Witam. Proszę o sprawdzenie logów i ewentualne następne kroki. Sam nawet nie wiem, co dokładnie się stało, poza tym, że sporo programów, nagle chciało się uruchomić, plus oczywista zmiana strony startowej w przeglądarce. Zrobiony: skan MBAM, skan AdwCleaner. Nie wiem dlaczego ale gdy wybieram forum przy tworzeniu tematu, to nie ma tam nigdzie działu "Pogotowie Antywirusowe".
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Młody (administrator) on MŁODY-PC (18-10-2016 18:53:38)
Running from S:\FRST
Loaded Profiles: Młody (Available Profiles: Młody)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angielski (Stany Zjednoczone)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Foxit Software Inc.) S:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Hi-Rez Studios) S:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) S:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices, Inc.) S:\AMD\CNext\CNext\RadeonSettings.exe
(Flux Software LLC) C:\Users\Młody\AppData\Local\FluxSoftware\Flux\flux.exe
(Mozilla Corporation) S:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) S:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] = & gt; C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] = & gt; C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [StartCN] = & gt; S:\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] = & gt; C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-23] (Raptr, Inc)
HKU\S-1-5-21-1288074817-643702963-434598722-1000\...\Run: [f.lux] = & gt; C:\Users\Młody\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1288074817-643702963-434598722-1000\...\MountPoints2: {3daaa480-870e-11e6-9a9c-bc5ff478198e} - E:\AutoRun.exe
HKU\S-1-5-21-1288074817-643702963-434598722-1000\...\MountPoints2: {6903a0d2-4512-11e6-8ad7-bc5ff478198e} - F:\SETUP.EXE
HKU\S-1-5-21-1288074817-643702963-434598722-1000\...\MountPoints2: {6903a0d5-4512-11e6-8ad7-bc5ff478198e} - G:\SETUP.EXE
HKU\S-1-5-21-1288074817-643702963-434598722-1000\...\MountPoints2: {e7e3752f-dd91-11e5-afa6-bc5ff478198e} - E:\setup.exe
HKU\S-1-5-18\...\Run: [] = & gt; 0
HKU\S-1-5-18\...\RunOnce: [SPReview] = & gt; C:\Windows\System32\SPReview\SPReview.exe [301568 2014-08-26] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{A7A43EA8-14B4-4BD0-AB09-915CCC76B5F2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B8F4EEF6-2866-49D5-A455-82CA5B30C4FB}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{F8D90B3B-179B-4BB6-968C-C74F167F9566}: [DhcpNameServer] 192.168.100.1
Internet Explorer:
==================
HKU\S-1-5-21-1288074817-643702963-434598722-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 - & gt; DefaultScope value is missing
BHO: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - & gt; {9030D464-4C02-4ABF-8ECC-5164760863C6} - & gt; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Młody\AppData\Roaming\Mozilla\Firefox\Profiles\f5rdsp9i.default [2016-10-18]
FF Homepage: Mozilla\Firefox\Profiles\f5rdsp9i.default - & gt; about:home
FF Extension: (uBlock Origin) - C:\Users\Młody\AppData\Roaming\Mozilla\Firefox\Profiles\f5rdsp9i.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-03]
FF Extension: (Adblock Plus) - C:\Users\Młody\AppData\Roaming\Mozilla\Firefox\Profiles\f5rdsp9i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Plugin: @adobe.com/FlashPlayer - & gt; C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-17] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer - & gt; C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-17] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 - & gt; C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin HKU\S-1-5-21-1288074817-643702963-434598722-1000: ubisoft.com/uplaypc - & gt; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-10-24] ()
