Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Ran by Bludky (administrator) on DESKTOP-104HI1H (ASUSTeK COMPUTER INC. X540LJ) (08-12-2021 19:36:41)
Running from C:\Users\42072\Desktop
Loaded Profiles: Bludky
Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <32>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <14>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\42072\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts) [File not signed]
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144816 2021-07-02] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [AvastBrowserAutoLaunch_988D95427FB65238C7030F978ADAE91F] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-13] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\42072\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.0.13177.56\Installer\chrmstp.exe [2021-12-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F076C45-06CB-41D1-86F4-3C7DABC169C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8386448 2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {21D0035F-0571-43A3-8929-21651352DD25} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-13] (Avast Software s.r.o. -> AVAST Software)
Task: {2467DF1E-0FD0-4B11-BF1A-EFE4AF9CFB61} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
Task: {25A5C6D1-9C85-4C02-9D97-F632EA25ED26} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {28DDBBD5-47BA-476D-8AE9-5C8773BEDF68} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {292A3676-B930-4D83-93ED-7ABFA114E308} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4974872 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
Task: {33DA3567-FA57-49AC-9F0F-646A4AC6B39C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {3D68CFF6-0BE0-4A05-9205-DA524C1B19C7} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {40FC4039-7412-461A-AF6F-45A8A21A5897} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
Task: {496288AE-469C-411F-B6ED-D44C043DFB41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {50F6772F-BAD2-4671-97C8-16DDC7E7358A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-24] (Google LLC -> Google LLC)
Task: {5314CFB4-D342-4C3A-9B72-361B1A05F24D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {6B4E212A-010D-4529-BA23-EEB69EC488A6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\bookingDesktopAppUpdateTaskMachineCore" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\bookingDesktopAppUpdateTaskMachineUA" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6c9b883ea0d33" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3456692171-1342812710-3318875897-1001" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {7F43F8A4-266D-4FCB-AEA2-B26F55FF344C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {81BFEB18-F18A-4F22-89A1-C5D4865AD472} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-24] (Google LLC -> Google LLC)
Task: {94EA0959-5597-42BD-8CDA-AA1F480A94DB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-13] (Avast Software s.r.o. -> AVAST Software)
Task: {9F7CC6B5-EA45-458D-BC6A-284471734E20} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF2BAA3A-2F92-49B8-A938-768EEE049FCB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139656 2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF3C73B0-DDBE-4EDA-9D07-DD3D1333C009} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8386448 2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E970CF52-2BDB-4454-A61D-3F28ADB27631} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139656 2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC48F1D1-DEB5-4548-B757-3D653DA74EB6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9E13665-B9B2-49E4-94CE-602BE92498FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-03] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{988af48c-36b8-4413-9eb9-1269fe5b12e0}: [DhcpNameServer] 10.0.1.138

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42072\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-08]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\42072\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2021-11-18]
Edge Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\42072\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2021-11-18]

