Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2019 Ran by SYSTEM on MININT-MNBC7DP (18-12-2019 07:53:59) Running from f:\ Platform: Windows 7 Professional Service Pack 1 (X86) Language: Angielski (Stany Zjednoczone) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\administrator\...\RunOnce: [Application Restart #0] => C:\Program Files\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2009-03-11] ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2009-03-11] ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions) Startup: C:\Users\piotr.PEKPOLO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-03-12] ShortcutTarget: EvernoteClipper.lnk -> (No File) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {066DA4D4-B8A7-452A-8A60-C4374F80B355} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {0F38ABAB-83AE-43D9-9EEE-820FE075D419} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f8b5e93ea4e => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {27A00EAE-35DC-4BC8-9423-C3B4A8FE3C51} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Administrator => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [5658384 2019-07-10] (Janos Mathe -> H.D.S. Hungary) Task: {3D25657C-E5D7-4D66-8E77-27BD1C9F8048} - System32\Tasks\GoogleUpdateTaskMachineUA1d0ef526cf8459c => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {47560AB2-A766-439C-8298-8FE535F68BBA} - System32\Tasks\GoogleUpdateTaskMachineUA1d12e48c3a55834 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {4DA86EFC-7426-47C5-9E57-A8BDD2C26C90} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e0f2b24d4afa => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {52A388B1-2A4E-44FB-BB89-18A859F22F18} - System32\Tasks\GoogleUpdateTaskMachineCore1d12e48c365130d => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {5532434E-B3E1-4F05-9A3B-E4F27E899682} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf733b375dcf => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {6E768D60-0FB4-49ED-B2E0-82B229FC9A70} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ea555081d296 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {7E806337-02E9-436B-8EB6-2E7C97D61968} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab001db1d40a => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {82C4A597-F9F2-4C47-9B5D-4B4CAAC76C7F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2010-11-10] (Microsoft Corporation -> Microsoft Corporation) Task: {A718123D-61A5-467E-8E02-2AD969D7D527} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e0f2b28a7bef => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {B1B9CC78-38BC-48AD-8CE2-51BBEBE5E7C1} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ea5550f414a3 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {B9002534-124E-4283-82C1-424C5C2E3215} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8d453b9d1ec => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {C04E8AE3-557A-428B-A488-7FBD0233EF0B} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef526cae7af4 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {C4BD06AF-7A4D-4A57-9AB0-FC92E633A927} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Administrator.PIOTR\Desktop\adwcleaner_8.0.0.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e0f2b24d4afa.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ef526cae7af4.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12e48c365130d.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d453b9d1ec.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f8b5e93ea4e.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf733b375dcf.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e0f2b28a7bef.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef526cf8459c.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12e48c3a55834.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab001db1d40a.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [33136 2013-02-14] (ESET, spol. s r.o. -> ESET) S4 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe [1020304 2013-02-14] (ESET, spol. s r.o. -> ESET) S4 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [183944 2013-02-14] (ESET, spol. s r.o. -> ESET) S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation) S4 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet, Inc. -> SafeNet Inc.) S4 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation) S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation) S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () S4 TestHandler; C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Siemens Computers -> Fujitsu Technology Solutions) S4 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1458800 2019-10-15] (GlavSoft LLC -> GlavSoft LLC.) