Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01
Ran by jozef (administrator) on JOZEF-PC (LENOVO 20238) (21-04-2019 15:19:38)
Running from C:\Users\jozef\Downloads
Loaded Profiles: jozef (Available Profiles: jozef)
Platform: Windows 8 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-04-24] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-10-13] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-10-13] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-04-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [441856 2017-10-24] (Power Software Ltd) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Run: [uTorrent] => C:\Users\jozef\AppData\Roaming\uTorrent\uTorrent.exe [1998008 2019-03-23] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe --auto
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Run: [Akamai NetSession Interface] => C:\Users\jozef\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\MountPoints2: {35c4364b-c48c-11e6-be7c-f82fa8ff902c} - "F:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\...\MountPoints2: {c73ae8e4-c3c6-11e6-be7c-f82fa8ff902c} - "H:\Lenovo_Suite.exe" 
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\WINDOWS\system32\l3codecp.acm [175616 2012-07-26] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [215552 2012-07-26] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-19] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2013-04-23] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfCredProv.dll [2013-10-13] (Lenovo (Beijing) Limited -> ) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-10-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02EC97EE-F891-4E9E-A7CD-5A8A3EDDBB11} - System32\Tasks\Opera scheduled Autoupdate 1551975362 => C:\Users\jozef\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {043C0DC1-8AAF-416F-A3B5-81BCF74C19C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {0458F4B9-8479-4D19-8FA0-0F4E49DBBC20} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated)
Task: {0C304DC0-A2EF-4EB7-B1DB-CB90F2629F4A} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () [File not signed]
Task: {0E0E97B7-E2D8-454E-BE12-671E4C717E72} - System32\Tasks\Update\TslGame => cmd /c type "C:\Users\jozef\AppData\Local\Temp\TslGame.txt" | cmd <==== ATTENTION
Task: {1F5E1747-C93E-4148-96B7-D8E436156EAD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {365E0BF7-F59B-4ED7-B1C2-5DF8497B261B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
Task: {45E43152-7A91-4BE0-B406-4260E0890F13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {54A6E0B7-DDE2-4D54-84F1-D459540D58D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {57BC1288-8EB1-4095-92FD-6831774E2268} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {59BA8FB7-FC6D-4C43-BF73-2ABA79C630EC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5A678145-26DB-4AF1-ADCD-F191ADB6EA25} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7A7CF0C4-B7B6-47AF-83D6-0C2F90825EC3} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {80D57C0F-8C7C-4B9D-97DC-FD91B6386033} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {83B64013-4A9F-421C-8AF9-8AFA5389966C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {8C585372-FCC7-4A6A-B11D-B46122ACDC31} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {961404AD-98DB-4ABA-BF18-6EBC470BB107} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B5F13463-80FB-4E00-A86E-6B48487E40FB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BA08FE82-09F0-47DD-9AC1-E6804B2A3195} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BD676ABE-2DD4-4251-BFB2-6A4FBF89B2A7} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost
Task: {C030BFF3-2D84-4D73-82C2-DEE55C88ECD2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {C45FCE62-7D82-4125-9BF2-3F11ED79F712} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CE97EA58-65FB-4886-9CC3-0CDCE8E68E8B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe (Adobe Inc. -> Adobe)
Task: {D1EFA1D3-0049-4EB9-9D9F-21CD11768C2B} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe (Ratiborus MSFree Inc. -> MSFree Inc.) [File not signed]
Task: {E1F5ED36-4D49-42B5-B77D-621F8009D06C} - System32\Tasks\{B5089EC1-F0FE-4E43-8BF0-BC310C98A037} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\jozef\Desktop\Return-to-Castle-Wolfenstein_www.FreeGamesDL.net\Game\Setup.exe -d C:\Users\jozef\Desktop\Return-to-Castle-Wolfenstein_www.FreeGamesDL.net\Game

