Desktop Microsoft Windows 7 Professional Service Pack 1 (X64) (2024-01-22 17:09:27) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) Administrator (S-1-5-21-847364145-1575075650-3793484829-500 - Administrator - Disabled) Gość (S-1-5-21-847364145-1575075650-3793484829-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-847364145-1575075650-3793484829-1002 - Limited - Enabled) Marek (S-1-5-21-847364145-1575075650-3793484829-1000 - Administrator - Enabled) => C:\Users\Marek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.6000 - ASUS) Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.119 - Etron Technology) Hidden Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.119 - Etron Technology) Foxit PDF Editor (HKLM-x32\...\{a883595c-f323-41a2-a409-3d94a03a69ac}) (Version: 2023.2.0.21408 - Foxit Software Inc.) Foxit PDF Editor (HKLM-x32\...\{B21BCBCA-3B27-11EE-B2C2-54BF64A63C26}) (Version: 2023.2.0.21408 - Foxit Software Inc.) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Intel(R) Chipset Device Software (HKLM\...\{FEBB7B48-CC1C-4A50-A497-FA21413F6BE9}) (Version: 10.1.1.14 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation) Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech) Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell) Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 (PLK) (HKLM\...\{AC22E632-A884-3236-AF80-02676EB22001}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Access MUI (Polish) 2016 (HKLM-x32\...\{90160000-0015-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft DCF MUI (Polish) 2016 (HKLM-x32\...\{90160000-0090-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.140 - Microsoft Corporation) Microsoft Excel MUI (Polish) 2016 (HKLM-x32\...\{90160000-0016-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Groove MUI (Polish) 2016 (HKLM-x32\...\{90160000-00BA-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (Polish) 2016 (HKLM-x32\...\{90160000-0044-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (Polish) 2016 (HKLM-x32\...\{90160000-00E1-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (Polish) 2016 (HKLM-x32\...\{90160000-00E2-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2016 (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Office Proofing (Polish) 2016 (HKLM-x32\...\{90160000-002C-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Polish) 2016 (HKLM\...\{90160000-002A-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2016 (HKLM-x32\...\{90160000-006E-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft OneNote MUI (Polish) 2016 (HKLM-x32\...\{90160000-00A1-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Outlook MUI (Polish) 2016 (HKLM-x32\...\{90160000-001A-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (Polish) 2016 (HKLM-x32\...\{90160000-0018-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Publisher MUI (Polish) 2016 (HKLM-x32\...\{90160000-0019-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Skype for Business MUI (Polish) 2016 (HKLM-x32\...\{90160000-012B-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Microsoft Teams (HKU\S-1-5-21-847364145-1575075650-3793484829-1000\...\Teams) (Version: 1.7.00.156 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.22609 (HKLM\...\{7FAA7151-D2F2-3CB5-A82B-16410DC068F6}) (Version: 14.0.22609 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.22609 (HKLM\...\{6246A9E2-24AE-3CEE-8C52-1CCE7F0E4006}) (Version: 14.0.22609 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.22609 (HKLM-x32\...\{E4E510C1-EC51-3DB5-A1A1-E6116853EF7B}) (Version: 14.0.22609 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.22609 (HKLM-x32\...\{9B5D95E8-316C-3390-B4A5-EB7B6D8F228D}) (Version: 14.0.22609 - Microsoft Corporation) Microsoft Word MUI (Polish) 2016 (HKLM-x32\...\{90160000-001B-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Mozilla Firefox ESR (x64 pl) (HKLM\...\Mozilla Firefox 115.7.0 ESR (x64 pl)) (Version: 115.7.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.6.0 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM-x32\...\{90160000-001F-0415-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Sterownik 3D Vision 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.22 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation) NVIDIA Sterownik graficzny 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 8.7 - Power Software Ltd) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.) Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft) Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft) Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0415-0000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) WinRAR 5.91 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-847364145-1575075650-3793484829-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Marek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.11\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2023-08-14] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2023-12-05] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-29] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2023-12-05] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-05-20] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2023-08-14] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-29] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2023-12-05] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Brak podpisu cyfrowego] ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Załadowane moduły (filtrowane) ============= 2024-01-22 22:03 - 2016-05-02 06:39 - 001298824 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll 2024-01-22 22:03 - 2016-05-02 06:38 - 001767944 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Brak podpisu cyfrowego] C:\Windows\system32\nvspcap64.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (Wersja 11) (filtrowane) ========== BHO: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2023-08-14] (FOXIT SOFTWARE INC. -> ) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2023-08-14] (FOXIT SOFTWARE INC. -> ) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2023-08-14] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM-x32 - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2023-08-14] (FOXIT SOFTWARE INC. -> ) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-847364145-1575075650-3793484829-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{7CA37006-5504-442A-9678-1962E0F14C66}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7B03637F-56A7-4AD5-A8E0-59957B963977}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D3C6851E-B144-44B4-B6A0-B61887A6C8CD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A39DF1CE-9B5B-4494-B775-4E5D9A3AF3A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F69891AB-0B9A-4AFA-B3DB-D9FB6EE09229}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{60706C16-0E30-4314-9EAC-C22B30B6D4A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7C04555A-2F91-4658-88DE-899D61DA058E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{933D71B3-B685-4CAA-AD39-EE590D8F67F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{00B17C31-5B9A-4A63-8ED3-EBF8494EF9D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Punkty Przywracania systemu ========================= 29-01-2024 11:33:12 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (01/30/2024 10:45:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/29/2024 09:40:43 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/28/2024 08:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/28/2024 07:48:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/27/2024 09:32:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/27/2024 03:24:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/26/2024 11:21:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/26/2024 10:53:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (01/30/2024 11:14:25 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {BB6DF56B-CACE-11DC-9992-0019B93A3A84} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/29/2024 10:21:49 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/29/2024 10:21:48 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/29/2024 10:08:02 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/29/2024 10:08:01 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/29/2024 09:21:48 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/29/2024 09:21:48 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/29/2024 08:22:01 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Windows Defender: ================Event[0]: Date: 2024-01-22 18:06:23.389 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Bieżące Kod błędu:0x80070003 Opis błędu:System nie może odnaleźć określonej ścieżki. Wersja podpisu:0.0.0.0 Wersja aparatu:0.0.0.0 ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. P1.40 05/18/2011 Płyta główna: ASRock Z68 Extreme4 Procesor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Procent pamięci w użyciu: 38% Całkowita pamięć fizyczna: 8104.57 MB Dostępna pamięć fizyczna: 5021.33 MB Całkowita pamięć wirtualna: 16207.29 MB Dostępna pamięć wirtualna: 13097.82 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:99.9 GB) (Free:48.47 GB) (Model: WDC WD10EZEX-08M2NA0 ATA Device) NTFS Drive d: (Dysk lokalny) (Fixed) (Total:831.51 GB) (Free:411.71 GB) (Model: WDC WD10EZEX-08M2NA0 ATA Device) NTFS \\?\Volume{3690b1a1-b948-11ee-af3c-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4EEB4308) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=831.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt =======================