FireFox:
========
FF DefaultProfile: 24t5r618.default
FF ProfilePath: C:\Users\42072\AppData\Roaming\Mozilla\Firefox\Profiles\24t5r618.default [2021-09-20]
FF ProfilePath: C:\Users\42072\AppData\Roaming\Mozilla\Firefox\Profiles\kuv296be.default-release [2021-09-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-16] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-16] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-28] (Avast Software s.r.o. -> AVAST Software)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default [2021-12-08]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-12-01]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-01]
CHR Profile: C:\Users\42072\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-20]
CHR Profile: C:\Users\42072\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8376400 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [680728 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1700632 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [427800 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.0.13177.56\elevation_service.exe [1721904 2021-11-22] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9708440 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-12-08] (McAfee, LLC -> McAfee, LLC)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_hola_org; "C:/Program Files/Hola/app/net_updater64.exe" --updater win_hola.org [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [140032 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35704 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222112 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-11-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538976 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852216 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557648 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214384 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2021-11-18] (Avast Software s.r.o. -> AVAST Software)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-03-19] (TEFINCOM S.A. -> )
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-04-12] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ObDrvMonPCRSrv; \??\C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-08 15:53 - 2021-12-08 16:27 - 000000000 ___RD C:\Users\42072\Desktop\IVT_MSOFFICE_5_Word_Ukol
2021-11-28 17:44 - 2021-11-28 18:09 - 000000000 ____D C:\Users\42072\AppData\Local\Notepad
2021-11-23 19:25 - 2021-11-23 19:25 - 003555043 _____ C:\Users\42072\Downloads\ZDN,_Šíření_nákazy.zip
2021-11-23 18:06 - 2021-11-23 18:06 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-11-23 18:06 - 2021-11-23 18:06 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-23 18:05 - 2021-11-23 18:05 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-11-23 18:05 - 2021-11-23 18:05 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-23 18:05 - 2021-11-23 18:05 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-11-23 18:05 - 2021-11-23 18:05 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-23 18:04 - 2021-11-23 18:04 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-11-23 18:04 - 2021-11-23 18:04 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-23 17:51 - 2021-11-23 17:51 - 000000000 ___HD C:\$WinREAgent
2021-11-23 17:44 - 2021-11-23 17:44 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-23 17:44 - 2021-11-23 17:44 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-18 09:28 - 2021-11-18 09:28 - 000163764 _____ C:\Users\42072\Downloads\Nejstarší památky literatury světové a naší.pdf
2021-11-18 08:56 - 2021-12-01 11:38 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-18 08:56 - 2021-12-01 11:38 - 000003238 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-18 08:15 - 2021-11-18 08:15 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-11-18 08:15 - 2021-11-18 08:15 - 000214384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-08 19:37 - 2021-07-11 11:29 - 000025321 _____ C:\Users\42072\Desktop\FRST.txt
2021-12-08 19:37 - 2020-08-13 12:36 - 000000000 ____D C:\FRST
2021-12-08 19:35 - 2021-09-20 15:08 - 000000000 ____D C:\Users\42072\Desktop\FRST-OlderVersion
2021-12-08 19:35 - 2021-07-11 11:00 - 002311168 _____ (Farbar) C:\Users\42072\Desktop\FRST64.exe
2021-12-08 19:30 - 2020-12-03 22:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-08 17:36 - 2020-01-31 15:02 - 000000000 ____D C:\ProgramData\Origin
2021-12-08 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-08 15:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-08 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-08 13:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-08 13:04 - 2021-03-15 09:57 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-08 09:45 - 2020-01-24 20:42 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-12-08 09:45 - 2020-01-24 20:42 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-12-08 09:43 - 2020-12-03 22:13 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-01 11:38 - 2021-01-14 09:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c9b883ea0d33
2021-12-01 11:38 - 2020-12-03 22:13 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-01 11:38 - 2020-12-03 22:13 - 000003536 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2021-12-01 11:38 - 2020-12-03 22:13 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-01 11:38 - 2020-12-03 22:13 - 000003312 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2021-12-01 11:38 - 2020-12-03 22:13 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-12-01 11:38 - 2020-12-03 22:13 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3456692171-1342812710-3318875897-1001
2021-12-01 11:38 - 2020-12-03 22:13 - 000002406 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-12-01 11:38 - 2020-12-03 22:13 - 000002362 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-12-01 11:38 - 2020-12-03 22:13 - 000002298 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-12-01 11:38 - 2020-12-03 22:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-12-01 11:06 - 2020-04-25 12:50 - 000000000 ____D C:\Program Files\CCleaner
2021-12-01 11:06 - 2020-01-24 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-01 11:04 - 2020-12-03 22:12 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-01 11:04 - 2019-12-07 15:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-01 11:04 - 2019-12-07 15:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-01 10:59 - 2020-08-11 09:57 - 000000000 ____D C:\Users\42072\AppData\Local\Origin
2021-12-01 10:58 - 2020-08-11 09:57 - 000000000 ____D C:\Users\42072\AppData\Roaming\Origin
2021-12-01 10:57 - 2020-12-03 22:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-01 10:57 - 2020-12-03 22:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-01 10:57 - 2020-01-24 20:19 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-01 10:57 - 2020-01-24 15:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-12-01 10:57 - 2020-01-24 15:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-01 10:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-12-01 10:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-28 19:41 - 2020-08-11 10:04 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-11-28 18:15 - 2020-06-04 19:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-28 18:15 - 2020-06-04 19:12 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-28 17:48 - 2020-01-24 20:29 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-11-28 17:48 - 2020-01-24 20:29 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-11-28 17:47 - 2020-12-03 22:03 - 000438944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-11-28 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-28 17:45 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-23 18:12 - 2020-01-24 15:32 - 000000000 ____D C:\ProgramData\Packages
2021-11-23 18:12 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-23 17:50 - 2020-10-05 18:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-23 17:48 - 2020-01-24 15:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-23 17:46 - 2020-01-24 15:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-11-23 17:45 - 2020-01-24 15:59 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-19 09:11 - 2020-12-03 22:05 - 000002381 _____ C:\Users\42072\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-19 09:10 - 2020-01-24 20:23 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-11-18 09:50 - 2020-01-24 15:27 - 000000000 ____D C:\Users\42072\AppData\Local\Packages
2021-11-18 09:07 - 2020-01-24 15:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-18 09:07 - 2020-01-24 15:48 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-18 08:16 - 2020-01-24 20:23 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-11-18 08:15 - 2020-10-17 12:19 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-11-18 08:15 - 2020-04-01 12:57 - 000538976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000852216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000557648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000222112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-11-18 08:15 - 2020-01-24 20:23 - 000035704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-11-18 08:15 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories ========

2020-05-21 19:33 - 2020-05-21 19:33 - 000002850 _____ () C:\Users\42072\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================