Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21-03-2021 Uruchomiony przez ITI716 (administrator) ITI7 (25-03-2021 11:15:06) Uruchomiony z C:\Users\ITI716\Downloads Załadowane profile: ITI716 Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Domyślna przeglądarka: FF Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe <5> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2> (C. Ghisler & Co.) [Brak podpisu cyfrowego] D:\!nttce\!@nttc\TC PowerPack\TOTALCMD.EXE (Comarch S.A. -> ) C:\Program Files (x86)\Comarch\ComarchCryptoProvider\ComarchCryptoServer.exe <2> (Comarch S.A. -> ) C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe <2> (Comarch S.A. -> ComArch S.A.) C:\Program Files (x86)\Comarch\ComarchSmartCard\CardServer.exe (CryptoTech -> CryptoTech Sp. z o.o.) C:\Program Files (x86)\CryptoTech\CryptoCard\CCMonitor.exe (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe <2> (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_notify.exe (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe (Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe (DUC FABULOUS RESEARCH DEVELOPING SCIENCE TECH PRO SOFT CO LTD -> ) C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe (Ferro Software -> FERRO Software) D:\Program Files (x86)\FERRO Software\Ferro Backup System\FBSWorker.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8783616 2015-12-25] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [17992848 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1805936 2019-10-15] (GlavSoft LLC -> GlavSoft LLC.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation - Software and Firmware Products -> Intel Corporation) HKLM-x32\...\Run: [CryptoCard Suite Cert Monitor] => C:\Program Files (x86)\CryptoTech\CryptoCard\CCMonitor.exe [947440 2015-07-27] (CryptoTech -> CryptoTech Sp. z o.o.) HKLM-x32\...\Run: [WatchDogUserAutostart] => C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe [542480 2017-05-25] (Comarch S.A. -> ) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [1860480 2020-09-24] (Famatech Corp. -> Famatech Corp.) HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\KOAXVA_P: C:\Windows\System32\spool\prtprocs\x64\KOAXVA_P.DLL [50680 2017-08-21] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\368SeriesPCL Language Monitor: C:\Windows\system32\KOAXVJ_L.DLL [25600 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\368SeriesPS Language Monitor: C:\Windows\system32\KOAXVA_L.DLL [25600 2017-08-21] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\368SeriesXPS Language Monitor: C:\Windows\system32\KOAXVW_L.DLL [25600 2017-08-21] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.) HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) GroupPolicy: Ograniczenia ? <==== UWAGA Policies: C:\ProgramData\NTUSER.pol: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {3631C009-B800-49F4-9F54-AC528CFEFA1B} - System32\Tasks\wyłącz => C:\Windows\System32\shutdown.exe [34304 2009-07-14] (Microsoft Windows -> Microsoft Corporation) Task: {3B6D8413-6D72-4F5A-AD18-3D3FE64A60A5} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe Task: {6C3A7C86-A66B-456C-89EA-DEE6C2473D50} - System32\Tasks\{AEF11AF6-CECE-4F01-9B11-39470A96EC9F} => D:\Wiqt\WIQT.EXE [1258535 2003-01-15] () [Brak podpisu cyfrowego] Task: {85AEDFC2-9BF9-4F30-AF01-DDC9DEEB212E} - System32\Tasks\{0FC4DAFB-8205-4064-951A-8377F860B2E2} => D:\Wiqt\WIQT.EXE [1258535 2003-01-15] () [Brak podpisu cyfrowego] Task: {8C11BF2C-AF3F-4C8D-80D0-6911B8B8D51A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [642544 2021-03-24] (Mozilla Corporation -> Mozilla Foundation) Task: {8D4DB7E7-422C-47C6-B13B-97D229FEC259} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [9035520 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) Task: {961D53FB-3C79-4CCD-BC22-522C7435493C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [633840 2021-03-16] (Mozilla Corporation -> Mozilla Foundation) Task: {9D3EFB17-E436-42AF-86B5-5C91B31EDC4E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {D7420F57-B2A5-4A4A-AA92-41AA02D7671A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\mmBackup_192.168.1.101_5432_MMEDICA.job => C:\Program Files (x86)\ASSECO\mMedica\mmBackup.