Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by Tomáš Adámek (administrator) on DESKTOP-BFATTOP (ASUS System Product Name) (11-10-2020 19:50:54)
Running from C:\Users\Tomáš Adámek\Downloads
Loaded Profiles: Tomáš Adámek
Platform: Windows 10 Pro Version 1909 18363.1016 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\ArmouryIgoService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.86\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\ASUS\Turbo LAN\cfosspeed.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\ASUS\Turbo LAN\spd.exe
(DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_51074a304c325b5d\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c8b8557ba021734\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Tomáš Adámek\Downloads\AdwCleaner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Tomáš Adámek\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1002272 2019-11-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Turbo LAN] => C:\Program Files\ASUS\Turbo LAN\cFosSpeed.exe [2494280 2019-09-12] (cFos Software GmbH -> cFos Software GmbH)
HKLM\...\Run: [ACUW13EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe [2181632 2019-09-26] (ACD Systems) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-08-10] (ESET, spol. s r.o. -> ESET)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1834793490-2344326304-1945659354-1001\...\Run: [ACDSeeCommanderUltimate13] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe [5043200 2019-09-26] () [File not signed]
HKU\S-1-5-21-1834793490-2344326304-1945659354-1001\...\MountPoints2: {c995e704-e71e-11ea-bce1-806e6f6e6963} - "I:\Bin\Instv2.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {051A2C71-3308-49F6-911D-85BA8F90C6FB} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe [60408 2020-04-23] (ASUSTeK Computer Inc. -> )
Task: {20FCFEA8-6FFA-4DBA-BAF9-695A352867E6} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\windows\system32\launchwinapp.exe "http://www.cfos.de/cs/traffic-shaping/calibration-message.htm?reg-10.51.2342-asus&tsa="
Task: {3364F44F-FBAE-4792-B65D-8CA2DD24215E} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2020-02-11] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {34B081C0-D94C-4346-9D3F-F656EEDA1D0B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2162328 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {479B0205-8A8F-47B0-9A7D-DEEAC2EAA990} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1729736 2020-06-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {53837F41-B5CA-48DA-8E94-65A3272CC27D} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1509424 2019-07-18] (ASUSTeK Computer Inc. -> )
Task: {57DB478E-C70F-407F-AEAB-7C4A7277E221} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe
Task: {5867715B-A906-4751-A82D-0D8A8C8D51E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-08-25] (Google Inc -> Google Inc.)
Task: {65F71C30-C6DF-4E2B-9937-3F5E285F17C9} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-08-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {67C5D1BD-8254-465F-8382-BB5871F0C1BE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {6AB8F990-141A-48FE-BE98-FA9CE1C99C86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {70766266-4F52-4783-8BC1-8DA07FE8DB27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2020-08-25] (Google Inc -> Google Inc.)
Task: {B6864A5E-957C-4EA0-B28A-9C8C275ACF38} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe
Task: {B6B0B0D4-D21A-4EE7-91AA-51EF2D0765D9} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d67af1ae5a9e8c => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-08-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {C129D5C4-E4D2-4C8B-8D48-7A924277D095} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {C382B3CE-E9E7-412C-8092-A99846DEE42D} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-05-12] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D403315D-9226-4FA5-AD2E-E49F27AE78CE} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.5.39\WSCStub.exe
Task: {D65E5290-F77B-4E67-B811-737E45107932} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5733888 2020-09-01] () [File not signed]
Task: {DB95A437-E33A-4D41-82A7-51E35083C96C} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [46165960 2020-07-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {DEDB48B1-2F28-4903-8BBB-D16EA21783BB} - System32\Tasks\ASUS\ArmouryIgoService.exe => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\ArmouryIgoService.exe [1208592 2020-06-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {EE89A330-0425-4A65-A245-6C5FAE764366} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2112560 2020-01-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {F453FE9E-10F7-4E05-8618-ABC7705DDFEE} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe
Task: {F88C22F6-C604-4458-82D9-4ABD16F6E102} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1469288 2020-02-20] (ASUSTeK Computer Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{801282ec-187a-4381-ba8d-0d424cd4a201}: [DhcpNameServer] 192.168.10.1

Edge: 
======
Edge Profile: C:\Users\Tomáš Adámek\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-11]

FireFox:
========
FF DefaultProfile: 04cd7b5e.default
FF ProfilePath: C:\Users\Tomáš Adámek\AppData\Roaming\Mozilla\Firefox\Profiles\04cd7b5e.default [2020-08-31]
FF Homepage: Mozilla\Firefox\Profiles\04cd7b5e.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170702&iDate=2020-08-31 08:12:15&bName=
FF NewTab: Mozilla\Firefox\Profiles\04cd7b5e.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170702&iDate=2020-08-31 08:12:15&bName=
FF ProfilePath: C:\Users\Tomáš Adámek\AppData\Roaming\Mozilla\Firefox\Profiles\46wx3d5j.default-release [2020-10-11]
FF Homepage: Mozilla\Firefox\Profiles\46wx3d5j.default-release -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\46wx3d5j.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170702&iDate=2020-08-31 08:12:15&bName=
FF Extension: (uBlock Origin) - C:\Users\Tomáš Adámek\AppData\Roaming\Mozilla\Firefox\Profiles\46wx3d5j.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-10-07]
FF Extension: (ShopToWin4) - C:\Users\Tomáš Adámek\AppData\Roaming\Mozilla\Firefox\Profiles\46wx3d5j.default-release\Extensions\{6cbc25b0-0a52-11df-8a39-0800200c9a66}(2) [2020-08-31] [Legacy] [not signed]
FF Extension: (Zynga Community Toolbar) - C:\Users\Tomáš Adámek\AppData\Roaming\Mozilla\Firefox\Profiles\46wx3d5j.default-release\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}(2) [2020-08-31] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=3 -> C:\Program Files (x86)\ASUS\Update\1.3.107.31\npAsusUpdate3.dll [2020-09-15] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: @tools.asus.com/ASUS Update;version=9 -> C:\Program Files (x86)\ASUS\Update\1.3.107.31\npAsusUpdate3.dll [2020-09-15] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-10-11]

