Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 31-08-2016 Uruchomiony przez vpn-c1 (administrator) DELL-VPN-C1 (02-09-2016 09:46:57) Uruchomiony z C:\Users\vpn-c1\Downloads Załadowane profile: vpn-c1 (Dostępne profile: vpn-c1) Platform: Windows 10 Pro Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (DrayTek Corp.) C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNClient.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Radio Muzyka Fakty sp. z o.o.) C:\Program Files (x86)\RMFon\RMFon.exe (Microsoft Corporation) C:\Windows\System32\mstsc.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Microsoft Corporation) C:\Windows\splwow64.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161240 2016-05-21] (IvoSoft) HKLM-x32\...\Run: [SmartVpnClient] => C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNClient.exe [1856800 2015-08-25] (DrayTek Corp.) HKU\S-1-5-21-3132253076-3514251074-2067922550-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.) HKU\S-1-5-21-3132253076-3514251074-2067922550-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{09e39315-ab56-4989-9faf-5e43c99bf1a2}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Internet Explorer: ================== BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-05-21] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-05-21] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default FF Homepage: google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Extension: (Google Translator for Firefox) - C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default\extensions\translator@zoli.bod.xpi [2016-04-27] FF Extension: (Mozilla Archive Format) - C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2016-07-01] FF Extension: (Firebug) - C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default\Extensions\firebug@software.joehewitt.com.xpi [2016-08-30] FF Extension: (Firefox Hotfix) - C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31] FF Extension: (MEGA) - C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default\Extensions\firefox@mega.co.nz.xpi [2016-08-26] FF Extension: (Adblock Plus) - C:\Users\vpn-c1\AppData\Roaming\Mozilla\Firefox\Profiles\lxlkjfg4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com" CHR DefaultSearchURL: Default -> hxxp://erp2.ferguson.pl:4480/erp/img/favicon.ico CHR Profile: C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-18] CHR Extension: (Dokumenty Google) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-18] CHR Extension: (Dysk Google) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-18] CHR Extension: (YouTube) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-18] CHR Extension: (ERP - Ferguson) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbeeebcmpdhifeldojdokdpmjgggbhgp [2016-03-09] CHR Extension: (Google Search) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-18] CHR Extension: (Arkusze Google) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-18] CHR Extension: (Dokumenty Google offline) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Skype) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05] CHR Extension: (Gmail) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-18] CHR Extension: (Chrome Media Router) - C:\Users\vpn-c1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.) S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52320 2016-06-28] (hxxp://libusb-win32.sourceforge.net) S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.) R3 VPPP; C:\Windows\System32\drivers\VPPP.sys [41640 2012-12-19] (DrayTek, Corp.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-02 09:33 - 2016-09-02 09:47 - 00011764 _____ C:\Users\vpn-c1\Downloads\FRST.txt 2016-09-02 08:47 - 2016-09-02 09:46 - 00000000 ____D C:\FRST 2016-09-02 08:47 - 2016-09-02 08:47 - 02397696 _____ (Farbar) C:\Users\vpn-c1\Downloads\FRST64.exe 2016-09-02 07:48 - 2016-09-02 08:43 - 00000000 ____D C:\AdwCleaner 2016-09-02 07:46 - 2016-09-02 07:46 - 00250912 _____ C:\WINDOWS\SysWOW64\kz.exe 2016-08-25 14:30 - 2016-09-01 07:37 - 00000000 ____D C:\Users\vpn-c1\Desktop\Nowy folder 2016-08-22 07:45 - 2016-08-22 07:45 - 00001043 _____ C:\Users\Public\Desktop\RMFon.lnk 2016-08-22 07:45 - 2016-08-22 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RMFon 2016-08-22 07:45 - 2016-08-22 07:45 - 00000000 ____D C:\Program Files (x86)\RMFon 2016-08-10 10:15 - 2016-08-10 10:15 - 00000000 ____D C:\Users\vpn-c1\Documents\Nagrania dźwiękowe 2016-08-10 07:15 - 2016-08-22 07:46 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-10 07:15 - 2016-08-22 07:46 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-10 07:15 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-10 07:15 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-10 07:15 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-10 07:15 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-10 07:15 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-10 07:15 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-10 07:15 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-10 07:15 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-10 07:15 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-10 07:15 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-10 07:15 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-10 07:15 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-10 07:15 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-10 07:15 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-10 07:15 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-10 07:15 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-10 07:15 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-10 07:15 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-10 07:15 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-10 07:15 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-10 07:15 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-10 07:15 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-10 07:15 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-10 07:15 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-10 07:15 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-10 