Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-02-2021
Ran by p-mar (administrator) on LAPTOP-36VMAMV7 (HP HP 250 G7 Notebook PC) (07-02-2021 12:45:58)
Running from C:\Users\p-mar\AppData\Local\Temp\scoped_dir16664_112868203
Loaded Profiles: p-mar
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AltStore LLC) [File not signed] C:\Program Files (x86)\AltServer\AltServer.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\p-mar\AppData\Roaming\BitTorrent Web\helper\helper.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\Provider Data Sources\ProcInfo\ProcInfo.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\TouchpointAnalyticsClient.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\TouchpointGpuInfo.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577475639d32bfed\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d70b02a5a438df3c\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4957b81ece94b98c\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4957b81ece94b98c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5df9b820083f7f5c\RstMwService.exe
(Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\btweb.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Opera Software AS -> Opera Software) C:\Users\p-mar\AppData\Local\Programs\Opera\73.0.3856.344\opera.exe <15>
(Opera Software AS -> Opera Software) C:\Users\p-mar\AppData\Local\Programs\Opera\73.0.3856.344\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe
(Xiaomi Technology Inc -> ) C:\Users\p-mar\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [1000736 2019-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\UniConverter\WSVCUUpdateHelper.exe [34736 2020-11-20] (Wondershare Technology Co.,Ltd -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\Run: [btweb] => C:\Users\p-mar\AppData\Roaming\BitTorrent Web\btweb.exe [5691520 2020-12-18] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\Run: [MiPhoneManager] => C:\Users\p-mar\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] (Xiaomi Technology Inc -> )
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\Run: [Opera Browser Assistant] => C:\Users\p-mar\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\Run: [AltServer] => C:\Program Files (x86)\AltServer\AltServer.exe [1736704 2020-11-11] (AltStore LLC) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0178DA4D-8E80-4020-8FB9-FA9C66611B08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {12CCFA2C-4D45-4B38-B901-569D267C86F2} - System32\Tasks\Opera scheduled assistant Autoupdate 1582731757 => C:\Users\p-mar\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\p-mar\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {165C107E-1AFA-4A57-BD06-F69F45136C94} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {3F044BF0-05A1-4D26-A09E-9786F12070D2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {49F0DDCB-EC4A-4370-BF3E-433087BB6E6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-03] (HP Inc. -> HP Inc.)
Task: {5677795A-EB3F-4B4E-8E90-057C5B1C6A2D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\BlueStacksHelper" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\HPAudioSwitch" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-294003421-4142935270-3595641249-1001" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-294003421-4142935270-3595641249-500" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1582731757" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1577208121" /ENABLE
Task: {6DD6BBBE-F683-49E8-8C79-803DF2AAA222} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {899BF946-2320-4F86-86DA-FAC99D4B8460} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {96E6AE35-D166-490F-99A1-565D55514771} - System32\Tasks\Opera scheduled Autoupdate 1577208121 => c:\users\p-mar\appdata\local\programs\opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {97A04C80-7BD8-4A51-946C-AB915C5A1F2F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2021-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9895304C-BC03-460F-962B-B35E3BF57096} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {A0AC98A6-48F5-4A61-8FCC-36AB0755CA3F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E20BBD2A-AB45-4427-8279-DF6F8669FE22} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {E4BE8598-D00B-4D21-A23E-CC9E2056A990} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5332904 2021-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7612C09-3BAC-478C-9391-C8D89626E1F2} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {ECA66C41-965D-45AD-B549-7F9C1CA56CFD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F668BCBD-C266-4FFE-BCA8-7DB8486D8885} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {F8B3DDEA-FD79-4475-B47D-42CF41677315} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.101.1
Tcpip\..\Interfaces\{992ca9c1-b770-49f6-9d0e-cc29b3f9a0be}: [DhcpNameServer] 192.168.101.1

Edge: 
=======
Edge Profile: C:\Users\p-mar\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-07]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Opera: 
=======
OPR Profile: C:\Users\p-mar\AppData\Roaming\Opera Software\Opera Stable [2021-02-07]
OPR Notifications: Opera Stable -> hxxps://best.aliexpress.com; hxxps://www.aliexpress.com
OPR Extension: (Rich Hints Agent) - C:\Users\p-mar\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\p-mar\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-02-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\AppHelperCap.exe [694520 2020-12-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\NetworkCap.exe [692984 2020-12-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\SysInfoCap.exe [693496 2020-12-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_a7be790d73ea14eb\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-06-04] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 ElevationService; C:\Program Files (x86)\Wondershare\MobileTransPro\ElevationService.exe [X]
