Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2020 Ran by Karol (administrator) on KAROL-PC (SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A) (01-12-2020 11:55:52) Running from C:\Users\Karol\Downloads Loaded Profiles: Karol Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel Corporation - Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe (Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe (Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2824528 2012-06-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2824528 2012-06-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA) [File not signed] HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454624 2018-02-11] (Power Software Limited -> Power Software Ltd) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1596920 2016-10-13] (Power Technology -> ) [File not signed] HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-10-14] (IDSA Production signing key -> Intel) HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [3930344 2018-11-10] (ALLPlayer Group sp. z o.o. -> ALLPlayer.org) HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3990528 2018-02-02] (Napisy24.pl) [File not signed] HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\Run: [Napisy24.pl] => C:\Program Files (x86)\Napisy24\Napisy24.exe [7492840 2019-06-19] (ALLPlayer Group sp. z o.o. -> Napisy24.pl) HKU\S-1-5-21-1926918652-2461648831-38883309-1000\Software\Policies\...\system: [disablecmd] 0 HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\MountPoints2: {9eedef15-89e9-11ea-bb48-dca971a0a612} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-1926918652-2461648831-38883309-1000\...\MountPoints2: {b935ff8d-3834-11ea-b671-dca971a0a612} - G:\HiSuiteDownLoader.exe HKLM\...\Print\Monitors\EPSON L310 Series 64MonitorBE: C:\Windows\system32\E_YLMBN4E.DLL [180224 2014-03-05] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\HP 8911 Status Monitor: C:\Windows\system32\hpinksts8911LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\Windows\system32\novamn10.dll [18944 2020-06-04] (Softland) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-19] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00752D78-274A-4E25-A92B-E8EBCC1DA6A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {0C8EC729-1CDF-4D7A-A07E-2022729662A0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-08-19] (Mozilla Corporation -> Mozilla Foundation) Task: {12D3C04E-FB08-4D23-B08F-7CB15AD36661} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {1C00C5A6-0E25-4909-8548-6FCBDB108083} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {2660AF5C-35D5-41F6-AC1D-2F0841F5CFF9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {3FD1740D-DA02-47AD-8DBD-7A8F3103FCDC} - System32\Tasks\EPSON L310 Series Update {BD2E0A2C-84DA-4219-9AF6-61860BD9823B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN4E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {478DDD1E-D4FD-4D5A-9C1A-8FEBC2556F28} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {5C4206FE-4086-4CAD-B23A-67F36B973CA2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1926918652-2461648831-38883309-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {5D42EB8B-AE53-48B1-A68D-F3541FE04C24} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-13] (Google Inc -> Google Inc.) Task: {6888C76D-C375-4A7F-A993-76545C0AB45D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd) Task: {695CCF9E-6115-4CED-B6BB-428941D1E61F} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.) Task: {73ED6C13-06D8-419E-8524-34FC30AA0A2C} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-06-04] (Softland