StartMenuInternet: FIREFOX.EXE - S:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; S:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 FoxitReaderService; S:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1648840 2016-08-05] (Foxit Software Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
S3 GalaxyClientService; S:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [245312 2016-06-10] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-10] (GOG.com)
U2 HiPatchService; S:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2012-02-01] (Intel Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-10] ()
S3 OpenVPNService; S:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S3 Origin Client Service; S:\Origin\OriginClientService.exe [2142728 2016-10-10] (Electronic Arts)
S2 Origin Web Helper Service; S:\Origin\OriginWebHelperService.exe [2209296 2016-10-10] (Electronic Arts)
S3 OverwolfUpdater; S:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310960 2016-09-27] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-13] ()
S2 SkypeUpdate; S:\Program Files (x86)\Skype\Updater\Updater.exe [324224 2016-07-25] (Skype Technologies)
U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-02-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-02-27] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-10] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-10] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-10] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2013-04-24] (LG Electronics Inc.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-10-18] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-18 18:51 - 2016-10-18 18:51 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2016-10-18 17:13 - 2016-10-18 17:13 - 00003568 _____ C:\Windows\System32\Tasks\{008713FB-DF99-4F86-9C62-75EF3134D35A}
2016-10-18 16:59 - 2016-10-18 16:59 - 00000000 ____D C:\Program Files (x86)\hhh
2016-10-18 16:58 - 2016-10-18 16:59 - 00000000 ____D C:\Users\Młody\AppData\Roaming\Microleaves
2016-10-18 16:58 - 2016-10-18 16:58 - 07214592 _____ C:\Users\Młody\AppData\Roaming\agent.dat
2016-10-18 16:58 - 2016-10-18 16:58 - 00712704 _____ C:\Users\Młody\AppData\Roaming\Haystring.exe
2016-10-18 16:58 - 2016-10-18 16:58 - 00140288 _____ C:\Users\Młody\AppData\Roaming\Installer.dat
2016-10-18 16:58 - 2016-10-18 16:58 - 00018432 _____ C:\Users\Młody\AppData\Roaming\Main.dat
2016-10-17 17:04 - 2016-10-17 17:04 - 00004905 _____ C:\Users\Młody\AppData\Local\recently-used.xbel
2016-10-17 16:22 - 2016-10-18 17:21 - 00000770 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-10-17 16:22 - 2016-10-18 17:21 - 00000770 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-10-16 14:15 - 2016-10-18 17:20 - 00001388 _____ C:\Users\Młody\Desktop\Europa Universalis IV.lnk
2016-10-15 17:32 - 2016-10-15 17:32 - 00003322 _____ C:\Windows\System32\Tasks\AMD ThankingURL
2016-10-15 17:32 - 2016-10-15 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-10-14 20:41 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-10-14 20:41 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-10-14 20:41 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-10-14 20:41 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-10-01 23:02 - 2016-10-01 22:58 - 03861056 _____ C:\Users\Młody\Desktop\adwcleaner_6.020.exe
