Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-01-2022 01
Ran by Bludky (administrator) on DESKTOP-104HI1H (ASUSTeK COMPUTER INC. X540LJ) (11-01-2022 10:38:50)
Running from C:\Users\42072\Desktop
Loaded Profiles: Bludky
Platform: Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <22>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <17>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\42072\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sindicate Entertainment) [File not signed] C:\Program Files (x86)\Ekura\ekura.exe <2>
(Sindicate) [File not signed] C:\Program Files (x86)\Ekura\ekura_launcher.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts) [File not signed]
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3145920 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [AvastBrowserAutoLaunch_988D95427FB65238C7030F978ADAE91F] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\42072\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-31] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\MountPoints2: {14f22f72-3eaa-11ea-94ed-806e6f6e6963} - "D:\Autorun.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Installer\chrmstp.exe [2021-12-27] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-01-03]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F9880A5-3FD0-4D03-8F93-885CFA01BE02} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {21D0035F-0571-43A3-8929-21651352DD25} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {2467DF1E-0FD0-4B11-BF1A-EFE4AF9CFB61} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
Task: {25A5C6D1-9C85-4C02-9D97-F632EA25ED26} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {2FDDE12B-B74F-434D-A7A1-3F96AD12B287} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
Task: {33DA3567-FA57-49AC-9F0F-646A4AC6B39C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
Task: {3D68CFF6-0BE0-4A05-9205-DA524C1B19C7} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {40FC4039-7412-461A-AF6F-45A8A21A5897} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
Task: {4F1BC313-0DC2-45B9-9004-7E952770DF04} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4760344 2022-01-03] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 92364edf-df63-404c-a10c-6c08209fbad3
Task: {50F6772F-BAD2-4671-97C8-16DDC7E7358A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-24] (Google LLC -> Google LLC)
Task: {5314CFB4-D342-4C3A-9B72-361B1A05F24D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {5F7D1B99-9B66-4557-BBD2-6C7D37615E6C} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1226520 2022-01-03] (Avast Software s.r.o. -> AVAST Software)
Task: {6B4E212A-010D-4529-BA23-EEB69EC488A6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7AEB4C41-4E4E-4728-98E9-8C15E1C307E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {81BFEB18-F18A-4F22-89A1-C5D4865AD472} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-24] (Google LLC -> Google LLC)
Task: {94EA0959-5597-42BD-8CDA-AA1F480A94DB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {BAFFF190-2C82-406F-A474-D635F435D97D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD68D6D2-20A4-4066-A65C-843CCB4CE950} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF42DD25-8446-4C25-8ECB-C0E3AF8D685B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\bookingDesktopAppUpdateTaskMachineCore" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\bookingDesktopAppUpdateTaskMachineUA" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6c9b883ea0d33" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\OneDrive Reporting Task-S-1-5-21-3456692171-1342812710-3318875897-1001" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3456692171-1342812710-3318875897-1001" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {C1419E14-9B91-4643-8A0F-AEA463D8101C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {C852CE04-2D4C-4B7D-A40B-5D52450E22BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {E392DAAD-DF6F-4C9A-93B1-48150355FB82} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6475544 2021-12-14] (Avast Software s.r.o. -> Avast Software)
Task: {E66497DB-8CA2-47B2-B3B9-11734231BAA1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC48F1D1-DEB5-4548-B757-3D653DA74EB6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9E13665-B9B2-49E4-94CE-602BE92498FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-03] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{988af48c-36b8-4413-9eb9-1269fe5b12e0}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{a8f1272f-b7fe-4e01-9902-73c5e8eeb886}: [NameServer] 100.120.168.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42072\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-09]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\42072\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2022-01-03]
Edge Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\42072\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2021-11-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 24t5r618.default
FF ProfilePath: C:\Users\42072\AppData\Roaming\Mozilla\Firefox\Profiles\24t5r618.default [2021-09-20]
FF ProfilePath: C:\Users\42072\AppData\Roaming\Mozilla\Firefox\Profiles\kuv296be.default-release [2022-01-11]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\42072\AppData\Roaming\Mozilla\Firefox\Profiles\kuv296be.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-01-11]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-16] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-03-16] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-28] (Avast Software s.r.o. -> AVAST Software)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default [2022-01-09]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-12-01]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42072\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-01]