S3 WsDrvInst; "C:\Program Files (x86)\iSkysoft\UniConverter(IS)\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\windows\system32\drivers\AmUStorU.sys [143904 2020-05-12] (Alcorlink Corp. -> )
S3 AppleKmdfFilter; C:\windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [36792 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [208672 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [332880 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [247888 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [97360 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16832 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42424 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [176384 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [522480 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [108928 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84496 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851256 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [468888 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [231936 2019-12-29] (Microsoft Corporation) [File not signed]
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 qcusbnet; C:\windows\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [237832 2020-06-04] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\windows\system32\DRIVERS\VBoxNetLwf.sys [247232 2020-06-04] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [45664 2020-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [355760 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
U1 aswbdisk; no ImagePath
U3 avgbdisk; no ImagePath
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S3 WinRing0_1_2_0; \??\C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\OpenHardwareMonitorLib.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-07 12:45 - 2021-02-07 12:46 - 000000000 ____D C:\FRST
2021-02-07 12:45 - 2021-02-07 12:45 - 002297856 _____ (Farbar) C:\Users\p-mar\Desktop\FRST64.exe
2021-02-07 12:45 - 2021-02-07 12:45 - 000000000 ____D C:\Users\p-mar\Desktop\Bordel
2021-01-23 12:41 - 2021-01-23 12:41 - 000002979 _____ C:\Users\p-mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AltServer.lnk
2021-01-23 12:41 - 2021-01-23 12:41 - 000000000 ____D C:\Program Files (x86)\AltServer
2021-01-23 12:39 - 2021-01-23 12:39 - 006576860 _____ C:\Users\p-mar\Downloads\altinstaller.zip
2021-01-16 10:49 - 2021-01-16 10:49 - 000576512 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2021-01-16 10:49 - 2021-01-16 10:49 - 000568320 _____ (Microsoft Corporation) C:\windows\system32\PhotoScreensaver.scr
2021-01-16 10:49 - 2021-01-16 10:49 - 000500224 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoScreensaver.scr
2021-01-16 10:49 - 2021-01-16 10:49 - 000455680 _____ (Microsoft Corporation) C:\windows\SysWOW64\appwiz.cpl
2021-01-16 10:49 - 2021-01-16 10:49 - 000294912 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2021-01-16 10:49 - 2021-01-16 10:49 - 000233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2021-01-16 10:49 - 2021-01-16 10:49 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\VBICodec.ax
2021-01-16 10:49 - 2021-01-16 10:49 - 000135168 _____ (Microsoft Corporation) C:\windows\SysWOW64\VBICodec.ax
2021-01-16 10:49 - 2021-01-16 10:49 - 000094720 _____ C:\windows\system32\VirtualMonitorManager.dll
2021-01-16 10:49 - 2021-01-16 10:49 - 000083968 _____ (Microsoft Corporation) C:\windows\system32\wscui.cpl
2021-01-16 10:49 - 2021-01-16 10:49 - 000072704 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2021-01-16 10:49 - 2021-01-16 10:49 - 000067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscui.cpl
2021-01-16 10:49 - 2021-01-16 10:49 - 000053248 _____ C:\windows\SysWOW64\BWContextHandler.dll
2021-01-16 10:48 - 2021-01-16 10:48 - 001101312 _____ C:\windows\SysWOW64\TextInputMethodFormatter.dll
2021-01-16 10:48 - 2021-01-16 10:48 - 000696832 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2021-01-16 10:48 - 2021-01-16 10:48 - 000555008 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
2021-01-16 10:48 - 2021-01-16 10:48 - 000458240 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmsys.cpl
2021-01-16 10:48 - 2021-01-16 10:48 - 000208384 _____ C:\windows\SysWOW64\HeatCore.dll
2021-01-16 10:48 - 2021-01-16 10:48 - 000167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2021-01-16 10:48 - 2021-01-16 10:48 - 000086016 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2021-01-16 10:48 - 2021-01-16 10:48 - 000067072 _____ C:\windows\system32\BWContextHandler.dll
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth9.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth18.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth17.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth16.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth15.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth12.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth11.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth10.bin
2021-01-16 10:48 - 2021-01-16 10:48 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin
2021-01-15 19:04 - 2021-01-15 19:04 - 000415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2021-01-15 19:04 - 2021-01-15 19:04 - 000331264 _____ C:\windows\SysWOW64\ssdm.dll
2021-01-15 19:04 - 2021-01-15 19:04 - 000184320 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2021-01-15 19:03 - 2021-01-15 19:03 - 002590720 _____ C:\windows\system32\dwmscene.dll
2021-01-15 19:03 - 2021-01-15 19:03 - 001841152 _____ C:\windows\system32\TextInputMethodFormatter.dll
2021-01-15 19:03 - 2021-01-15 19:03 - 000549888 _____ (Microsoft Corporation) C:\windows\system32\mmsys.cpl
2021-01-15 19:03 - 2021-01-15 19:03 - 000540672 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2021-01-15 19:03 - 2021-01-15 19:03 - 000453632 _____ C:\windows\system32\ssdm.dll