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{20A6C6A6-9D6C-43C6-BDBE-EF7CCF322177}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{575F692A-46B7-4738-96CD-7F1DD66A0081}: [NameServer] 8.8.4.4,192.168.1.1 Tcpip\..\Interfaces\{575F692A-46B7-4738-96CD-7F1DD66A0081}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Guest Profile Edge Profile: C:\Users\ITI716\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-25] Edge Profile: C:\Users\ITI716\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-03-25] FireFox: ======== FF DefaultProfile: x17zv8xa.default-1508390353633 FF ProfilePath: C:\Users\ITI716\AppData\Roaming\Mozilla\Firefox\Profiles\u7jo0x9z.default-release [2021-03-25] FF Homepage: Mozilla\Firefox\Profiles\u7jo0x9z.default-release -> about:blank FF NetworkProxy: Mozilla\Firefox\Profiles\u7jo0x9z.default-release -> type", 0 FF ProfilePath: C:\Users\ITI716\AppData\Roaming\Mozilla\Firefox\Profiles\x17zv8xa.default-1508390353633 [2021-03-25] FF Extension: (Szafir SDK Web) - C:\Users\ITI716\AppData\Roaming\Mozilla\Firefox\Profiles\x17zv8xa.default-1508390353633\Extensions\{5e118bad-a840-4256-bd31-296194533aac}.xpi [2019-08-12] [UpdateUrl:hxxps://www.elektronicznypodpis.pl/download/webmodule/firefox/updates.json] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Users\ITI716\AppData\Roaming\Mozilla\Firefox\Profiles\x17zv8xa.default-1508390353633\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [Brak podpisu cyfrowego] FF Plugin-x32: @DVR/npplugin,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\WebPlugin\npPlugin.dll [2015-07-29] (Zhejiang Dahua Technology CO.,LTD. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3604365705-1591200432-3773341001-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ITI716\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3604365705-1591200432-3773341001-1001: jpl.nasa.gov/NASAEyes -> C:\Users\ITI716\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\npNASAEyes.dll [2019-01-25] (NASA Jet Propulsion Laboratory -> Jet Propulsion Laboratory) ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 AktualizujPP; D:\Program Files (x86)\Asseco Poland SA\Płatnik\ASSECO.AKTUALIZUJ.PP.exe [31584 2015-02-12] (Asseco Poland SA -> Asseco Poland S.A.) R2 ComarchCardServer; C:\Program Files (x86)\Comarch\ComarchSmartCard\CardServer.exe [1271384 2016-08-04] (Comarch S.A. -> ComArch S.A.) R2 ComarchCryptoWatchdog; C:\Program Files (x86)\Comarch\ComarchCryptoProvider\watchdog_service.exe [542480 2017-05-25] (Comarch S.A. -> ) R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [12798032 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2135464 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) R2 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [1806856 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [6726288 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) R2 FBSWorker; D:\Program Files (x86)\FERRO Software\Ferro Backup System\FBSWorker.exe [651360 2017-05-22] (Ferro Software -> FERRO Software) S4 HPSIService; C:\Windows\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP) S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [267824 2007-05-04] (Nero AG -> Nero AG) S3 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [967552 2020-09-24] (Famatech Corp. -> Famatech Corp.) S3 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S3 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1805936 2019-10-15] (GlavSoft LLC -> GlavSoft LLC.) R2 UltraViewService; C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe [107280 2019-11-27] (DUC FABULOUS RESEARCH DEVELOPING SCIENCE TECH PRO SOFT CO LTD -> ) S4 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2182224 2016-05-22] (uvnc bvba -> UltraVNC) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> ) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) R0 DrWebLwf; C:\Windows\System32\drivers\DrWebLwf.sys [279184 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) R1 DrWebWfp; C:\Windows\System32\drivers\dw_wfp.sys [74400 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [383968 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [116096 2013-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) R3 RvNetMP60; C:\Windows\System32\DRIVERS\RvNetMP60.sys [69048 2020-09-24] (Famatech Corp. -> Famatech Corp.) R0 SpiderG3; C:\Windows\System32\drivers\spiderg3.sys [239744 2016-10-21] (Doctor Web Ltd. -> Doctor Web, Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [213216 2018-11-08] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [223000 2018-11-08] (Oracle Corporation -> Oracle Corporation) S3 4F92AF6A9D8701A7; \??\C:\Windows\TEMP\57B68A1.sys [X] S3 4F93470F4BBF6B38; \??\C:\Windows\TEMP\21EDD6F.sys [X] S3 4F935E91425F1008; \??\C:\Windows\TEMP\216F8B9.sys [X] S3 esihdrv; \??\C:\Users\ITI716\AppData\Local\Temp\esihdrv.sys [X] <==== UWAGA U4 npcap_wifi; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-25 11:15 - 2021-03-25 11:15 - 000020446 _____ C:\Users\ITI716\Downloads\FRST.txt 2021-03-25 11:14 - 2021-03-25 11:15 - 000000000 ____D C:\FRST 2021-03-25 11:06 - 2021-03-25 11:06 - 002300928 _____ (Farbar) C:\Users\ITI716\Downloads\FRST64.exe 2021-03-25 11:05 - 2021-03-25 11:05 - 074255224 _____ (Google LLC) C:\Users\ITI716\Downloads\ChromeStandaloneSetup64.exe 2021-03-25 10:03 - 2021-03-25 10:03 - 001702269 _____ C:\Users\ITI716\Downloads\System Dystrybucji Szczepionek - Instrukcja Użytkownika Punktu Szczepień v1.1.pdf 2021-03-25 09:42 - 2021-03-25 09:42 - 000053046 _____ C:\Users\ITI716\Downloads\przyklad.exe 2021-03-25 07:14 - 2021-03-25 07:14 - 000001229 _____ C:\Users\ITI716\Downloads\09R_01003119202101_2_202103231310.umx 2021-03-25 07:13 - 2021-03-25 07:13 - 000173295 _____ C:\Users\ITI716\Downloads\Komunikat dot. SOID - kończący się okres przejściowy.pdf 2021-03-24 14:11 - 2021-03-24 14:11 - 000004498 _____ C:\Users\ITI716\Downloads\styleswitch.js 2021-03-24 07:11 - 2021-03-25 07:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-03-23 07:44 - 2018-04-10 09:52 - 000003006 _____ C:\Users\ITI716\Desktop\MARTA_CZYŻEWSKA_2018-04-10_10_52_13.pfx 2021-03-22 14:28 - 2021-03-22 14:29 - 176842096 _____ (Microsoft Corporation) C:\Users\ITI716\Downloads\mmFullInstall(61000).exe 2021-03-22 12:29 - 2021-03-22 12:29 - 000021806 _____ C:\Users\ITI716\Downloads\md_stylechanger.js.htm 2021-03-19 11:55 - 2021-03-19 11:55 - 000020067 _____ C:\Users\ITI716\Downloads\slownik_komorek_xml_styczen_2020_2.xlsx 2021-03-19 11:55 - 2021-03-19 11:55 - 000015400 _____ C:\Users\ITI716\Downloads\2021_03_słownik_procedur.xlsx 2021-03-19 11:55 - 2021-03-19 11:55 - 000012666 _____ C:\Users\ITI716\Downloads\slownik_swiadczen_ap-kolce_styczen_2020_2.xlsx 2021-03-18 14:35 - 2021-03-18 14:35 - 000000168 _____ C:\Users\ITI716\Desktop\style css kurs.url 2021-03-18 12:06 - 2021-03-18 12:06 - 000248446 _____ C:\Users\ITI716\Downloads\D20190848.pdf 2021-03-18 