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2C100A8C-1E1B-46E0-A5F7-E74B23121933}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2C100A8C-1E1B-46E0-A5F7-E74B23121933}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DA77FF21-EFB6-4592-B024-4CE84D5CB4D8}: [DhcpNameServer] 150.100.0.10

Internet Explorer:
==================
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-3866944073-2003073622-1910257541-1001 -> DefaultScope {E0E0AE5A-7BCB-497D-B907-ADDA630F575F} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-19] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3866944073-2003073622-1910257541-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jozef\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3866944073-2003073622-1910257541-1001: SkypePlugin -> C:\Users\jozef\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3866944073-2003073622-1910257541-1001: SkypePlugin64 -> C:\Users\jozef\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Profile: C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default [2019-04-21]
CHR Extension: (Prezentácie) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-26]
CHR Extension: (Volanie cez Skype) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-05-06]
CHR Extension: (YouTube) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-26]
CHR Extension: (Tampermonkey) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-03-07]
CHR Extension: (Tabuľky) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (AdBlock) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-14]
CHR HKU\S-1-5-21-3866944073-2003073622-1910257541-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [241152 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-15] (BattlEye Innovations e.K. -> )
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959192 2013-04-23] (Broadcom Corporation -> Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082312 2019-04-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-01] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [8010968 2018-02-23] (Mail.Ru Games LLC -> LLC Mail.Ru)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-10-13] (Lenovo (Beijing) Limited -> )

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [11614208 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [578048 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36520 2012-09-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205608 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254408 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196304 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320904 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58168 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249152 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42496 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169104 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88152 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034640 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476264 2019-04-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220632 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380160 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [172760 2013-04-22] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [9500336 2013-04-27] (Broadcom Corporation -> Broadcom Corporation)
R3 btwampfl; C:\windows\system32\drivers\btwampfl.sys [165080 2013-02-27] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwaudio; C:\WINDOWS\system32\drivers\btwaudio.sys [186584 2013-04-23] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwavdt; C:\WINDOWS\System32\drivers\btwavdt.sys [228568 2013-04-23] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwl2cap; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [40248 2012-07-27] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTWPANFL; C:\windows\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [22744 2013-04-23] (Broadcom Corporation -> Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [4431840 2013-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [442368 2013-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [7238880 2018-02-23] (Mail.Ru Games LLC -> LLC Mail.Ru)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243144 2013-04-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-04] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapnordvpn; C:\WINDOWS\system32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (TEFINCOM S.A. -> The OpenVPN Project)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [1134048 2018-10-11] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 15:19 - 2019-04-21 15:20 - 000036106 _____ C:\Users\jozef\Downloads\FRST.txt