CHR Profile: C:\Users\42072\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-20]
CHR Profile: C:\Users\42072\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1720088 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevation_service.exe [1721904 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-03-16] (bookingDesktopApp.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9708440 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2022-01-11] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-10] (McAfee, LLC -> McAfee, LLC)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2559704 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3477728 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9210136 2022-01-03] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_hola_org; "C:/Program Files/Hola/app/net_updater64.exe" --updater win_hola.org [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [140032 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2022-01-03] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-30] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [56960 2022-01-03] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2022-01-03] (Avast Software s.r.o. -> WireGuard LLC)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2022-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-03-19] (TEFINCOM S.A. -> )
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-04-12] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 ObDrvMonPCRSrv; \??\C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-11 04:54 - 2022-01-11 04:54 - 000005006 _____ C:\Users\42072\Desktop\AdwCleaner[C00].zip
2022-01-11 04:53 - 2022-01-11 04:53 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-01-11 04:41 - 2022-01-11 04:41 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-01-11 04:40 - 2022-01-11 04:40 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-01-11 04:31 - 2022-01-11 04:31 - 000000000 ____D C:\Users\42072\AppData\Local\mbam
2022-01-11 04:29 - 2022-01-11 04:29 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-01-11 04:29 - 2022-01-11 04:29 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-11 04:29 - 2022-01-11 04:29 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-11 04:29 - 2022-01-11 04:29 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-11 04:29 - 2022-01-11 04:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-11 04:29 - 2022-01-11 04:28 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-11 04:29 - 2022-01-11 04:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-01-11 04:27 - 2022-01-11 04:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-11 04:27 - 2022-01-11 04:27 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-11 04:24 - 2022-01-11 04:24 - 002910904 _____ (Malwarebytes) C:\Users\42072\Downloads\MBSetup.exe
2022-01-10 20:33 - 2022-01-10 20:33 - 000018495 _____ C:\Users\42072\Downloads\FRST02.zip
2022-01-10 20:32 - 2022-01-10 20:32 - 000018495 _____ C:\Users\42072\Desktop\FRST02.zip
2022-01-10 20:31 - 2022-01-10 20:31 - 000038267 _____ C:\Users\42072\Desktop\FRST02.txt
2022-01-10 20:31 - 2022-01-10 20:31 - 000035651 _____ C:\Users\42072\Desktop\Addition02.txt
2022-01-09 12:45 - 2022-01-09 12:45 - 000001969 _____ C:\Users\Public\Desktop\Ekura.lnk
2022-01-09 12:45 - 2022-01-09 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekura
2022-01-05 16:34 - 2022-01-05 16:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-01-03 04:02 - 2022-01-11 04:40 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2022-01-03 04:02 - 2022-01-03 04:02 - 000056960 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2022-01-03 04:02 - 2022-01-03 04:02 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2022-01-03 04:02 - 2022-01-03 04:02 - 000037104 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\aswWintun.sys
2022-01-03 04:02 - 2022-01-03 04:02 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-01-03 04:02 - 2022-01-03 04:02 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2022-01-03 04:02 - 2022-01-03 04:02 - 000002137 _____ C:\Users\Public\Desktop\Avast SecureLine VPN.lnk
2021-12-30 07:21 - 2021-12-30 07:21 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-30 07:21 - 2021-12-30 07:20 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-30 07:20 - 2021-12-30 07:20 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-29 21:25 - 2021-12-29 21:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-29 17:50 - 2021-12-29 17:50 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-29 17:50 - 2021-12-29 17:50 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-29 17:47 - 2021-12-29 17:47 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-29 17:47 - 2021-12-29 17:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-29 17:02 - 2021-12-29 17:02 - 000000000 ___HD C:\$WinREAgent
2021-12-27 16:16 - 2022-01-03 04:11 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-12-12 20:15 - 2021-12-12 20:15 - 000005641 _____ C:\Users\42072\Desktop\IVT_MSOFFICE_15_Word_Ukol.odt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-11 10:40 - 2021-07-11 11:29 - 000029750 _____ C:\Users\42072\Desktop\FRST.txt
2022-01-11 10:39 - 2020-08-13 12:36 - 000000000 ____D C:\FRST
2022-01-11 10:37 - 2020-12-03 22:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-11 09:48 - 2020-01-24 15:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-11 08:14 - 2021-12-11 20:50 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3456692171-1342812710-3318875897-1001