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) S1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2017-04-04] (Microsoft Corporation) S2 aksfridge; C:\Windows\System32\DRIVERS\aksfridge.sys [356864 2010-09-27] (SafeNet Inc.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [238208 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [46336 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [16384 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 AppID; C:\Windows\system32\drivers\appid.sys [50688 2018-03-31] (Microsoft Corporation) S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [68608 2016-10-05] (Microsoft Corporation) S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) S1 cdrom; C:\Windows\system32\drivers\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-14] (Microsoft Corporation) S3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) S1 CSC; C:\Windows\System32\drivers\csc.sys [388096 2010-11-20] (Microsoft Corporation) S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [81408 2018-01-01] (Microsoft Corporation) S1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2015-12-08] (Microsoft Corporation) S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [175288 2013-02-04] (ESET, spol. s r.o. -> ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [124848 2013-02-04] (ESET, spol. s r.o. -> ESET) S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [108344 2013-02-04] (ESET, spol. s r.o. -> ESET) S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2018-02-10] (Microsoft Corporation) S3 exfat; C:\Windows\System32\Drivers\exfat.sys [142336 2017-03-10] (Microsoft Corporation) S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [148992 2017-03-10] (Microsoft Corporation) S2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.) S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) S3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) S3 HECI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2009-11-04] (Intel Corporation) S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-14] (Microsoft Corporation) S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2018-01-12] (Microsoft Corporation) S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [514048 2018-01-01] (Microsoft Corporation) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9024512 2010-08-25] (Intel Corporation) S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [232960 2010-02-03] (Intel(R) Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) S2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2017-10-12] (Microsoft Corporation) S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2018-01-01] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [117248 2016-09-08] (Microsoft Corporation) S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [124928 2018-03-31] (Microsoft Corporation) S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [226304 2018-03-31] (Microsoft Corporation) S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [98304 2018-03-31] (Microsoft Corporation) S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [271360 2017-09-13] (Microsoft Corporation) S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2018-01-01] (Microsoft Corporation) S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [188928 2017-08-11] (Microsoft Corporation) S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [17920 2017-08-11] (Microsoft Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation) S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [593920 2016-06-14] (Microsoft Corporation) S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2018-01-01] (Microsoft Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [247808 2017-10-12] (Microsoft Corporation) S3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] (Microsoft Corporation) S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) S3 srv; C:\Windows\System32\DRIVERS\srv.sys [313344 2018-01-01] (Microsoft Corporation) S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [314368 2018-01-01] (Microsoft