Ops, faktycznie nie pomyslalem. Przepraszam za zamieszanie.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019
Ran by Heidi (administrator) on HEIDI-PC7 (10-02-2019 09:01:45)
Running from I:\
Loaded Profiles: Heidi (Available Profiles: Heidi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Farbar) I:\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] = & gt; c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation - & gt; Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
HKLM-x32\...\Run: [AvastUI.exe] = & gt; C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction & lt; ==== ATTENTION
HKU\S-1-5-21-1375922335-1221952684-2905399058-1000\Control Panel\Desktop\\SCRNSAVE.EXE - & gt; C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Windows - & gt; Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] - & gt; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\Installer\chrmstp.exe [2019-02-07] (Google LLC - & gt; Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] - & gt;
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19BAB557-E708-49DC-9766-C5ED6E630624}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=msnhome
HKU\S-1-5-21-1375922335-1221952684-2905399058-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1375922335-1221952684-2905399058-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie & ar=iesearch
HKU\S-1-5-21-1375922335-1221952684-2905399058-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKLM - & gt; {39C1C3A5-4973-4521-9A18-DB2B047EB11B} URL = hxxp://search.live.com/results.aspx?q={searchTerms} & amp;entrypoint={referrer:source?} & amp;FORM=HVDUS7
FireFox:
========
FF ProfilePath: C:\Users\Heidi\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default [2014-11-03]
FF Extension: (No Name) - C:\Users\Jagoda\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default\extensions\engine@conduit.com [not found]
FF Extension: (No Name) - C:\Users\Jagoda\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default\extensions\{1e7e4de1-5ef4-4baa-9250-c26258dc499a} [not found]
FF Extension: (No Name) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [not found]
FF Extension: (No Name) - C:\Users\Jagoda\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default\extensions\{00f2c0c6-2194-484e-9064-44e57787867b} [not found]
FF Extension: (No Name) - C:\Users\Jagoda\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default\extensions\{38542454-dfb6-44f5-b052-d4e071a3d073} [not found]
FF Extension: (No Name) - C:\Users\Jagoda\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default\extensions\{b80f591e-fe9a-46cf-a13e-180377240586} [not found]
FF Extension: (No Name) - C:\Users\Jagoda\AppData\Roaming\Mozilla\Firefox\Profiles\7ok3u3pw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [not found]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [not found]
FF Plugin: @microsoft.com/GENUINE - & gt; disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf - & gt; C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - & gt; C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - & gt; C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - & gt; disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - & gt; C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default [2019-02-10]
CHR Extension: (Slides) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-02]
CHR Extension: (Docs) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-02]
CHR Extension: (Google Drive) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-02]
CHR Extension: (Sheets) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-02]
CHR Extension: (Google Docs Offline) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-02]
CHR Extension: (Gmail) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Heidi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx & lt; not found & gt;
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx & lt; not found & gt;
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R2 atashost; C:\Windows\SysWOW64\atashost.exe [134456 2012-04-26] (WebEx Communications Inc. - & gt; Cisco WebEx LLC)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
R2 HsfXAudioService; C:\Windows\SysWOW64\XAudio64.dll [436736 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation - & gt; Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows - & gt; Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows - & gt; Microsoft Corporation) & lt; ==== ATTENTION (no ServiceDLL)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software s.r.o. - & gt; AVAST Software)
R3 CAXHWBS3; C:\Windows\System32\DRIVERS\CAXHWBS3.sys [288256 2009-02-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
R3 HSF_DP; C:\Windows\System32\DRIVERS\CAX_DP.sys [1485824 2009-02-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [6177472 2009-09-11] (Microsoft Windows Hardware Compatibility Publisher - & gt; Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-17] (Malwarebytes Corporation - & gt; Malwarebytes Corporation)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2006-06-18] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation - & gt; Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation - & gt; Microsoft Corporation)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher - & gt; Realtek Corporation )
S3 SrvHsfPCIe; C:\Windows\System32\DRIVERS\VSTBS36.SYS [287744 2009-06-10] (Microsoft Windows - & gt; Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows - & gt; Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows - & gt; Conexant Systems, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher - & gt; Western Digital Technologies)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2009-02-13] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\XAudio64.sys [10240 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher - & gt; Conexant Systems, Inc.)