2016-09-26 13:29 - 2016-09-26 13:30 - 00000000 ____D C:\Users\Młody\AppData\Roaming\Guitar Pro 6
2016-09-26 13:29 - 2016-09-26 13:29 - 00000000 ____D C:\ProgramData\Guitar Pro 6
2016-09-26 13:28 - 2016-10-18 17:21 - 00000667 _____ C:\Users\Public\Desktop\Guitar Pro 6.lnk
2016-09-24 16:03 - 2016-09-25 17:36 - 00000000 ____D C:\Users\Młody\AppData\Local\HirezLauncherUI
2016-09-24 16:02 - 2016-10-18 17:21 - 00000921 _____ C:\Users\Public\Desktop\Paladins.lnk
2016-09-24 16:02 - 2016-10-18 17:21 - 00000910 _____ C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2016-09-24 16:02 - 2016-09-24 16:26 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-09-24 16:02 - 2016-09-24 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-09-18 17:09 - 2016-09-18 17:09 - 00000000 ____D C:\Program Files (x86)\Skype
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-18 18:53 - 2016-08-04 12:03 - 00000000 ____D C:\FRST
2016-10-18 18:51 - 2016-08-04 13:33 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2016-10-18 18:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-18 18:50 - 2016-08-05 12:49 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-10-18 17:28 - 2009-07-14 06:45 - 00026736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-18 17:28 - 2009-07-14 06:45 - 00026736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-18 17:22 - 2014-09-10 15:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-18 17:21 - 2016-08-25 12:37 - 00000792 _____ C:\Users\Public\Desktop\Papers, Please.lnk
2016-10-18 17:21 - 2016-08-12 20:44 - 00000774 _____ C:\Users\Public\Desktop\Overwolf.lnk
2016-10-18 17:21 - 2016-08-05 12:55 - 00002013 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-10-18 17:21 - 2016-08-03 17:11 - 00001106 _____ C:\Users\Public\Desktop\Dark Souls - Prepare to Die Edition.lnk
2016-10-18 17:21 - 2016-07-08 23:06 - 00000816 _____ C:\Users\Public\Desktop\Star Wars - Knights of the Old Republic.lnk
2016-10-18 17:21 - 2016-06-29 17:45 - 00001773 _____ C:\Users\Młody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-18 17:21 - 2016-06-26 12:26 - 00000981 _____ C:\Users\Public\Desktop\The Ultimate DOOM.lnk
2016-10-18 17:21 - 2016-06-03 15:48 - 00001071 _____ C:\Users\Public\Desktop\Need for Speed Underground 2.lnk
2016-10-18 17:21 - 2016-05-29 21:10 - 00000941 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-10-18 17:21 - 2016-05-29 14:56 - 00000696 _____ C:\Users\Public\Desktop\Winamp.lnk
2016-10-18 17:21 - 2016-05-21 18:51 - 00000748 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2016-10-18 17:21 - 2016-05-12 17:06 - 00001038 _____ C:\Users\Młody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2016-10-18 17:21 - 2016-05-02 15:28 - 00000850 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-10-18 17:21 - 2016-05-02 15:19 - 00000827 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-10-18 17:21 - 2016-03-05 18:26 - 00000800 _____ C:\Users\Public\Desktop\OpenVPN GUI.lnk
2016-10-18 17:21 - 2016-03-03 20:17 - 00001079 _____ C:\Users\Public\Desktop\Mass Effect 3.lnk
2016-10-18 17:21 - 2016-02-27 22:54 - 00000879 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-10-18 17:21 - 2016-02-12 21:14 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-10-18 17:21 - 2016-01-18 21:07 - 00001021 _____ C:\Users\Public\Desktop\Twierdza Krzyżowiec Extreme.lnk
2016-10-18 17:21 - 2016-01-18 21:07 - 00000981 _____ C:\Users\Public\Desktop\Twierdza Krzyżowiec.lnk