Corporation) S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [115712 2018-01-01] (Microsoft Corporation) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-12-15] (The OpenVPN Project) S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35840 2016-07-07] (Microsoft Corporation) S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2017-07-29] (Microsoft Corporation) S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31744 2017-08-13] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] (Microsoft Corporation) S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) S3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation) S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2017-10-18] (Microsoft Corporation) S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [46592 2017-10-18] (Microsoft Corporation) S3 usbhub; C:\Windows\system32\drivers\usbhub.sys [259584 2017-10-18] (Microsoft Corporation) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2017-10-18] (Microsoft Corporation) S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2016-02-03] (Microsoft Corporation) S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24576 2017-10-18] (Microsoft Corporation) S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] (Microsoft Corporation) S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2018-02-10] (Microsoft Corporation) S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-18 07:53 - 2019-12-18 07:53 - 000000000 ____D C:\FRST 2019-12-16 13:18 - 2019-12-16 13:18 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\mbam 2019-12-16 13:18 - 2019-12-16 13:18 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\cache 2019-12-16 08:19 - 2019-12-16 13:44 - 000000000 ____D C:\Program Files\Core Temp 2019-12-16 08:19 - 2019-12-16 08:19 - 000000000 ____D C:\Program Files\CPUID 2019-12-16 08:17 - 2019-12-16 08:17 - 000000000 ____D C:\Users\Administrator.PIOTR\Downloads\wsusoffline1183 2019-12-16 08:16 - 2019-12-16 08:16 - 006561676 _____ C:\Users\Administrator.PIOTR\Downloads\wsusoffline1183.zip 2019-12-16 08:11 - 2019-12-16 08:11 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\ESET 2019-12-16 08:10 - 2019-12-16 13:44 - 000000000 ____D C:\Users\Administrator.PIOTR\Downloads\aida3942(dobreprogramy.pl) 2019-12-16 08:09 - 2019-12-16 08:10 - 003256656 _____ C:\Users\Administrator.PIOTR\Downloads\aida3942(dobreprogramy.pl).zip 2019-12-16 08:09 - 2019-12-16 08:09 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\mbamtray 2019-12-16 08:09 - 2019-12-16 08:09 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-12-16 08:08 - 2019-12-16 13:44 - 000000000 ____D C:\Program Files\HWiNFO32 2019-12-16 08:08 - 2019-12-16 08:08 - 000000000 ____D C:\Program Files\Malwarebytes 2019-12-16 08:07 - 2019-12-16 08:07 - 008667396 _____ C:\Users\Administrator.PIOTR\Downloads\hwi_620.zip 2019-12-16 07:51 - 2019-12-16 13:44 - 000000000 ____D C:\Program Files\CCleaner 2019-12-16 07:33 - 2019-12-16 07:41 - 000000000 ____D C:\Windows\System32\MRT 2019-12-13 14:15 - 2019-12-16 14:06 - 000000000 ____D C:\Program Files\TightVNC 2019-12-13 14:15 - 2019-12-13 14:15 - 000000000 ____D C:\ProgramData\TightVNC 2019-12-13 14:08 - 2019-12-13 14:08 - 000000312 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job 2019-12-13 14:07 - 2019-12-13 14:07 - 019361890 _____ C:\Users\Administrator.PIOTR\Downloads\OCCTPT4.5.1.zip 2019-12-13 14:07 - 2019-12-13 14:07 - 019054640 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\Administrator.PIOTR\Downloads\OCCT5.4.2 (1).exe 2019-12-13 14:06 - 2019-12-13 14:08 - 000000000 ____D C:\AdwCleaner 2019-12-13 14:06 - 2019-12-13 14:06 - 002035712 _____ C:\Users\Administrator.PIOTR\Downloads\tightvnc-2.8.27-gpl-setup-32bit.msi 2019-12-13 14:04 - 2019-12-13 14:04 - 019054640 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\Administrator.PIOTR\Downloads\OCCT5.4.2.exe 2019-12-13 14:04 - 2019-12-13 11:29 - 008218800 _____ (Malwarebytes) C:\Users\Administrator.PIOTR\Desktop\adwcleaner_8.0.0.exe 2019-12-13 11:57 - 2019-12-16 14:06 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2019-12-13 11:47 - 2019-02-16 06:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe 2019-12-13 11:37 - 2019-12-16 14:06 - 000000000 ____D C:\Windows\System32\Tasks\HardDiskSentinel 2019-12-13 11:37 - 2019-12-16 14:06 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Roaming\Hard Disk Sentinel 2019-12-13 11:37 - 2019-12-13 11:37 - 000000000 ____D C:\Program Files\HD Tune Pro 2019-12-13 11:36 - 2019-12-16 14:06 - 000000000 ____D C:\Program Files\Hard Disk Sentinel 2019-12-13 11:35 - 2019-12-13 11:36 - 006402792 _____ (MiniTool Software Limited ) C:\Users\Administrator.PIOTR\Downloads\pw11-free.exe 2019-12-13 11:35 - 2019-12-13 11:35 - 000000000 ____D C:\Users\Administrator.PIOTR\Downloads\SmartPSS 1.14.2_2 2019-12-13 11:35 - 2019-12-13 11:35 - 000000000 ____D C:\Users\Administrator.PIOTR\Downloads\hdsentinel_trial_setup 2019-12-13 11:35 - 2019-12-13 11:35 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Roaming\WinRAR 2019-12-13 11:32 - 2019-12-13 11:33 - 016228740 _____ C:\Users\Administrator.PIOTR\Downloads\BCS - Manual BCSManager.pdf 2019-12-13 11:32 - 2019-12-13 11:32 - 002176065 _____ C:\Users\Administrator.PIOTR\Downloads\BCS - Manual BCSManager P2P(Chmura).pdf 2019-12-13 11:31 - 2019-12-13 11:33 - 106679179 _____ C:\Users\Administrator.PIOTR\Downloads\SmartPSS 1.14.2_2.zip 2019-12-13 11:31 - 2019-12-13 11:32 - 084533538 _____ C:\Users\Administrator.PIOTR\Downloads\smartpss_international_win32_is_v2.02.1.r.180202.exe 2019-12-13 11:31 - 2019-12-13 11:31 - 002739790 _____ C:\Users\Administrator.PIOTR\Downloads\BCS - Manual BCSManager Mobile.pdf 2019-12-13 11:30 - 2019-12-13 11:33 - 174882816 _____ C:\Users\Administrator.PIOTR\Downloads\ees_nt32.msi 2019-12-13 11:30 - 2019-12-13 11:32 - 027091530 _____ C:\Users\Administrator.PIOTR\Downloads\hdsentinel_trial_setup.zip 2019-12-13 11:30 - 2019-12-13 11:31 - 076836712 _____ (NSS Sp. z o.o. ) C:\Users\Administrator.PIOTR\Downloads\BCSManager-1.5.728-win32-Setup.exe 2019-12-13 11:30 - 2019-12-13 11:30 - 002249913 _____ (EFD Software ) C:\Users\Administrator.PIOTR\Downloads\hdtunepro_575_trial.exe 2019-12-13 11:27 - 2019-12-13 11:29 - 008218800 _____ (Malwarebytes) C:\Users\Administrator.PIOTR\Downloads\adwcleaner_8.0.0.exe 2019-12-13 10:26 - 2019-12-16 14:35 - 000112928 _____ C:\Users\Administrator.PIOTR\AppData\Local\GDIPFONTCACHEV1.DAT 2019-12-13 10:26 - 2019-12-13 10:26 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\NVIDIA Corporation 2019-12-13 10:25 - 2019-12-16 14:06 - 000000000 ____D C:\users\Administrator.PIOTR 2019-12-13 10:25 - 2019-12-16 14:02 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\Google 2019-12-13 10:25 - 2019-12-13 10:25 - 000000020 ___SH C:\Users\Administrator.PIOTR\ntuser.ini 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Ustawienia lokalne 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Szablony 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Moje dokumenty 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Menu Start 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Documents\Moje wideo 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Documents\Moje obrazy 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Documents\Moja muzyka 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\Dane aplikacji 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\AppData\Local\Historia 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 _SHDL C:\Users\Administrator.PIOTR\AppData\Local\Dane aplikacji 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Roaming\Adobe 2019-12-13 10:25 - 2019-12-13 10:25 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\NVIDIA 2019-12-13 10:25 - 2010-12-23 13:56 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\Microsoft Help 2019-12-13 10:25 - 2010-12-23 13:55 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Local\Adobe 2019-12-13 10:25 - 2009-07-14 08:49 - 000000000 ____D C:\Users\Administrator.PIOTR\AppData\Roaming\Media Center Programs ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-18 07:50 - 2015-12-04 05:03 - 000001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12e48c365130d.job 2019-12-18 07:50 - 2015-09-15 02:04 - 000001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ef526cae7af4.job 2019-12-18 07:50 - 2015-08-27 19:03 - 000001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e0f2b24d4afa.job 2019-12-18 07:50 - 2013-09-30 14:05 - 000001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2019-12-18 07:49 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-16 14:36 - 2015-09-23 14:00 - 000396080 _____ C:\Windows\ntbtlog.txt 2019-12-16 14:06 - 2015-09-25 09:49 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-16 14:06 - 2015-09-25 09:44 - 000000000 ____D C:\NVIDIA 2019-12-16 14:06 - 