2022-01-11 08:14 - 2021-11-18 08:56 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-11 08:14 - 2021-11-18 08:56 - 000003238 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-11 08:14 - 2021-01-14 09:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c9b883ea0d33
2022-01-11 08:14 - 2020-12-03 22:13 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-11 08:14 - 2020-12-03 22:13 - 000003536 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2022-01-11 08:14 - 2020-12-03 22:13 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-11 08:14 - 2020-12-03 22:13 - 000003312 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2022-01-11 08:14 - 2020-12-03 22:13 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-11 08:14 - 2020-12-03 22:13 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3456692171-1342812710-3318875897-1001
2022-01-11 08:14 - 2020-12-03 22:13 - 000002406 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2022-01-11 08:14 - 2020-12-03 22:13 - 000002362 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-01-11 08:14 - 2020-12-03 22:13 - 000002298 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2022-01-11 08:14 - 2020-12-03 22:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-11 08:10 - 2020-08-11 10:04 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-01-11 08:10 - 2020-08-11 09:57 - 000000000 ____D C:\Users\42072\AppData\Roaming\Origin
2022-01-11 08:10 - 2020-01-31 15:02 - 000000000 ____D C:\ProgramData\Origin
2022-01-11 08:01 - 2020-08-11 09:57 - 000000000 ____D C:\Users\42072\AppData\Local\Origin
2022-01-11 07:58 - 2020-04-25 12:50 - 000000000 ____D C:\Program Files\CCleaner
2022-01-11 07:55 - 2020-12-03 22:13 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-11 04:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-11 04:47 - 2020-12-03 22:12 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-11 04:47 - 2019-12-07 15:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-11 04:47 - 2019-12-07 15:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-11 04:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-11 04:43 - 2020-08-11 10:03 - 000000000 ____D C:\Program Files (x86)\Origin
2022-01-11 04:40 - 2020-12-03 22:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-11 04:40 - 2020-01-24 20:19 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-11 04:40 - 2020-01-24 15:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-11 04:40 - 2020-01-24 15:21 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-11 04:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-11 04:39 - 2021-04-02 12:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-11 04:39 - 2020-12-03 22:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-11 04:39 - 2020-07-23 11:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-11 04:39 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-11 04:31 - 2020-07-23 11:06 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-11 04:30 - 2020-07-23 11:07 - 000000000 ____D C:\Users\42072\AppData\LocalLow\Mozilla
2022-01-11 04:29 - 2020-07-23 11:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-11 04:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-10 20:30 - 2021-07-11 11:29 - 000035651 _____ C:\Users\42072\Desktop\Addition.txt
2022-01-10 20:22 - 2021-09-20 15:08 - 000000000 ____D C:\Users\42072\Desktop\FRST-OlderVersion
2022-01-10 20:22 - 2021-07-11 11:00 - 002311680 _____ (Farbar) C:\Users\42072\Desktop\FRST64.exe
2022-01-09 13:16 - 2020-01-24 22:06 - 000000000 ____D C:\Program Files (x86)\Ekura
2022-01-09 12:11 - 2020-01-30 12:14 - 000000000 ____D C:\Users\42072\AppData\Local\CrashDumps
2022-01-09 12:08 - 2020-12-03 22:05 - 000000000 ____D C:\Users\42072
2022-01-08 19:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-08 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-08 14:11 - 2020-06-04 19:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-08 14:11 - 2020-06-04 19:12 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-03 04:02 - 2020-01-24 20:23 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2022-01-03 04:02 - 2020-01-24 20:19 - 000000000 ____D C:\Program Files\AVAST Software
2021-12-31 06:49 - 2021-03-15 21:35 - 000002368 _____ C:\Users\42072\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-12-31 06:49 - 2021-03-15 21:35 - 000002360 _____ C:\Users\42072\Desktop\Microsoft Teams.lnk
2021-12-30 07:20 - 2020-10-17 12:19 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-30 07:20 - 2020-04-01 12:57 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-30 07:20 - 2020-01-24 20:23 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-29 21:26 - 2020-12-03 22:03 - 000438944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-29 21:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-29 18:12 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-29 17:01 - 2020-01-24 15:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-29 16:58 - 2020-01-24 15:59 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-27 16:24 - 2021-03-15 09:57 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-27 15:59 - 2020-01-24 15:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-27 15:59 - 2020-01-24 15:48 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-27 15:57 - 2020-01-24 20:42 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-12-27 15:57 - 2020-01-24 20:42 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk

==================== Files in the root of some directories ========

2020-05-21 19:33 - 2020-05-21 19:33 - 000002850 _____ () C:\Users\42072\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================