2019-04-21 15:19 - 2019-04-21 15:19 - 000000000 ____D C:\FRST
2019-04-21 15:18 - 2019-04-21 15:18 - 002435072 _____ (Farbar) C:\Users\jozef\Downloads\FRST64.exe
2019-04-20 10:27 - 2019-04-20 10:28 - 000000000 ____D C:\AdwCleaner
2019-04-20 10:26 - 2019-04-20 10:26 - 007025360 _____ (Malwarebytes) C:\Users\jozef\Desktop\adwcleaner_7.3.exe
2019-04-20 10:23 - 2019-04-20 10:24 - 000025669 _____ C:\Users\jozef\Downloads\LogsFRST.rar
2019-04-20 10:16 - 2019-04-20 10:16 - 000292184 _____ (Microsoft Corporation) C:\Users\jozef\Downloads\dxwebsetup.exe
2019-04-20 09:56 - 2019-04-20 09:56 - 000000000 ____D C:\Users\jozef\AppData\LocalLow\uTorrent
2019-04-19 19:05 - 2019-04-19 19:05 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000002383 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-04-19 19:05 - 2019-04-19 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-04-19 19:05 - 2019-04-19 19:01 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-05 17:27 - 2019-04-19 19:05 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-04-05 17:09 - 2019-04-05 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-04-05 17:09 - 2019-04-05 17:09 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2019-04-02 14:55 - 2019-04-02 14:55 - 000045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2019-03-30 13:07 - 2019-03-30 13:07 - 000000000 ____D C:\Users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-21 08:07 - 2018-11-11 14:18 - 000014356 _____ C:\WINDOWS\system32\perfh01B.dat
2019-04-21 08:07 - 2018-11-11 14:18 - 000004564 _____ C:\WINDOWS\system32\perfc01B.dat
2019-04-21 08:07 - 2013-10-13 05:18 - 000720234 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-21 08:07 - 2013-10-13 05:18 - 000148750 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-21 08:07 - 2012-07-26 09:28 - 001721906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-21 08:07 - 2012-07-26 07:37 - 000000000 ____D C:\WINDOWS\Inf
2019-04-21 08:06 - 2016-11-26 00:47 - 000000000 ____D C:\Users\jozef
2019-04-21 08:04 - 2017-03-06 20:48 - 000000000 ____D C:\Users\jozef\AppData\Local\CrashDumps
2019-04-21 08:04 - 2016-12-09 21:36 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-21 08:01 - 2018-12-31 16:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-04-21 08:01 - 2012-07-26 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-20 22:51 - 2013-10-13 05:21 - 000020992 _____ C:\WINDOWS\system32\VfService.trf
2019-04-20 14:52 - 2016-12-18 23:34 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3866944073-2003073622-1910257541-1001
2019-04-20 14:13 - 2019-03-07 18:16 - 000004070 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1551975362
2019-04-20 14:13 - 2018-12-23 19:55 - 000003730 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2019-04-20 14:13 - 2017-11-17 21:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-20 14:13 - 2017-10-26 22:40 - 000003218 _____ C:\WINDOWS\System32\Tasks\klcp_update
2019-04-20 14:13 - 2017-09-26 20:03 - 000004474 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-20 14:13 - 2017-09-26 20:03 - 000004324 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-20 14:13 - 2017-01-20 22:17 - 000003326 _____ C:\WINDOWS\System32\Tasks\{B5089EC1-F0FE-4E43-8BF0-BC310C98A037}
2019-04-20 14:13 - 2016-12-18 23:30 - 000003368 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-20 14:13 - 2016-12-18 23:30 - 000003240 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-20 14:13 - 2013-10-13 05:00 - 000002996 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2019-04-20 14:13 - 2013-10-13 04:56 - 000002986 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-04-20 14:01 - 2019-03-05 20:22 - 000000000 ____D C:\Users\jozef\Documents\Euro Truck Simulator 2
2019-04-20 10:28 - 2017-03-08 17:52 - 000001043 _____ C:\Users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-04-20 10:28 - 2012-07-26 07:26 - 001048576 ___SH C:\WINDOWS\system32\config\BBI
