Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 11.11.2018 Uruchomiony przez Zod (administrator) LAPTOP (12-11-2018 19:01:44) Uruchomiony z D:\Pobrane Załadowane profile: Zod (Dostępne profile: Zod) Platform: Windows 10 Pro Wersja 1803 17134.137 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe73d2ebaa05fb95\igfxCUIService.exe (Datpol) C:\Program Files (x86)\SpyShelter Firewall\SpyShelterSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe73d2ebaa05fb95\IntelCpHDCPSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe73d2ebaa05fb95\IntelCpHeciSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe73d2ebaa05fb95\igfxEM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Datpol) C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\Creative Audio Task\CTAudTsk.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\Creative HID Task\CTHIDTsk.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\BlasterX Acoustic Engine Pro\BlasterX Acoustic Engine Pro\BlasterX.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9232872 2017-07-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-07-27] (Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1195376 2017-07-18] (Waves Audio Ltd.) HKLM\...\Run: [SpyShelter] => C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.exe [3740880 2018-10-09] (Datpol) HKLM-x32\...\Run: [Creative Audio Task] => C:\Program Files (x86)\Creative\Shared Files\Creative Audio Task\CTAudTsk.exe [123848 2016-03-03] (Creative Technology Ltd) HKLM-x32\...\Run: [Creative HID Task] => C:\Program Files (x86)\Creative\Shared Files\Creative HID Task\CTHIDTsk.exe [104392 2016-02-10] (Creative Technology Ltd) HKLM-x32\...\Run: [BlasterX Acoustic Engine Pro] => C:\Program Files (x86)\Creative\BlasterX Acoustic Engine Pro\BlasterX Acoustic Engine Pro\BlasterX.exe [1138176 2017-07-11] (Creative Technology Ltd) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\Run: [Vivaldi Update Notifier] => "C:\Users\Zod\AppData\Local\Vivaldi\Application\update_notifier.exe" ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220 192.168.1.1 Tcpip\..\Interfaces\{462b5f08-7169-411c-a10c-36645b73241f}: [DhcpNameServer] 208.67.222.222 208.67.220.220 192.168.1.1 Tcpip\..\Interfaces\{e4a62d76-00f8-44de-9929-7347b92dacff}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{e4a62d76-00f8-44de-9929-7347b92dacff}: [DhcpNameServer] 208.67.222.222 208.67.220.220 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2965024247-2335412768-829678967-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <==== UWAGA HKU\S-1-5-21-2965024247-2335412768-829678967-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.pl HKU\S-1-5-21-2965024247-2335412768-829678967-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl HKU\S-1-5-21-2965024247-2335412768-829678967-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.google.pl FireFox: ======== FF DefaultProfile: 0htb0nra.default FF ProfilePath: C:\Users\Zod\AppData\Roaming\Mozilla\Firefox\Profiles\0htb0nra.default [2018-11-12] FF Homepage: Mozilla\Firefox\Profiles\0htb0nra.default -> about:blank FF Extension: (HTTPS Everywhere) - C:\Users\Zod\AppData\Roaming\Mozilla\Firefox\Profiles\0htb0nra.default\Extensions\https-everywhere@eff.org.xpi [2018-11-01] FF Extension: (Disable WebRTC) - C:\Users\Zod\AppData\Roaming\Mozilla\Firefox\Profiles\0htb0nra.default\Extensions\jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2018-06-25] FF Extension: (uBlock Origin) - C:\Users\Zod\AppData\Roaming\Mozilla\Firefox\Profiles\0htb0nra.default\Extensions\uBlock0@raymondhill.net.xpi [2018-10-18] FF Extension: (Malwarebytes Browser Extension) - C:\Users\Zod\AppData\Roaming\Mozilla\Firefox\Profiles\0htb0nra.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2018-11-09] FF Extension: (No Coin - Block miners on the web!) - C:\Users\Zod\AppData\Roaming\Mozilla\Firefox\Profiles\0htb0nra.default\Extensions\{5657c026-efc3-4860-b43b-16e4eaa8a9aa}.xpi [2018-06-25] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [312864 2017-07-20] (Dell Inc.) R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation) S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413720 2017-06-09] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-06-09] (Intel Corporation) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542392 2017-10-18] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation) R2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324584 2017-07-27] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-06-25] (Microsoft Corporation) R2 SpyShelterSrv; C:\Program Files (x86)\SpyShelter Firewall\SpyShelterSrv.exe [61136 2018-10-09] (Datpol) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2150120 2017-03-16] (Intel Corporation) R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [829816 2017-07-18] (Waves Audio Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation) S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{2E8A33FA-4ADB-4251-99EA-21BCD7D8B404} R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.) S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation) R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [85064 2017-11-30] (Intel Corporation) R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-06-26] (REALiX(tm)) S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [70632 2017-06-09] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [132104 2017-10-18] (Intel Corporation) S3 KsUSBa64; C:\Windows\system32\drivers\ksUSBa64.sys [1671656 2017-06-14] (Creative Technology Ltd.) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-04] (Malwarebytes) S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation) R3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8751632 2018-04-04] (Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_a1989af69cfe5bee\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [984040 2017-06-19] (Realtek ) U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [420832 2017-04-27] (Realsil Semiconductor Corporation) S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-06-25] (Microsoft Corporation) R1 Spyshelter; C:\Program Files (x86)\SpyShelter Firewall\SpyShelter.sys [1937848 2018-10-09] (SpyShelter) R2 SpyshelterFw; C:\Program Files (x86)\SpyShelter Firewall\SpyshelterWFP.sys [75192 2018-10-09] (SpyShelter) R1 SpyshelterKb; C:\Program Files (x86)\SpyShelter Firewall\SpyshelterKb.sys [881080 2018-10-09] (SpyShelter) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation) U4 DiagTrack; Brak ImagePath U4 TimeBroker; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-11-12 19:00 - 2018-11-12 19:01 - 000000000 ____D C:\FRST 2018-11-04 18:46 - 2018-11-04 18:46 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-11-04 11:15 - 2018-10-02 21:13 - 000835152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-11-04 11:15 - 2018-10-02 21:13 - 000179792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-11-04 11:13 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2018-10-29 19:28 - 2018-10-29 19:28 - 000234353 _____ C:\Users\Zod\Documents\524533181018.pdf 2018-10-23 23:30 - 2018-10-24 23:26 - 000000545 _____ C:\Users\Zod\Desktop\Python informacje podstawowe.txt 2018-10-23 23:13 - 2018-10-23 23:13 - 000000000 ____D C:\Users\Zod\AppData\Roaming\JetBrains 2018-10-23 23:13 - 2018-10-23 23:13 - 000000000 ____D C:\Users\Zod\.PyCharmCE2018.2 2018-10-23 23:05 - 2018-10-23 23:05 - 000000843 _____ C:\Users\Public\Desktop\JetBrains PyCharm Community Edition 2018.2.4 x64.lnk 2018-10-23 23:05 - 2018-10-23 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2018-10-23 23:05 - 2018-10-23 23:05 - 000000000 ____D C:\Program Files\JetBrains 2018-10-23 22:57 - 2018-10-23 22:57 - 000000000 ____D C:\Users\Zod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7 2018-10-23 22:57 - 2018-10-23 22:57 - 000000000 ____D C:\Python37 2018-10-23 22:54 - 2018-10-23 22:57 - 000000000 ____D C:\Users\Zod\AppData\Local\Package Cache 2018-10-20 17:45 - 2018-10-20 18:48 - 000000000 ____D C:\Users\Zod\AppData\Roaming\uTorrent 2018-10-20 17:45 - 2018-10-20 17:45 - 000000894 _____ C:\Users\Zod\Desktop\µTorrent.lnk 2018-10-20 17:45 - 2018-10-20 17:45 - 000000874 _____ C:\Users\Zod\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-11-12 17:18 - 2018-06-28 15:36 - 000000000 ____D C:\Program Files (x86)\Steam 2018-11-12 14:14 - 2018-06-27 18:12 - 000002022 _____ C:\Users\Zod\Desktop\CrystalDiskMark 6.lnk 2018-11-12 09:07 - 2018-06-25 20:20 - 000000000 ____D C:\Users\Zod\AppData\LocalLow\Mozilla 2018-11-12 09:04 - 2018-06-25 20:28 - 000000000 __SHD C:\Users\Zod\IntelGraphicsProfiles 2018-11-12 03:24 - 2018-06-25 20:32 - 000000000 ____D C:\ProgramData\NVIDIA 2018-11-11 21:48 - 2018-06-26 17:09 - 000000000 ____D C:\Users\Zod\AppData\Roaming\TS3Client 2018-11-11 17:27 - 2018-06-25 20:01 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-11-04 11:19 - 2018-06-25 20:06 - 001677180 _____ C:\Windows\system32\PerfStringBackup.INI 2018-11-04 11:19 - 2018-04-12 16:51 - 000749420 _____ C:\Windows\system32\perfh015.dat 2018-11-04 11:19 - 2018-04-12 16:51 - 000144878 _____ C:\Windows\system32\perfc015.dat 2018-11-04 11:19 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF 2018-11-04 11:15 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp 2018-11-04 11:14 - 2018-06-26 14:07 - 000000000 ____D C:\Windows\system32\MRT 2018-11-04 11:14 - 2018-06-25 20:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-11-04 11:14 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI 2018-11-04 11:13 - 2018-06-26 14:07 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-11-02 00:32 - 2018-06-25 22:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-11-02 00:32 - 2018-06-25 22:16 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-11-01 20:00 - 2018-06-26 22:23 - 000001270 _____ C:\Users\Zod\Desktop\cmd.lnk 2018-11-01 13:16 - 2018-06-25 20:08 - 000000000 ___HD C:\Users\Zod\MicrosoftEdgeBackups 2018-10-28 09:49 - 2018-07-01 15:09 - 000000000 ____D C:\Users\Zod\AppData\Roaming\SpyShelter 2018-10-27 00:09 - 2018-10-06 08:49 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-10-23 23:13 - 2018-06-25 20:06 - 000000000 ____D C:\Users\Zod 2018-10-23 22:56 - 2018-06-26 16:29 - 000000000 ____D C:\Windows\system32\appmgmt 2018-10-17 18:51 - 2018-06-26 17:06 - 000000000 ____D C:\Users\Zod\AppData\Local\TeamSpeak 3 Client ==================== Pliki w katalogu głównym wybranych folderów ======= 2018-08-23 12:27 - 2018-08-23 12:27 - 000000048 ____H () C:\Program Files (x86)\aziath6ifk.dat ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-06-25 20:01 ==================== Koniec FRST.txt ============================