2015-03-13 18:11 - 000000000 ____D C:\Windows\System32\appraiser 2019-12-16 14:06 - 2014-05-07 02:00 - 000000000 ___SD C:\Windows\System32\CompatTel 2019-12-16 14:06 - 2010-12-30 16:04 - 000000000 ____D C:\users\administrator 2019-12-16 14:06 - 2010-12-30 15:58 - 000000000 ____D C:\users\piotr.PEKPOLO 2019-12-16 14:06 - 2010-12-23 13:59 - 000000000 ____D C:\users\Piotr 2019-12-16 14:06 - 2009-08-20 23:15 - 000000000 ____D C:\Program Files\Microsoft Office 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\System32\ras 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\System32\Dism 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\servicing 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2019-12-16 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-12-16 14:05 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration 2019-12-16 14:02 - 2017-04-24 14:57 - 000000000 ____D C:\ProgramData\Package Cache 2019-12-16 07:52 - 2009-08-07 16:46 - 000000000 ____D C:\Windows\Panther 2019-12-16 07:09 - 2015-08-27 19:03 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e0f2b28a7bef.job 2019-12-16 07:09 - 2015-07-16 03:58 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf733b375dcf.job 2019-12-16 07:08 - 2015-09-15 02:04 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0ef526cf8459c.job 2019-12-13 14:37 - 2009-07-14 05:34 - 000021680 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-12-13 14:37 - 2009-07-14 05:34 - 000021680 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-12-13 14:32 - 2016-05-10 22:08 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab001db1d40a.job 2019-12-13 14:13 - 2015-12-04 05:03 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12e48c3a55834.job 2019-12-13 14:08 - 2009-08-20 23:20 - 001670518 _____ C:\Windows\System32\PerfStringBackup.INI 2019-12-13 14:08 - 2009-08-07 17:03 - 000740422 _____ C:\Windows\System32\perfh015.dat 2019-12-13 14:08 - 2009-08-07 17:03 - 000155996 _____ C:\Windows\System32\perfc015.dat 2019-12-13 13:03 - 2015-05-16 04:49 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08f8b5e93ea4e.job 2019-12-13 12:54 - 2014-06-21 12:36 - 000001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8d453b9d1ec.job 2019-12-13 11:39 - 2016-07-30 12:27 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1ea5550f414a3 2019-12-13 11:39 - 2016-07-30 12:27 - 000003344 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1ea555081d296 2019-12-13 11:37 - 2010-12-23 13:55 - 000000000 ____D C:\Program Files\Google 2019-12-13 11:31 - 2017-04-24 14:56 - 000000000 ____D C:\ProgramData\BCSManager 2019-12-13 11:31 - 2017-04-24 14:56 - 000000000 ____D C:\Program Files\BCS Manager 2019-12-13 10:36 - 2009-07-14 03:37 - 000000000 ___HD C:\Windows\System32\GroupPolicy ==================== KnownDLLs (Whitelisted) ========================= ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll [2018-01-05 09:24] - [2018-01-01 03:00] - 000377344 _____ (Microsoft Corporation) BF1B8CFDE3B075F2DA2652C3D35EC212 C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\System32\dllhost.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= Restore point date: 2018-04-06 04:10 Restore point date: 2018-04-07 02:00 Restore point date: 2018-04-10 04:32 Restore point date: 2018-04-12 02:00 Restore point date: 2019-12-13 11:56 Restore point date: 2019-12-13 12:15 Restore point date: 2019-12-13 14:15 Restore point date: 2019-12-16 07:23 Restore point date: 2019-12-16 14:05 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3767.11 MB Available physical RAM: 3132.54 MB Total Virtual: 3765.39 MB Available Virtual: 3132.71 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:200 GB) (Free:128.47 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (Data) (Fixed) (Total:263.75 GB) (Free:187.39 GB) NTFS Drive e: (WINRE) (Fixed) (Total:2 GB) (Free:1.4 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (UUI) (Removable) (Total:3.61 GB) (Free:0.1 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.12 GB) (Free:0.12 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D22F9EB7) Partition 1: (Active) - (Size=2 GB) - (Type=27) Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=263.8 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 3.6 GB) (Disk ID: 001A0D30) Partition 1: (Active) - (Size=3.6 GB) - (Type=0B) LastRegBack: 2019-12-13 10:18 ==================== End of FRST.txt ========================