2016-10-18 17:21 - 2015-12-14 16:05 - 00000723 _____ C:\Users\Public\Desktop\Gothic 2 Gold.lnk
2016-10-18 17:21 - 2015-11-16 22:13 - 00000605 _____ C:\Users\Public\Desktop\Gothic.lnk
2016-10-18 17:21 - 2015-10-17 19:13 - 00001022 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-10-18 17:21 - 2015-10-11 14:56 - 00000777 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-10-18 17:21 - 2015-09-21 20:49 - 00000837 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-10-18 17:21 - 2015-03-31 20:46 - 00000818 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-10-18 17:21 - 2015-02-09 09:23 - 00000787 _____ C:\Users\Public\Desktop\Heroes of Might and Magic III - Złota Edycja.lnk
2016-10-18 17:21 - 2014-09-12 12:12 - 00000775 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-10-18 17:21 - 2014-08-26 11:47 - 00000528 _____ C:\Users\Public\Desktop\Origin.lnk
2016-10-18 17:21 - 2014-08-25 14:47 - 00000722 _____ C:\Users\Młody\Desktop\CCleaner.lnk
2016-10-18 17:21 - 2014-08-25 14:46 - 00000785 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-18 17:21 - 2014-08-24 23:20 - 00000516 _____ C:\Users\Public\Desktop\Steam.lnk
2016-10-18 17:21 - 2014-08-07 04:38 - 00000746 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-18 17:21 - 2014-08-07 04:31 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
2016-10-18 17:21 - 2014-08-07 04:16 - 00001397 _____ C:\Users\Młody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-18 17:21 - 2014-08-06 19:13 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-18 17:21 - 2014-08-06 19:13 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-18 17:21 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-10-18 17:21 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-18 17:21 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-10-18 17:21 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-10-18 17:21 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-10-18 17:21 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-10-18 17:20 - 2016-09-17 12:14 - 00000903 _____ C:\Users\Młody\Desktop\World of Warcraft.lnk
2016-10-18 17:20 - 2016-09-14 19:35 - 00000874 _____ C:\Users\Młody\Desktop\Uplay.lnk
2016-10-18 17:20 - 2016-08-28 17:22 - 00000818 _____ C:\Users\Młody\Desktop\Diablo II - Lord of Destruction.lnk
2016-10-18 17:20 - 2016-08-01 21:24 - 00000771 _____ C:\Users\Młody\Desktop\The Stanley Parable.lnk
2016-10-18 17:20 - 2016-07-16 13:51 - 00001119 _____ C:\Users\Młody\Desktop\Hearthstone Deck Tracker.lnk
2016-10-18 17:20 - 2016-06-29 18:09 - 00000711 _____ C:\Users\Młody\Desktop\Quake for Windows.lnk
2016-10-18 17:20 - 2016-06-29 18:09 - 00000688 _____ C:\Users\Młody\Desktop\GL Quake.lnk
2016-10-18 17:20 - 2016-06-29 17:45 - 00001767 _____ C:\Users\Młody\Desktop\Spotify.lnk
2016-10-18 17:20 - 2016-05-12 17:06 - 00001032 _____ C:\Users\Młody\Desktop\GameRanger.lnk
2016-10-18 17:20 - 2016-04-30 16:54 - 00001037 _____ C:\Users\Młody\Desktop\UNDERTALE.lnk
2016-10-18 17:20 - 2016-02-25 18:29 - 00000774 _____ C:\Users\Młody\Desktop\Mass Effect 2.lnk
2016-10-18 17:20 - 2015-10-11 14:33 - 00000747 _____ C:\Users\Młody\Desktop\NapiProjekt.lnk
2016-10-18 17:20 - 2015-10-05 18:31 - 00002619 _____ C:\Users\Młody\Desktop\BitTorrent.lnk
2016-10-18 17:20 - 2015-06-10 18:21 - 00000795 _____ C:\Users\Młody\Desktop\RivaTuner Statistics Server.lnk
2016-10-18 17:20 - 2015-05-14 17:59 - 00000732 _____ C:\Users\Młody\Desktop\WinDirStat.lnk
2016-10-18 17:20 - 2015-04-01 14:53 - 00000769 _____ C:\Users\Młody\Desktop\MSI Afterburner.lnk
2016-10-18 17:20 - 2015-03-11 18:20 - 00000853 _____ C:\Users\Młody\Desktop\Battlefield 3.lnk