SRL -> ) Task: {78DBA559-95D7-4507-B232-12044C1B1002} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {8504848D-1109-48B1-BEE4-B371BDE72968} - System32\Tasks\{5C49FBA0-B160-4625-8847-EDD9C31D83F9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Karol\Desktop\New folder\Touchpad_4.5.0.0\TouchpadSetup.exe" -d "C:\Users\Karol\Desktop\New folder\Touchpad_4.5.0.0" Task: {AA94DD3C-8BD9-4F53-96A3-8FCB5818AB94} - System32\Tasks\{1BD110FE-0F35-4077-8FBF-DF535E23C6BE} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\ Task: {AE9CFBD4-7B52-4794-B07D-6E4F3282D86E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd) Task: {BD034CE7-45A4-42DC-BC25-9D092D09EE41} - System32\Tasks\Opera scheduled Autoupdate 1518522525 => C:\Users\Karol\AppData\Local\Programs\Opera\launcher.exe [1221720 2017-10-17] (Opera Software AS -> Opera Software) Task: {C7F686FB-8A6E-4F01-8D51-D8EED44C2679} - System32\Tasks\Firefox Default Browser Agent 2BA6C1D67C500BCE => C:\Users\Karol\AppData\Roaming\tvugtbr.exe <==== ATTENTION Task: {C8DE8628-BB65-4FA7-BA36-A06E4AFC6A7F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-13] (Google Inc -> Google Inc.) Task: {FFF43396-92F3-40D0-9510-13FF115135A7} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-06-04] (Softland SRL -> ) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\EPSON L310 Series Update {BD2E0A2C-84DA-4219-9AF6-61860BD9823B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSN4E.EXE:/EXE:{BD2E0A2C-84DA-4219-9AF6-61860BD9823B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{624D775F-CB82-4670-9EBD-CBBDDF70BC0C}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{A346CDBE-3182-43BE-960A-B43BBDF53463}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{B6FBFD64-896A-469D-8D1E-0DE59114964E}: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF DefaultProfile: nfp29bn9.default FF ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\nfp29bn9.default [2020-08-31] FF ProfilePath: C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\2p0gdb30.default-release [2020-12-01] FF Extension: (Malwarebytes Browser Guard) - C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\2p0gdb30.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-12-01] FF Extension: (Greasemonkey) - C:\Users\Karol\AppData\Roaming\Mozilla\Firefox\Profiles\2p0gdb30.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-12-01] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1926918652-2461648831-38883309-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Karol\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-12] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) Chrome: ======= CHR Profile: C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default [2020-12-01] CHR Notifications: Default -> hxxps://sauwoaptain.com; hxxps://www.manutd.pl; hxxps://www.pracuj.pl; hxxps://www.provident.pl; hxxps://www.youtube.com CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3csD1KEOrnG--rZu01INOCH4vdjIgiat0N2bd0Xu5lwMZ3SN_Gu3FX65ClEMpLfWxavCWNsVWfLixy_-5JaVH-pqL2oAtDXtbxIbub-DZoEBwM-mERfYtWEY53csrbmMKizbQZ62fCim9yg,, CHR Extension: (Prezentacje) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-13] CHR Extension: (Przelewy24) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj [2020-03-31] CHR Extension: (Dokumenty) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-13] CHR Extension: (Dysk Google) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25] CHR Extension: (YouTube) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-13] CHR Extension: (Adobe Acrobat) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-21] CHR Extension: (Arkusze) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-13] CHR Extension: (Google Translate) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnfhfpkmpnmlmlgfeabpegnfpdnmokco [2020-12-01] CHR Extension: (Dokumenty Google offline) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18] CHR Extension: (AdBlock — najlepszy bloker reklam) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-11-22] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-12-01] CHR Extension: (Earth in Space) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiihlpikmpijdopbaegjibndhpgjmjfe [2020-04-22] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-25] CHR Extension: (Chrome Scrobbler) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodaicahdnijcdhnoljcmmhdhcgjmann [2018-02-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05] CHR Extension: (Gmail) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25] CHR Extension: (Chrome Media Router) - C:\Users\Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-22] CHR Profile: C:\Users\Karol\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-01] CHR HKU\S-1-5-21-1926918652-2461648831-38883309-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-01] (Malwarebytes Inc -> Malwarebytes) R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-06-04] (Softland SRL -> Microsoft) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2020-03-29] (Even Balance, Inc. -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [195584 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [195584 2011-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider) R3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-12-01] (Malwarebytes Corporation -> Malwarebytes) S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-01] (Malwarebytes Inc -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197792 2020-12-01] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2020-12-01] (Malwarebytes Inc -> Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-01] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [126576 2020-12-01] (Malwarebytes Inc -> Malwarebytes) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-01 11:55 - 2020-12-01 11:57 - 000021169 _____ C:\Users\Karol\Downloads\FRST.txt 2020-12-01 11:55 - 2020-12-01 11:56 - 000000000 ____D C:\FRST 2020-12-01 11:55 - 2020-12-01 11:55 - 002290176 _____ (Farbar) C:\Users\Karol\Downloads\FRST64.exe 2020-12-01 11:43 - 2020-12-01 11:43 - 005659583 ____R (Swearware) C:\Users\Karol\Desktop\ComboFix.exe 2020-12-01 11:43 - 2020-12-01 11:43 - 005659583 _____ (Swearware) C:\Users\Karol\Downloads\ComboFix.exe 2020-12-01 11:39 - 2020-12-01 11:39 - 000197792 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2020-12-01 11:39 - 2020-12-01 11:39 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2020-12-01 11:37 - 2020-12-01 11:37 - 000126576 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2020-12-01 08:30 - 2020-12-01 08:30 - 000006411 _____ C:\Users\Karol\Desktop\intro 2.gp5 2020-12-01 07:54 - 2020-12-01 07:54 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-12-01 07:54 - 2020-12-01 07:54 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-12-01 07:54 - 2020-12-01 07:54 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-12-01 07:54 - 2020-12-01 07:54 - 000000000 ____D C:\Users\Karol\AppData\Local\mbam 2020-12-01 07:53 - 2020-12-01 07:53 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-12-01 07:53 - 2020-12-01 07:53 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-12-01 07:53 - 2020-12-01 07:53 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-12-01 07:53 - 2020-12-01 07:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-12-01 07:51 - 2020-12-01 07:51 - 002076624 _____ (Malwarebytes) C:\Users\Karol\Downloads\MBSetup.exe 2020-12-01 07:39 - 2020-12-01 07:40 - 000000000 ____D C:\AdwCleaner 2020-12-01 07:38 - 2020-12-01 07:38 - 008447152 _____ (Malwarebytes) C:\Users\Karol\Downloads\adwcleaner_8.0.8.exe 2020-12-01 07:31 - 2020-12-01 07:31 - 000000000 ___SD C:\combofix-19-11-4-1 2020-12-01 07:30 - 2020-12-01 07:30 - 000000000 ____D C:\Windows\erdnt 2020-12-01 07:30 - 2020-12-01 07:30 - 000000000 ____D C:\Qoobox 2020-12-01 07:23 - 2020-12-01 07:23 - 000388608 _____ (Trend Micro Inc.) C:\Users\Karol\Downloads\HijackThis_2.0.4.exe 2020-12-01 07:20 - 2020-12-01 07:22 - 000003586 _____ C:\Windows\system32\Tasks\Firefox Default Browser Agent 2BA6C1D67C500BCE 2020-12-01 07:20 - 2020-12-01 07:20 - 000000000 ____D C:\Users\Public\Thunder Network 2020-12-01 07:20 - 2020-12-01 07:20 - 000000000 ____D C:\ProgramData\Thunder Network 2020-12-01 07:19 - 2020-12-01 07:19 - 000000024 _____ C:\ProgramData\72690.bat 2020-12-01 07:19 - 2020-12-01 07:19 - 000000024 _____ C:\ProgramData\37823.bat 2020-12-01 07:18 - 2020-12-01 07:19 - 000000000 ____D C:\Users\Karol\Documents\VlcpVideoV1.0.1 2020-12-01 07:18 - 2020-12-01 07:19 - 000000000 ____D C:\Program Files (x86)\k42a4i0zb2uk 2020-12-01 07:18 - 2020-12-01 07:18 - 000000000 ____D C:\ProgramData\sib 2020-11-30 14:20 - 2020-12-01 08:39 - 000033140 _____ C:\Users\Karol\Desktop\intro melo.gp5 2020-11-27 10:01 - 2020-11-27 10:01 - 000000000 ____D C:\Users\Karol\Downloads\sortitoutsi_cutout_megapack_12.17_changes 2020-11-26 17:09 - 2020-11-26 17:09 - 000000000 ____D C:\Users\Karol\Downloads\metallic_logos_fm2020_v9_changes 2020-11-26 15:07 - 2020-11-26 17:49 - 447090384 _____ C:\Users\Karol\Downloads\sortitoutsi_cutout_megapack_12.17_changes.rar 2020-11-26 15:01 - 2020-11-26 15:25 - 072870463 _____ C:\Users\Karol\Downloads\metallic_logos_fm2020_v9_changes.rar 2020-11-26 14:20 - 2020-11-26 14:30 - 000000000 ____D C:\Users\Karol\Downloads\Ligue 1 SS´19-20 2020-11-26 14:20 - 2020-11-26 14:29 - 000000000 ____D C:\Users\Karol\Downloads\MLS SS'2019 2020-11-26 14:20 - 2020-11-26 14:29 - 000000000 ____D C:\Users\Karol\Downloads\Italy Serie A SS'19-20 2020-11-26 14:20 - 2020-11-26 14:29 - 000000000 ____D C:\Users\Karol\Downloads\England levels 1-6 SS19-20 2020-11-26 14:20 - 2020-11-26 14:29 - 000000000 ____D C:\Users\Karol\Downloads\Ekstraklasa SS'19-20 2020-11-26 14:20 - 2020-11-26 14:29 - 000000000 ____D C:\Users\Karol\Downloads\Belgium Pro League SS´19-20 2020-11-26 14:20 - 2020-11-26 14:29 - 000000000 ____D C:\Users\Karol\Downloads\2 Spain Liga SmartBank SS´19-20 2020-11-26 14:20 - 2020-11-26 14:28 - 000000000 ____D C:\Users\Karol\Downloads\Fortuna 1 Liga SS'19-20 2020-11-26 14:20 - 2020-11-26 14:24 - 000000000 ____D C:\Users\Karol\Downloads\1 bund 19-20 2020-11-26 14:20 - 2020-11-26 14:20 - 000000000 ____D C:\Users\Karol\Downloads\Belgium Pro League SS´19-20 (1) 2020-11-26 14:17 - 2020-11-26 14:17 - 014230178 _____ C:\Users\Karol\Downloads\Fortuna 1 Liga SS'19-20.rar 2020-11-26 14:16 - 2020-11-26 14:16 - 012439711 _____ C:\Users\Karol\Downloads\Ekstraklasa SS'19-20.rar 2020-11-26 14:15 - 2020-11-26 14:15 - 012239975 _____ C:\Users\Karol\Downloads\MLS SS'2019.rar 2020-11-26 14:13 - 2020-11-26 14:15 - 069237560 _____ C:\Users\Karol\Downloads\England levels 1-6 SS19-20.rar 2020-11-26 14:13 - 2020-11-26 14:13 - 002451076 _____ C:\Users\Karol\Downloads\Belgium Pro League SS´19-20.rar 2020-11-26 14:13 - 2020-11-26 14:13 - 002451076 _____ C:\Users\Karol\Downloads\Belgium Pro League SS´19-20 (1).rar 2020-11-26 14:12 - 2020-11-26 14:12 - 003215374 _____ C:\Users\Karol\Downloads\2 Spain Liga SmartBank SS´19-20.rar 2020-11-26 14:09 - 2020-11-26 14:09 - 011540335 _____ C:\Users\Karol\Downloads\Italy Serie A SS'19-20.rar 2020-11-26 14:08 - 2020-11-26 14:08 - 003520122 _____ C:\Users\Karol\Downloads\Ligue 1 SS´19-20.rar 2020-11-26 14:06 - 2020-11-26 14:06 - 009654368 _____ C:\Users\Karol\Downloads\1 bund 19-20.rar 2020-11-26 14:06 - 2020-11-26 14:06 - 000977336 _____ (WinZip Computing) C:\Users\Karol\Downloads\winzip25-mf.exe 2020-11-22 22:10 - 2020-11-22 22:10 - 000084080 _____ C:\Users\Karol\Downloads\Bury Tomorrow - Black Flame.gp5 2020-11-13 12:57 - 2020-11-13 12:57 - 000000000 ____D C:\Users\Default\AppData\Local\Google 2020-11-13 12:57 - 2020-11-13 12:57 - 000000000 ____D C:\Users\Default User\AppData\Local\Google 2020-11-12 21:27 - 2020-11-12 21:28 - 000137801 _____ C:\Users\Karol\Desktop\pokrzy punk.gp 2020-11-12 20:54 - 2020-11-12 20:54 - 000145765 _____ C:\Users\Karol\Desktop\mmmreb.gp 2020-11-12 12:38 - 2020-11-12 12:38 - 000003616 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2020-11-12 12:38 - 2020-11-12 12:38 - 000003370 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2020-11-12 12:38 - 2020-11-12 12:38 - 000000000 ____D C:\ProgramData\Intel 2020-11-12 12:37 - 2020-11-12 12:37 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2020-11-12 12:36 - 2020-11-12 12:36 - 002874520 _____ (Intel) C:\Users\Karol\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe 2020-11-12 12:34 - 2020-11-12 12:35 - 126208928 _____ (Intel) C:\Users\Karol\Downloads\win64_15.36.40.5162.exe 2020-11-12 11:56 - 2020-11-12 11:56 - 000014337 _____ C:\Users\Karol\Downloads\Gojira - Yellow Stone.gp5 2020-11-12 10:50 - 2020-11-12 11:03 - 000012723 _____ C:\Users\Karol\Desktop\jjj.gp5 2020-11-01 16:25 - 2020-11-01 16:25 - 000002136 _____ C:\Users\Public\Desktop\Epson Printer Connection Checker.lnk 2020-11-01 16:25 - 2020-11-01 16:25 - 000002136 _____ C:\ProgramData\Desktop\Epson Printer Connection Checker.lnk 2020-11-01 16:25 - 2020-11-01 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2020-11-01 16:25 - 2020-11-01 16:25 - 000000000 ____D C:\Program Files (x86)\EPSON Software 2020-11-01 16:23 - 2020-12-01 11:23 - 000000911 _____ C:\Windows\Tasks\EPSON L310 Series Update {BD2E0A2C-84DA-4219-9AF6-61860BD9823B}.job 2020-11-01 16:23 - 2020-11-01 16:23 - 000003978 _____ C:\Windows\system32\Tasks\EPSON L310 Series Update {BD2E0A2C-84DA-4219-9AF6-61860BD9823B} 2020-11-01 16:23 - 2020-11-01 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2020-11-01 16:23 - 2020-11-01 16:23 - 000000000 ____D C:\Program Files\Common Files\EPSON 2020-11-01 16:22 - 2014-03-05 04:06 - 000180224 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBN4E.DLL 2020-11-01 16:22 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BN4E.DLL 2020-11-01 16:22 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL 2020-11-01 16:19 - 2020-11-01 16:25 - 000000000 ____D C:\ProgramData\EPSON 2020-11-01 16:19 - 2020-11-01 16:19 - 032260096 _____ C:\Users\Karol\Downloads\epson513345eu.exe ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-01 11:45 - 2009-07-14 05:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-12-01 11:45 - 2009-07-14 05:45 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-12-01 11:43 - 2009-07-14 06:13 - 000006190 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-01 11:41 - 2018-02-13 11:32 - 000000000 ____D C:\Users\Karol 2020-12-01 11:37 - 2020-06-15 17:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-12-01 11:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-01 11:30 - 2018-03-17 10:13 - 000000000 ____D C:\Program