2019-04-20 10:18 - 2019-03-05 20:22 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2019-04-20 10:18 - 2019-03-05 20:22 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-04-20 10:04 - 2017-10-26 20:24 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-20 09:56 - 2016-12-19 15:38 - 000000000 ____D C:\Users\jozef\AppData\Local\LogMeIn Hamachi
2019-04-20 09:55 - 2016-12-03 20:56 - 000000000 ____D C:\Users\jozef\AppData\Roaming\uTorrent
2019-04-19 19:17 - 2018-12-23 19:55 - 000000000 ____D C:\ProgramData\KMSAutoS
2019-04-19 19:14 - 2016-12-19 15:23 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-19 19:14 - 2016-12-17 22:47 - 000000000 ____D C:\Users\jozef\AppData\Roaming\.minecraft
2019-04-19 19:14 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-19 19:14 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-19 19:07 - 2012-07-26 10:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-19 19:04 - 2018-12-23 19:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-19 18:58 - 2017-10-26 20:28 - 000476264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-07 18:48 - 2016-12-18 13:51 - 000000000 ____D C:\Counter-Strike 1.6
2019-04-05 18:38 - 2017-03-18 09:06 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2019-04-05 18:38 - 2017-03-18 09:06 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2019-04-05 17:09 - 2019-02-25 20:26 - 000000937 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2019-03-31 19:10 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-30 13:20 - 2016-12-05 21:45 - 000000000 ____D C:\Users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-30 13:20 - 2016-12-05 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-30 13:20 - 2016-12-05 21:45 - 000000000 ____D C:\Program Files (x86)\WinRAR

==================== Files in the root of some directories =======

2019-01-05 23:45 - 2019-01-06 00:24 - 000000132 _____ () C:\Users\jozef\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-12-17 23:15 - 2015-05-10 02:54 - 001036342 _____ () C:\Users\jozef\AppData\Roaming\Paintball-1.8.0v2.jar
2017-04-04 15:13 - 2017-04-04 15:13 - 000000000 _____ () C:\Users\jozef\AppData\Local\{5D298998-B279-4B6E-8C23-3C0FFDA58652}

Some files in TEMP:
====================
2018-12-07 22:34 - 2017-01-18 14:07 - 000021928 _____ (Autodesk, Inc.) C:\Users\jozef\AppData\Local\Temp\AcDeltree.exe
2017-02-04 20:11 - 2004-10-26 03:40 - 000684032 _____ (Electronic Arts Inc.) C:\Users\jozef\AppData\Local\Temp\AutoRun.exe
2017-02-04 20:11 - 2004-10-15 07:59 - 000577536 _____ (Electronic Arts Inc.) C:\Users\jozef\AppData\Local\Temp\AutoRunGUI.dll
2017-11-17 22:47 - 2017-11-17 22:47 - 000008720 _____ () C:\Users\jozef\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-11-17 22:48 - 2017-11-17 22:48 - 000012080 _____ () C:\Users\jozef\AppData\Local\Temp\BullseyeCoverage-x64-3.dll
2017-06-07 19:04 - 2017-06-07 19:04 - 000010520 _____ () C:\Users\jozef\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2019-03-14 20:51 - 2019-03-14 20:51 - 002398688 _____ (Flexera Software LLC) C:\Users\jozef\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2017-02-23 19:13 - 2017-02-23 19:13 - 034476088 _____ (Ellora Assets Corporation ) C:\Users\jozef\AppData\Local\Temp\FreemakeVideoConverterFull.exe
2018-04-29 08:05 - 2018-08-16 05:41 - 000450880 _____ (Garena Online ) C:\Users\jozef\AppData\Local\Temp\Garena.exe
2017-03-02 16:54 - 2017-03-02 16:54 - 001233422 _____ (AdworldInternet) C:\Users\jozef\AppData\Local\Temp\ICReinstall_Plants_vs_Zombies_0393256758.exe
2017-03-04 19:04 - 2017-03-04 19:04 - 000968264 _____ ( ) C:\Users\jozef\AppData\Local\Temp\ICReinstall_Registration code ufc undisputed 3 pc txtrar.exe
2017-05-03 14:16 - 2017-05-03 14:17 - 000739904 _____ (Oracle Corporation) C:\Users\jozef\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-09-30 15:42 - 2017-09-30 15:42 - 000740416 _____ (Oracle Corporation) C:\Users\jozef\AppData\Local\Temp\jre-8u144-windows-au.exe
2019-02-19 19:24 - 2019-02-19 19:24 - 001974624 _____ (Oracle Corporation) C:\Users\jozef\AppData\Local\Temp\jre-8u201-windows-au.exe
2018-03-11 14:08 - 2018-03-11 14:08 - 000023040 _____ () C:\Users\jozef\AppData\Local\Temp\LZMA.DLL
2017-08-13 13:48 - 2017-03-02 18:28 - 000101310 _____ () C:\Users\jozef\AppData\Local\Temp\Uninstall.exe
2017-04-03 08:32 - 2017-05-07 19:08 - 014456872 _____ (Microsoft Corporation) C:\Users\jozef\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-21 09:09
==================== End of FRST.txt ============================