08:09 - 2021-03-18 08:27 - 000157184 _____ C:\Users\ITI716\Downloads\ostrzeżenia 2021.xls 2021-03-18 07:24 - 2021-03-18 07:24 - 000149919 _____ C:\Users\ITI716\Downloads\swiadczenia(3).xls 2021-03-18 07:24 - 2021-03-18 07:24 - 000042823 _____ C:\Users\ITI716\Downloads\swiadczenia.csv 2021-03-18 07:22 - 2021-03-18 07:22 - 000001034 _____ C:\Users\ITI716\Downloads\zestawySwiadczen.wae 2021-03-18 07:20 - 2021-03-18 07:20 - 000123457 _____ C:\Users\ITI716\Downloads\Komunikat ws. szkoleń.pdf 2021-03-18 07:20 - 2021-03-18 07:20 - 000086963 _____ C:\Users\ITI716\Downloads\Pismo do Prezesa NFZ-1.pdf 2021-03-17 07:01 - 2021-03-17 07:01 - 000119350 _____ C:\Users\ITI716\Downloads\Pismo do OW 11032021 - Informacja dla świadczeniodawców.pdf 2021-03-16 12:22 - 2021-03-16 12:23 - 176842096 _____ (Microsoft Corporation) C:\Users\ITI716\Downloads\mmFullInstall(1).exe 2021-03-16 12:04 - 2021-03-16 12:04 - 000555513 _____ C:\Users\ITI716\Downloads\cit-8-29-_v1-0e_.pdf 2021-03-12 08:19 - 2021-03-12 08:19 - 000030285 _____ C:\Users\ITI716\Downloads\c1054b7e-fd88-49f5-9381-029b4da29f3d.xml 2021-03-11 13:41 - 2021-03-11 13:41 - 000087601 _____ C:\Users\ITI716\Downloads\Wniosek_ID300910_20210311134122.pdf 2021-03-11 10:08 - 2021-03-22 07:15 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-03-11 10:08 - 2021-03-22 07:15 - 000002198 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-03-11 10:07 - 2021-03-11 10:07 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-03-11 10:07 - 2021-03-11 10:07 - 000003282 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-03-10 07:11 - 2021-03-10 07:11 - 000134579 _____ C:\Users\ITI716\Downloads\(2021.65449.KAKL) MZ_pismo przypominające o obowiązku wymiany EDM i raportowania ZM.pdf 2021-03-04 13:37 - 2021-03-04 13:37 - 000652730 _____ C:\Users\ITI716\Downloads\WUE.40.10265.2020. PA.pdf 2021-03-04 13:35 - 2021-03-04 13:35 - 000749638 _____ C:\Users\ITI716\Downloads\Słupczyński Krzysztof_WUE.40.10265.2020.PA_04-02-2021-2 do ZU.pdf 2021-03-04 13:07 - 2021-03-04 13:07 - 002436838 _____ C:\Users\ITI716\Downloads\PodręcznikRedaktoraSPBIP.pdf 2021-03-04 12:42 - 2021-03-04 12:42 - 000844686 _____ C:\Users\ITI716\Downloads\regulamin-hosting.pdf 2021-03-04 12:42 - 2021-03-04 12:42 - 000795548 _____ C:\Users\ITI716\Downloads\cennik-domen.pdf 2021-03-03 13:12 - 2021-03-03 13:12 - 000149319 _____ C:\Users\ITI716\Downloads\Tabela do pisma_komórki org.od 1 marca 2021_umowy 19-4.09R030159.xlsx 2021-03-03 13:11 - 2021-03-03 13:11 - 000149323 _____ C:\Users\ITI716\Downloads\Tabela do pisma_komórki org.od 1 marca 2021_umowy 19-4.09R030101.xlsx 2021-03-02 10:50 - 2021-03-02 10:50 - 000163464 _____ C:\Users\ITI716\Downloads\EUmowa_0903015901202013_AneksNr_8_GUID_44de1a25-744a-4806-8c6c-6882be602c50.pdf 2021-03-02 10:46 - 2021-03-02 10:46 - 000160968 _____ C:\Users\ITI716\Downloads\EUmowa_0903010101202013_AneksNr_10_GUID_8f046355-2032-4d5c-b3de-523617b97fad(1).pdf 2021-03-02 10:41 - 2021-03-02 10:45 - 000149761 _____ C:\Users\ITI716\Downloads\Tabela do pisma_komórki org.od 1 marca 2021_umowy 19-4.xlsx 2021-03-02 10:41 - 2021-03-02 10:41 - 000285255 _____ C:\Users\ITI716\Downloads\pismo dot. przekazania danych o komórkach organizacyjnych w umowach 19.docx scan.pdf 2021-03-01 12:23 - 2021-03-01 12:23 - 000000000 ____D C:\Users\mMedica\AppData\Roaming\Windows Live Writer 2021-03-01 12:23 - 2021-03-01 12:23 - 000000000 ____D C:\Users\mMedica\AppData\Local\Windows Live Writer 2021-03-01 12:22 - 2021-03-01 12:22 - 000000000 ____D C:\Users\mMedica\AppData\Roaming\Comarch 2021-03-01 12:22 - 2021-03-01 12:22 - 000000000 ____D C:\Users\mMedica\AppData\Local\Google 2021-03-01 07:28 - 2021-03-01 07:28 - 000153358 _____ C:\Users\ITI716\Downloads\WYDRUK_0897255200.pdf 2021-03-01 07:27 - 2021-03-01 07:27 - 000133192 _____ C:\Users\ITI716\Downloads\WYDRUK_6846298900.pdf 2021-03-01 07:27 - 2021-03-01 07:27 - 000131783 _____ C:\Users\ITI716\Downloads\WYDRUK_6847298900.pdf 2021-03-01 07:27 - 2021-03-01 07:27 - 000127726 _____ C:\Users\ITI716\Downloads\WYDRUK_6944298900.pdf 2021-03-01 07:26 - 2021-03-01 07:26 - 000140677 _____ C:\Users\ITI716\Downloads\WYDRUK_6848298900.pdf 2021-03-01 07:26 - 2021-03-01 07:26 - 000139970 _____ C:\Users\ITI716\Downloads\WYDRUK_6844298900.pdf ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2021-03-25 10:58 - 2018-05-11 10:41 - 000000000 ____D C:\Users\ITI716\AppData\Local\Google 2021-03-25 10:58 - 2018-05-11 10:41 - 000000000 ____D C:\Program Files (x86)\Google 2021-03-25 10:50 - 2019-01-30 14:12 - 000000000 ____D C:\ProgramData\Mozilla 2021-03-25 10:50 - 2016-11-21 07:08 - 000000000 ____D C:\Users\ITI716\AppData\LocalLow\Mozilla 2021-03-25 09:43 - 2016-10-21 09:33 - 000000000 ____D C:\Users\ITI716 2021-03-25 07:19 - 2009-07-14 05:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2021-03-25 07:19 - 2009-07-14 05:45 - 000032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2021-03-25 07:15 - 2010-11-21 13:53 - 000742200 _____ C:\Windows\system32\perfh015.dat 2021-03-25 07:15 - 2010-11-21 13:53 - 000156520 _____ C:\Windows\system32\perfc015.dat 2021-03-25 07:15 - 2009-07-14 06:13 - 001675426 _____ C:\Windows\system32\PerfStringBackup.INI 2021-03-25 07:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2021-03-25 07:11 - 2017-10-17 06:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-25 07:11 - 2016-10-21 09:33 - 000000000 __SHD C:\Users\ITI716\IntelGraphicsProfiles 2021-03-25 07:11 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-03-24 14:11 - 2019-01-31 13:00 - 000001996 ____H C:\Users\ITI716\Documents\Default.rdp 2021-03-24 07:46 - 2020-10-30 07:09 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-03-23 13:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2021-03-22 13:37 - 2016-10-21 11:14 - 000000000 ____D C:\Users\ITI716\Documents\- Administracja 2021-03-17 06:59 - 2020-01-08 07:21 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-03-12 07:57 - 2016-10-21 10:11 - 000000000 ____D C:\Users\ITI716\AppData\Roaming\mMedica 2021-03-11 09:05 - 2019-11-05 07:22 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-03-08 13:29 - 2021-01-05 08:09 - 000000000 ____D C:\Users\ITI716\Documents\covid SZCZEPIENIE KADRY - DOC 2021-03-03 10:51 - 2018-01-09 10:17 - 000000000 ____D C:\Users\ITI716\AppData\Roaming\GofinDruki 2021-03-02 14:13 - 2016-10-21 11:14 - 000000000 ____D C:\Users\ITI716\Documents\Moje zeskanowane obrazy 2021-03-02 12:07 - 2016-10-21 11:15 - 000000000 ____D C:\Users\ITI716\Documents\Na drzwi 2021-03-01 12:23 - 2016-10-24 10:51 - 000126088 _____ C:\Users\mMedica\AppData\Local\GDIPFONTCACHEV1.DAT 2021-03-01 12:22 - 2016-10-24 10:51 - 000000000 __SHD C:\Users\mMedica\IntelGraphicsProfiles 2021-03-01 07:13 - 2016-10-21 12:13 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======== 2018-03-07 11:41 - 2018-03-07 12:00 - 000003072 _____ () C:\Users\ITI716\AppData\Roaming\ZFOTOkreator Prefsv3 2017-04-24 09:34 - 2019-06-25 09:31 - 000004096 ____H () C:\Users\ITI716\AppData\Local\keyfile3.drm 2016-10-21 10:54 - 2018-11-26 08:48 - 000007596 _____ () C:\Users\ITI716\AppData\Local\Resmon.ResmonCfg 2018-01-02 07:48 - 2018-01-02 07:48 - 000000000 _____ () C:\Users\ITI716\AppData\Local\zenmap.exe.log ==================== FLock ============================== 2017-04-27 10:46 C:\DrWeb Archive ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2021-03-23 09:32 ==================== Koniec FRST.txt ========================