[b]############################## | UsbFix V 9.034 | [Research][/b] User: Właściciel (Administrator) # GRZEGORZ Updated 10/03/2017 by SOSVirus Started at 08:01:20 | 14/03/2017 Website : [url=https://www.usb-antivirus.com/]https://www.usb-antivirus.com/[/url] Tutorial : [url=https://www.usb-antivirus.com/tutorial/]https://www.usb-antivirus.com/tutorial/[/url] Support : [url=https://www.sosvirus.org/]https://www.sosvirus.org/[/url] Live detection : [url=http://www.sosmalware.com/usbfix/]http://www.sosmalware.com/usbfix/[/url] Contact : [url=https://www.usb-antivirus.com/contact/]https://www.usb-antivirus.com/contact/[/url] [b]################## | System information |[/b] MB: MSI (970A-G43 (MS-7693)) CPU: AMD FX(tm)-6300 Six-Core Processor GC: NVIDIA GeForce GT 630 RAM -> [Total : 8140 Mo | Free : 5698 Mo] Bios: American Megatrends Inc. Boot: Normal boot OS: Microsoft™ Windows 10 Home (6.3.14393 64-Bit) WB: Internet Explorer : 11.00.14393.0 WB: Microsoft Edge : 11.00.14393.693 (rs1_release.161220-1747) WB: Google Chrome : 56.0.2924.87 WB: Mozilla Firefox : 51.0.1 [b]################## | Security Information |[/b] AV: Windows Defender [[b](!) Disabled[/b] |Updated] AV: ESET Smart Security 9.0.407.0 [Enabled |Updated] AS: ESET Smart Security 9.0.407.0 [Enabled |Updated] AS: Windows Defender [[b](!) Disabled[/b] |Updated] FW: Zapora osobista ESET [Enabled] FW: Windows Firewall [Enabled] SC: Security Center [Enabled] WU: Windows Update [Enabled] [b]################## | Disk Information |[/b] C:\ (%SystemDrive%) -> Fixed disk # 100 Gb (26 Gb free - 26%) [] # NTFS D:\ -> Fixed disk # 416 Gb (373 Gb free - 90%) [] # NTFS E:\ -> Fixed disk # 416 Gb (258 Gb free - 62%) [] # NTFS G:\ -> Removable disk # 4 Gb (1000 Mb free - 26%) [] # FAT H:\ -> Removable disk # 4 Gb (3 Gb free - 70%) [NOWY] # FAT32 [b]################## | Startup |[/b] F2 - HKLM\..\Winlogon : [Shell] explorer.exe F2 - [x64] HKLM\..\Winlogon : [Shell] Explorer.exe F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe, 04 - HKCU\..\Run : [OneDrive] "C:\Users\Właściciel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background 04 - HKCU\..\Run : [HP Officejet Pro X576dw MFP (NET)] "C:\Program Files\HP\HP Officejet Pro X576dw MFP\Bin\ScanToPCActivationApp.exe" -deviceID "CN47OIJ029:NW" -scfn "HP Officejet Pro X576dw MFP (NET)" -AutoStart 1 04 - HKCU\..\RunOnce : [Uninstall C:\Users\Właściciel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Właściciel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" 04 - HKLM\..\Run : [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" 04 - HKLM\..\Run : [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup 04 - HKLM\..\Run : [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe 04 - HKLM\..\Run : [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" 04 - HKLM\..\Run : [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe 04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s 04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" 04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup 04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup 04 - HKU\S-1-5-21-257339473-2836601490-2675307199-1000\..\Run : [OneDrive] "C:\Users\Właściciel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background 04 - HKU\S-1-5-21-257339473-2836601490-2675307199-1000\..\Run : [HP Officejet Pro X576dw MFP (NET)] "C:\Program Files\HP\HP Officejet Pro X576dw MFP\Bin\ScanToPCActivationApp.exe" -deviceID "CN47OIJ029:NW" -scfn "HP Officejet Pro X576dw MFP (NET)" -AutoStart 1 04 - HKU\S-1-5-21-257339473-2836601490-2675307199-501\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup 04 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup 04 - HKU\S-1-5-21-257339473-2836601490-2675307199-1000\..\RunOnce : [Uninstall C:\Users\Właściciel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Właściciel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" 04 - HKU\S-1-5-21-257339473-2836601490-2675307199-501\..\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [b]################## | Generic Research |[/b] Found! G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 [b]Analysed in 7.450 seconds[/b] [b]################## | E.O.F | [url=https://www.sosvirus.net/]https://www.sosvirus.net/[/url] | [url=https://www.usb-antivirus.com/]https://www.usb-antivirus.com/[/url] |[/b]