2021-01-15 19:03 - 2021-01-15 19:03 - 000266752 _____ C:\windows\system32\HeatCore.dll
2021-01-15 19:03 - 2021-01-15 19:03 - 000235520 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2021-01-15 19:03 - 2021-01-15 19:03 - 000208896 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2021-01-15 19:03 - 2021-01-15 19:03 - 000186368 _____ C:\windows\system32\BthpanContextHandler.dll
2021-01-15 19:03 - 2021-01-15 19:03 - 000164864 _____ C:\windows\system32\DataStoreCacheDumpTool.exe
2021-01-15 19:03 - 2021-01-15 19:03 - 000061440 _____ C:\windows\system32\rdsxvmaudio.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-07 12:40 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-07 12:40 - 2019-03-19 05:52 - 000000000 ____D C:\windows\AppReadiness
2021-02-07 12:36 - 2019-12-24 18:37 - 000000000 ____D C:\Program Files\CCleaner
2021-02-07 12:34 - 2020-08-01 13:29 - 000000000 ____D C:\Users\p-mar\AppData\Roaming\BitTorrent Web
2021-02-07 12:34 - 2020-07-19 17:12 - 000000000 ____D C:\Users\p-mar\AppData\Local\CrashDumps
2021-02-07 12:34 - 2020-07-18 15:05 - 000000000 ____D C:\Users\p-mar\AppData\Local\BitTorrentHelper
2021-02-07 12:34 - 2020-06-12 10:58 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-07 12:34 - 2020-06-12 10:58 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-07 12:33 - 2019-12-24 18:08 - 000000000 __SHD C:\Users\p-mar\IntelGraphicsProfiles
2021-02-05 14:45 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-02 12:31 - 2019-04-15 16:38 - 000000000 ____D C:\windows\system32\SleepStudy
2021-01-26 17:34 - 2019-05-09 07:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-01-26 17:29 - 2019-03-19 05:50 - 000000000 ____D C:\windows\INF
2021-01-24 15:25 - 2019-05-09 16:26 - 000686306 _____ C:\windows\system32\perfh005.dat
2021-01-24 15:25 - 2019-05-09 16:26 - 000138470 _____ C:\windows\system32\perfc005.dat
2021-01-24 15:25 - 2019-05-09 07:14 - 001659978 _____ C:\windows\system32\PerfStringBackup.INI
2021-01-23 12:47 - 2020-07-18 15:05 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-23 12:45 - 2019-10-31 01:49 - 000000000 ____D C:\Intel
2021-01-23 12:45 - 2019-04-15 16:38 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-01-23 12:45 - 2019-03-19 05:37 - 000786432 _____ C:\windows\system32\config\BBI
2021-01-21 17:23 - 2020-06-12 10:58 - 000003584 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-21 17:23 - 2020-06-12 10:58 - 000003460 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-17 14:48 - 2019-03-19 05:52 - 000000000 ____D C:\windows\LiveKernelReports
2021-01-17 14:03 - 2020-01-03 16:16 - 000001412 _____ C:\Users\p-mar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-01-17 14:03 - 2019-12-24 18:22 - 000004210 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1577208121
2021-01-16 12:53 - 2019-12-24 18:08 - 000000000 ___RD C:\Users\p-mar\3D Objects
2021-01-16 12:53 - 2019-04-15 16:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-16 12:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2021-01-16 12:50 - 2019-04-15 16:38 - 000581064 _____ C:\windows\system32\FNTCACHE.DAT
2021-01-16 11:52 - 2019-10-31 10:22 - 000000000 ____D C:\windows\HoloShell
2021-01-16 11:52 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-16 11:52 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ___SD C:\windows\SysWOW64\F12
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ___SD C:\windows\SysWOW64\DiagSvcs
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ___SD C:\windows\system32\UNP
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ___SD C:\windows\system32\F12
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ___SD C:\windows\system32\DiagSvcs
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ___RD C:\windows\PrintDialog
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SysWOW64\setup
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SysWOW64\PerceptionSimulation
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SysWOW64\Dism
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SysWOW64\Com
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SysWOW64\AdvancedInstallers
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SystemResources
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\SystemResetPlatform
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\setup
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\oobe
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\migwiz
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\Dism
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\Com
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\AdvancedInstallers
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\ShellExperiences
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\ShellComponents
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\Provisioning
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\IME
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\windows\bcastdvr
2021-01-16 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-16 10:59 - 2019-12-29 10:14 - 000000000 ____D C:\windows\system32\MRT
2021-01-16 10:59 - 2019-03-19 05:37 - 000000000 ____D C:\windows\CbsTemp
2021-01-16 10:51 - 2019-12-29 10:14 - 135062968 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2021-01-15 19:03 - 2019-04-15 16:41 - 002877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2021-01-14 17:01 - 2020-09-18 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-14 16:52 - 2019-12-24 18:55 - 000003946 _____ C:\windows\system32\Tasks\BlueStacksHelper
2021-01-14 16:50 - 2019-12-24 18:37 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2021-01-14 16:50 - 2019-12-24 18:11 - 000000000 ____D C:\Users\p-mar\AppData\Local\PlaceholderTileLogoFolder
2021-01-09 11:18 - 2020-07-18 15:06 - 000468888 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================