2016-10-18 17:20 - 2014-12-05 21:06 - 00000612 _____ C:\Users\Młody\Desktop\Assassin's Creed Brotherhood.lnk
2016-10-18 17:20 - 2014-11-07 12:08 - 00000679 _____ C:\Users\Młody\Desktop\CrystalDiskInfo.lnk
2016-10-18 17:20 - 2014-10-25 21:55 - 00000238 _____ C:\Users\Młody\Desktop\Assassin's Creed.lnk
2016-10-18 17:20 - 2014-10-06 16:21 - 00000643 _____ C:\Users\Młody\Desktop\Lekcje.lnk
2016-10-18 17:20 - 2014-09-25 01:39 - 00002699 _____ C:\Users\Młody\Desktop\Microsoft Office Word 2003.lnk
2016-10-18 17:20 - 2014-09-12 09:19 - 00000741 _____ C:\Users\Młody\Desktop\Muzyka.lnk
2016-10-18 17:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2016-10-18 17:19 - 2014-08-31 13:42 - 00000000 ____D C:\Users\Młody\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-10-18 17:19 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-18 17:05 - 2016-07-10 22:14 - 00000000 ____D C:\AdwCleaner
2016-10-18 16:59 - 2016-08-04 20:56 - 00000000 ____D C:\Users\Młody\AppData\Local\CrashDumps
2016-10-18 16:57 - 2015-10-05 18:30 - 00000000 ____D C:\Users\Młody\AppData\Roaming\BitTorrent
2016-10-18 16:49 - 2016-05-02 15:19 - 00000000 ____D C:\Users\Młody\AppData\Local\Battle.net
2016-10-18 13:53 - 2016-08-10 13:45 - 00000000 ____D C:\ProgramData\Foxit Software
2016-10-17 22:46 - 2014-08-25 15:45 - 00000000 ____D C:\Windows\system32\MRT
2016-10-17 22:42 - 2014-08-25 15:45 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-17 18:23 - 2009-07-14 06:45 - 00292568 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-17 17:05 - 2016-07-18 15:30 - 00000000 ____D C:\Users\Młody\.gimp-2.8
2016-10-17 17:04 - 2016-07-18 15:46 - 00000000 ____D C:\Users\Młody\AppData\Local\gtk-2.0
2016-10-17 17:03 - 2014-08-07 04:30 - 00068720 _____ C:\Users\Młody\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-17 16:16 - 2014-10-24 21:29 - 00000000 ____D C:\Users\Młody\AppData\Local\Adobe
2016-10-17 16:16 - 2014-08-07 04:33 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-17 16:16 - 2014-08-07 04:33 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-17 16:16 - 2014-08-07 04:33 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-17 16:16 - 2014-08-07 04:33 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-17 16:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-10-15 19:13 - 2014-08-27 15:10 - 01617790 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-10-15 19:13 - 2014-08-25 16:34 - 00741264 _____ C:\Windows\system32\perfh015.dat
2016-10-15 19:13 - 2014-08-25 16:34 - 00156762 _____ C:\Windows\system32\perfc015.dat
2016-10-15 19:13 - 2009-07-14 07:13 - 01693552 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-15 19:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-15 18:58 - 2015-06-07 18:10 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-10-15 17:35 - 2015-12-07 18:55 - 00000000 ____D C:\Users\Młody\AppData\Local\AMD
2016-10-15 17:32 - 2015-12-07 18:56 - 00004196 _____ C:\Windows\System32\Tasks\AMD Updater
2016-10-15 17:29 - 2016-03-29 13:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-14 20:33 - 2014-10-01 22:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-14 18:46 - 2015-12-11 19:21 - 00000000 ____D C:\ProgramData\TechSmith
2016-10-10 22:20 - 2014-08-26 11:47 - 00000000 ____D C:\ProgramData\Origin
2016-10-10 19:32 - 2014-08-26 11:48 - 00000000 ____D C:\Users\Młody\AppData\Roaming\Origin
2016-10-10 19:25 - 2014-08-26 11:47 - 00000000 ____D C:\Users\Młody\AppData\Local\Origin