07:15 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-10 07:15 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-10 07:15 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-10 07:15 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-10 07:15 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-10 07:15 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-10 07:15 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-10 07:15 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-10 07:15 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-10 07:15 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-10 07:15 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-10 07:15 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-10 07:15 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-10 07:15 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-10 07:15 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-10 07:15 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-10 07:15 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-10 07:15 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-10 07:15 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-10 07:15 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-10 07:15 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-10 07:15 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-10 07:15 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-10 07:15 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-10 07:15 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-10 07:15 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-10 07:15 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-10 07:15 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-10 07:15 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-10 07:15 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-10 07:15 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-10 07:15 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-10 07:15 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-10 07:15 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-10 07:15 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-10 07:15 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-10 07:15 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-10 07:15 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-10 07:15 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-10 07:15 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-10 07:15 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-10 07:15 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-10 07:15 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-10 07:15 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-10 07:15 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-10 07:15 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-10 07:15 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-10 07:15 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-10 07:15 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-10 07:15 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-10 07:15 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-10 07:15 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-10 07:15 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-10 07:15 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-10 07:15 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-10 07:15 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-10 07:15 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-10 07:15 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-10 07:15 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-10 07:15 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-10 07:15 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-10 07:15 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-10 07:15 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-10 07:15 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-10 07:15 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-10 07:15 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-10 07:15 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-10 07:15 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-10 07:15 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-10 07:15 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-10 07:15 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-10 07:15 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-10 07:15 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-10 07:15 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-10 07:15 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-10 07:15 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-10 07:15 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-10 07:15 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-10 07:15 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-10 07:15 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-10 07:15 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-10 07:15 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-10 07:15 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-10 07:15 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-10 07:15 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-10 07:15 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-10 07:15 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-10 07:15 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-10 07:15 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-10 07:15 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-10 07:15 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-10 07:15 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-10 07:15 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-10 07:15 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-10 07:15 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-10 07:15 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-10 07:15 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-08-10 07:14 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-10 07:14 