S1 MpKsl944666c3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1902BF5-75DB-4C3F-8489-E2969F6D15E8}\MpKsl944666c3.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-08 15:52 - 2019-02-08 15:52 - 000166699 _____ C:\Users\Heidi\Downloads\Scan 2019-2-8 12.19.10.pdf
2019-02-08 11:55 - 2019-02-08 11:55 - 000933333 _____ C:\Users\Heidi\Downloads\i-485 (12).pdf
2019-02-07 14:08 - 2019-02-07 14:08 - 000204495 _____ C:\Users\Heidi\Downloads\Mike.pdf
2019-02-06 17:24 - 2019-02-06 17:24 - 000983233 _____ C:\Users\Heidi\Downloads\i-130a (2).pdf
2019-02-06 16:25 - 2019-02-06 16:25 - 000672598 _____ C:\Users\Heidi\Downloads\i-130 (29).pdf
2019-02-06 13:58 - 2019-02-06 13:58 - 000466433 _____ C:\Users\Heidi\Downloads\i-864ez (7).pdf
2019-02-06 13:31 - 2019-02-06 13:32 - 000452503 _____ C:\Users\Heidi\Downloads\i-765 (12).pdf
2019-02-04 16:46 - 2019-02-04 16:46 - 000108731 _____ C:\Users\Heidi\Downloads\ALICE Training demonstration at SHS 2-1-19.pdf
2019-01-21 15:05 - 2019-01-21 15:05 - 000507384 _____ C:\Users\Heidi\Downloads\i-864 (40).pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-10 09:01 - 2014-11-02 18:33 - 000000000 ____D C:\FRST
2019-02-10 08:59 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-10 08:20 - 2017-04-04 10:34 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-10 08:20 - 2009-07-13 23:45 - 000019136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-10 08:20 - 2009-07-13 23:45 - 000019136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-10 08:18 - 2009-07-14 00:13 - 000782510 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-10 08:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-02-09 15:28 - 2002-12-15 08:49 - 000003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9798BD0-4CEE-4AD3-9024-7170A62F5325}
2019-02-07 20:32 - 2018-08-02 10:20 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-07 20:32 - 2018-08-02 10:20 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-21 15:24 - 2009-10-07 17:01 - 000000639 ____H C:\Users\Heidi\Downloads\.picasa.ini
==================== Files in the root of some directories =======
2012-04-26 12:15 - 2018-08-16 11:47 - 000014336 _____ () C:\Users\Heidi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
2018-08-02 10:15 - 2014-09-11 12:03 - 011231456 _____ (Foxit Corporation) C:\Users\Heidi\AppData\Local\Temp\FoxitUpdater.exe
2016-07-15 03:41 - 2016-07-15 03:41 - 001065376 _____ (Google Inc.) C:\Users\Heidi\AppData\Local\Temp\{7C4DF18D-1EEF-49CC-B123-7B8F2E17E32E}-GoogleUpdateSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe = & gt; File is digitally signed
C:\Windows\system32\wininit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\system32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\system32\services.exe = & gt; File is digitally signed
C:\Windows\system32\User32.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\User32.dll = & gt; File is digitally signed
C:\Windows\system32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\system32\rpcss.dll = & gt; File is digitally signed
C:\Windows\system32\dnsapi.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll = & gt; File is digitally signed
C:\Windows\system32\dllhost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\dllhost.exe = & gt; File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys = & gt; File is digitally signed
LastRegBack: 2019-02-02 00:27
==================== End of FRST.txt ============================