2016-10-09 20:32 - 2015-10-11 14:56 - 00000000 ____D C:\Users\Młody\AppData\Roaming\vlc
2016-09-30 22:57 - 2016-01-22 20:06 - 00000000 ____D C:\Users\Młody\AppData\Roaming\DVDVideoSoft
2016-09-29 21:46 - 2016-08-12 20:42 - 00000000 ____D C:\Users\Młody\AppData\Local\Overwolf
2016-09-25 20:05 - 2016-06-15 22:00 - 00000000 ____D C:\Users\Młody\AppData\Roaming\HearthstoneDeckTracker
2016-09-24 16:26 - 2014-09-15 16:48 - 00000000 ____D C:\Users\Młody\Documents\My Games
2016-09-24 16:02 - 2014-08-07 04:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-21 16:54 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-18 19:57 - 2015-09-22 19:18 - 00000000 ____D C:\Users\Młody\AppData\Roaming\Skype
2016-09-18 17:09 - 2016-02-12 21:14 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2016-10-18 16:58 - 2016-10-18 16:58 - 7214592 _____ () C:\Users\Młody\AppData\Roaming\agent.dat
2016-10-18 16:58 - 2016-10-18 16:58 - 0712704 _____ () C:\Users\Młody\AppData\Roaming\Haystring.exe
2016-10-18 16:58 - 2016-10-18 16:58 - 0140288 _____ () C:\Users\Młody\AppData\Roaming\Installer.dat
2016-10-18 16:58 - 2016-10-18 16:58 - 0018432 _____ () C:\Users\Młody\AppData\Roaming\Main.dat
2016-10-17 17:04 - 2016-10-17 17:04 - 0004905 _____ () C:\Users\Młody\AppData\Local\recently-used.xbel
2014-11-21 11:30 - 2014-11-28 20:24 - 0007597 _____ () C:\Users\Młody\AppData\Local\Resmon.ResmonCfg
2014-08-07 04:29 - 2014-08-07 04:29 - 0000003 _____ () C:\Users\Młody\AppData\Local\user_data.ini
Some files in TEMP:
====================
C:\Users\Młody\AppData\Local\Temp\binkw32.dll
C:\Users\Młody\AppData\Local\Temp\Browser_V5.6.14087.902_r_4644_(Build1608021049).exe
C:\Users\Młody\AppData\Local\Temp\cpa.exe
C:\Users\Młody\AppData\Local\Temp\d2l_Install.exe
C:\Users\Młody\AppData\Local\Temp\dxdiag.exe
C:\Users\Młody\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Młody\AppData\Local\Temp\installerdll13442980.dll
C:\Users\Młody\AppData\Local\Temp\installerdll13619339.dll
C:\Users\Młody\AppData\Local\Temp\installerdll13790550.dll
C:\Users\Młody\AppData\Local\Temp\installerdll13805558.dll
C:\Users\Młody\AppData\Local\Temp\installerdll13844729.dll
C:\Users\Młody\AppData\Local\Temp\nsy67BC.tmp.exe
C:\Users\Młody\AppData\Local\Temp\playstv_patch.exe
C:\Users\Młody\AppData\Local\Temp\raptrpatch.exe
C:\Users\Młody\AppData\Local\Temp\raptr_stub.exe
C:\Users\Młody\AppData\Local\Temp\setup.exe
C:\Users\Młody\AppData\Local\Temp\wait.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe = & gt; File is digitally signed
C:\Windows\system32\wininit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\wininit.exe = & gt; File is digitally signed
C:\Windows\explorer.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\explorer.exe = & gt; File is digitally signed
C:\Windows\system32\svchost.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\svchost.exe = & gt; File is digitally signed
C:\Windows\system32\services.exe = & gt; File is digitally signed
C:\Windows\system32\User32.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\User32.dll = & gt; File is digitally signed
C:\Windows\system32\userinit.exe = & gt; File is digitally signed
C:\Windows\SysWOW64\userinit.exe = & gt; File is digitally signed
C:\Windows\system32\rpcss.dll = & gt; File is digitally signed
C:\Windows\system32\dnsapi.dll = & gt; File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll = & gt; File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys = & gt; File is digitally signed
LastRegBack: 2016-10-16 20:08
==================== End of FRST.txt ============================