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-10 07:14 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-10 07:14 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-10 07:14 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-08 14:28 - 2016-08-08 14:28 - 00015737 _____ C:\Users\vpn-c1\Desktop\STANY MAGAZYNOWE.ods ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-02 09:46 - 2016-07-15 14:47 - 00000000 ____D C:\Users\vpn-c1\AppData\Local\ClassicShell 2016-09-02 09:39 - 2016-03-14 09:09 - 00000000 ____D C:\Users\vpn-c1\Desktop\DZIENNY RAPORT 2016-09-02 09:39 - 2016-03-10 11:40 - 00000000 ____D C:\Users\vpn-c1\AppData\Roaming\Skype 2016-09-02 09:29 - 2016-02-18 09:28 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-02 09:29 - 2016-02-18 05:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-02 09:27 - 2016-02-18 05:08 - 00000000 ____D C:\Users\vpn-c1 2016-09-02 09:27 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-09-02 09:24 - 2016-03-09 11:35 - 00002394 _____ C:\Users\vpn-c1\Desktop\ERP - Ferguson.lnk 2016-09-02 09:24 - 2016-03-09 11:35 - 00000000 ____D C:\Users\vpn-c1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome 2016-09-02 09:23 - 2016-03-11 13:26 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-02 09:05 - 2016-02-18 09:28 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-02 07:56 - 2016-03-09 13:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-09-02 06:51 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-02 06:46 - 2016-05-12 07:21 - 00004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ED9D7E46-DF3E-4A0D-8C13-8E70EBF340AE} 2016-09-01 13:52 - 2016-03-10 11:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-09-01 08:09 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-01 08:09 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-01 06:54 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-23 07:11 - 2016-04-13 14:52 - 00000000 ____D C:\Users\vpn-c1\Desktop\Wzory 2016-08-22 08:12 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-08-22 07:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-08-22 07:47 - 2015-10-30 09:19 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll 2016-08-22 07:47 - 2015-10-30 09:19 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll 2016-08-22 07:47 - 2015-10-30 09:19 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll 2016-08-22 07:47 - 2015-10-30 09:19 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll 2016-08-22 07:47 - 2015-10-30 09:19 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll 2016-08-22 07:47 - 2015-10-30 09:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll 2016-08-22 07:47 - 2015-10-30 09:19 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.tlb 2016-08-22 07:47 - 2015-10-30 09:19 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.tlb 2016-08-22 07:47 - 2015-10-30 09:19 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amcompat.tlb 2016-08-22 07:47 - 2015-10-30 09:19 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\amcompat.tlb 2016-08-22 07:46 - 2016-07-13 07:29 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2016-08-22 07:46 - 2016-07-13 07:29 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2016-08-22 07:46 - 2015-10-30 09:19 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2016-08-22 07:46 - 2015-10-30 09:19 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2016-08-22 07:46 - 2015-10-30 09:19 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll 2016-08-22 07:46 - 2015-10-30 09:19 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\unregmp2.exe 2016-08-22 07:46 - 2015-10-30 09:19 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unregmp2.exe 2016-08-22 07:46 - 2015-10-30 09:19 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll 2016-08-22 07:46 - 2015-10-30 09:19 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2016-08-22 07:46 - 2015-10-30 09:19 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2016-08-22 07:46 - 2015-10-30 09:19 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll 2016-08-22 07:46 - 2015-10-30 09:19 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2016-08-22 07:46 - 2015-10-30 09:19 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2016-08-11 13:01 - 2016-02-17 09:39 - 01845594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-11 13:01 - 2015-10-30 21:19 - 00817060 _____ C:\WINDOWS\system32\perfh015.dat 2016-08-11 13:01 - 2015-10-30 21:19 - 00157764 _____ C:\WINDOWS\system32\perfc015.dat 2016-08-11 13:01 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-08-11 06:43 - 2015-09-10 07:57 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-11 06:41 - 2016-02-18 09:26 - 00000000 ____D C:\Program Files (x86)\AVG 2016-08-11 06:41 - 2016-02-18 09:25 - 00000000 ____D C:\Users\vpn-c1\AppData\Local\Avg 2016-08-11 06:41 - 2016-02-18 09:25 - 00000000 ____D C:\ProgramData\MFAData 2016-08-10 14:42 - 2015-10-30 21:23 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-10 14:42 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-10 09:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration 2016-08-10 07:30 - 2016-02-17 17:45 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 07:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 07:25 - 2016-02-17 17:45 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-09 07:07 - 2016-02-18 09:29 - 00002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-08-09 07:07 - 2016-02-18 09:29 - 00002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-08-08 14:38 - 2016-06-09 07:34 - 00000000 ____D C:\nnt- 2016-08-08 13:34 - 2016-02-18 09:26 - 00000000 ____D C:\ProgramData\Avg 2016-08-08 13:34 - 2016-02-18 09:25 - 00000000 ____D C:\Users\vpn-c1\AppData\Local\AvgSetupLog 2016-08-08 13:34 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-08-08 06:50 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-08-05 06:42 - 2016-03-10 11:40 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-08-05 06:42 - 2016-03-10 11:40 - 00000000 ____D C:\ProgramData\Skype 2016-08-03 08:21 - 2016-02-12 20:32 - 00400304 __RSH C:\bootmgr ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-08-24 07:13 ==================== Koniec FRST.txt ============================