Files\Office 2016 KMS Activator Ultimate v1.1 Final 2020-12-01 11:30 - 2018-02-19 11:45 - 000000000 ____D C:\Program Files (x86)\Guitar Pro 5 2020-12-01 08:13 - 2020-10-25 20:44 - 000000000 ___RD C:\Users\Karol\Google Drive 2020-12-01 08:05 - 2020-08-31 09:03 - 000000000 ____D C:\Users\Karol\AppData\LocalLow\Mozilla 2020-12-01 07:55 - 2020-08-31 09:03 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-12-01 07:55 - 2020-08-31 09:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-12-01 07:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-12-01 07:37 - 2020-04-02 12:43 - 000000000 ____D C:\Users\Karol\.gstreamer-0.10 2020-12-01 07:37 - 2020-04-02 12:42 - 000000000 ____D C:\Users\Karol\AppData\Local\ChomikBox 2020-12-01 07:36 - 2020-06-15 17:34 - 000000000 ____D C:\Users\Karol\AppData\Roaming\TeamViewer 2020-12-01 07:36 - 2018-02-13 12:37 - 000000000 ____D C:\Users\Karol\AppData\Roaming\uTorrent 2020-11-30 10:54 - 2020-09-21 10:05 - 000000081 _____ C:\Users\Karol\AppData\Local\.bidstack.fault 2020-11-30 09:45 - 2020-03-26 10:23 - 000000000 ____D C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sports Interactive 2020-11-26 09:00 - 2018-03-09 09:02 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-11-26 08:59 - 2018-03-09 09:01 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-11-19 18:54 - 2020-10-03 10:04 - 000030676 _____ C:\Users\Karol\Desktop\gjgjghjgh.gp5 2020-11-19 18:33 - 2018-02-13 11:56 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-19 18:33 - 2018-02-13 11:56 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-11-19 18:33 - 2018-02-13 11:56 - 000002189 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-11-13 22:43 - 2018-02-17 12:56 - 000000000 ____D C:\Users\Karol\AppData\Local\Spotify 2020-11-13 22:10 - 2018-02-17 12:55 - 000000000 ____D C:\Users\Karol\AppData\Roaming\Spotify 2020-11-13 12:58 - 2020-10-25 20:40 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk 2020-11-13 12:58 - 2020-10-25 20:40 - 000002000 _____ C:\ProgramData\Desktop\Google Slides.lnk 2020-11-13 12:58 - 2020-10-25 20:40 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2020-11-13 12:58 - 2020-10-25 20:40 - 000001998 _____ C:\ProgramData\Desktop\Google Sheets.lnk 2020-11-13 12:58 - 2020-10-25 20:40 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk 2020-11-13 12:58 - 2020-10-25 20:40 - 000001988 _____ C:\ProgramData\Desktop\Google Docs.lnk 2020-11-13 12:58 - 2020-10-25 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2020-11-12 12:38 - 2019-09-12 11:33 - 000000000 ____D C:\ProgramData\Package Cache 2020-11-12 12:38 - 2019-09-01 12:34 - 000000000 ____D C:\Program Files\Intel 2020-11-12 12:37 - 2018-02-13 12:14 - 000000000 ____D C:\Program Files (x86)\Intel 2020-11-12 09:39 - 2020-10-12 19:14 - 000133482 _____ C:\Users\Karol\Desktop\poprawka 2.gp 2020-11-01 16:27 - 2020-07-08 20:25 - 000000000 ____D C:\ProgramData\Napisy24 2020-11-01 16:10 - 2020-05-15 19:29 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update ==================== Files in the root of some directories ======== 2020-12-01 07:19 - 2020-12-01 07:19 - 000000024 _____ () C:\ProgramData\37823.bat 2020-12-01 07:19 - 2020-12-01 07:19 - 000000024 _____ () C:\ProgramData\72690.bat 2020-03-06 10:41 - 2020-03-16 15:08 - 000000016 _____ () C:\Users\Karol\AppData\Roaming\msregsvv.dll 2020-09-21 10:05 - 2020-11-30 10:54 - 000000081 _____ () C:\Users\Karol\AppData\Local\.bidstack.fault 2020-09-16 13:29 - 2020-09-16 13:29 - 000000852 _____ () C:\Users\Karol\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-11-24 15:23 ==================== End of FRST.txt ========================