Chrome: 
=======
CHR Profile: C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default [2020-09-22]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-25]
CHR Extension: (Dokumenty) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-25]
CHR Extension: (Disk Google) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-08-25]
CHR Extension: (YouTube) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-25]
CHR Extension: (Tabulky) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-25]
CHR Extension: (Gmail) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš Adámek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [343008 2020-09-15] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.45\atkexComSvc.exe [442416 2020-06-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-08-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.86\AsusFanControlService.exe [2070576 2020-02-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-08-25] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1191040 2020-10-11] (ASUSTeK Computer Inc. -> )
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com)
R2 cFosSpeedS; C:\Program Files\ASUS\Turbo LAN\spd.exe [927560 2019-09-12] (cFos Software GmbH -> cFos Software GmbH)
R2 DTSAPO3Service; C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [223640 2019-09-03] (DTS, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-08-10] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-08-10] (ESET, spol. s r.o. -> ESET)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3001344 2020-09-02] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [2674320 2020-09-09] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S4 NortonSecurity; "C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe" /s "NortonSecurity" /m "C:\Program Files\Norton Security\Engine\22.20.5.39\diMaster.dll" /prefetch:1
S4 nsWscSvc; "C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 cFosSpeed; C:\Windows\system32\DRIVERS\cfosspeed6.sys [1600352 2019-09-12] (cFos Software GmbH -> cFos Software GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [158512 2020-08-10] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106640 2020-08-10] (ESET, spol. s r.o. -> ESET)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-08-31] (Symantec Corporation -> Broadcom)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [195976 2020-08-10] (ESET, spol. s r.o. -> ESET)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [116488 2020-08-10] (ESET, spol. s r.o. -> ESET)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-09-01] (Symantec Corporation -> Broadcom)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2020-01-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 SRTSP; C:\Windows\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99848 2020-08-25] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-24] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-24] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-24] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 BHDrvx64; \??\C:\Program Files\Norton Security\NortonData\22.19.8.65\Definitions\BASHDefs\20200908.003\BHDrvx64.sys [X]
S4 IDSVia64; \??\C:\Program Files\Norton Security\NortonData\22.19.8.65\Definitions\IPSDefs\20200909.001\IDSvia64.sys [X]
S3 SymEvnt; \??\C:\Program Files\Norton Security\NortonData\22.19.8.65\SymPlatform\SymEvnt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-11 19:51 - 2020-10-11 19:51 - 000002839 _____ C:\Users\Tomáš Adámek\Desktop\AdwCleaner[C00].txt
2020-10-11 19:50 - 2020-10-11 19:51 - 000025171 _____ C:\Users\Tomáš Adámek\Downloads\FRST.txt
2020-10-11 19:50 - 2020-10-11 19:51 - 000000000 ____D C:\FRST
2020-10-11 19:49 - 2020-10-11 19:49 - 002299392 _____ (Farbar) C:\Users\Tomáš Adámek\Downloads\FRST64.exe
2020-10-11 19:33 - 2020-10-11 19:33 - 008447152 _____ (Malwarebytes) C:\Users\Tomáš Adámek\Downloads\adwcleaner_8.0.8(1).exe
2020-10-11 19:19 - 2020-10-11 19:20 - 008447152 _____ (Malwarebytes) C:\Users\Tomáš Adámek\Downloads\AdwCleaner.exe
2020-10-11 19:07 - 2020-10-11 19:16 - 000000000 ____D C:\ESD
2020-10-11 19:03 - 2020-10-11 19:03 - 019445016 _____ (Microsoft Corporation) C:\Users\Tomáš Adámek\Downloads\MediaCreationTool2004.exe
2020-10-11 19:03 - 2020-10-11 19:03 - 000000000 ___HD C:\$Windows.~WS
2020-10-11 19:03 - 2020-10-11 19:03 - 000000000 ____D C:\$WINDOWS.~BT
2020-10-11 18:44 - 2020-10-11 18:45 - 000000000 ____D C:\AdwCleaner
2020-10-11 18:43 - 2020-10-11 18:43 - 008447152 _____ (Malwarebytes) C:\Users\Tomáš Adámek\Downloads\adwcleaner_8.0.8.exe
2020-10-11 12:57 - 2020-10-11 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-10-11 12:57 - 2020-10-11 12:57 - 000000000 ____D C:\ProgramData\ESET
2020-10-11 12:57 - 2020-10-11 12:57 - 000000000 ____D C:\Program Files\ESET
2020-10-11 12:54 - 2020-10-11 12:54 - 006333872 _____ (ESET) C:\Users\Tomáš Adámek\Downloads\eset_nod32_antivirus_live_installer.exe
2020-10-06 22:06 - 2020-10-06 22:12 - 000050688 _____ C:\Users\Tomáš Adámek\Desktop\20201005_FACR_seznam_clenu_emaily_NOK.xls
2020-10-04 22:33 - 2020-10-04 22:33 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-10-04 20:28 - 2020-10-05 20:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-30 19:38 - 2020-09-30 19:38 - 000271432 _____ C:\Users\Tomáš Adámek\Desktop\slevomat-cz-voucher-relax-v-beskydech-s-jidlem-i-neomezenym-wellness-4406632720N-760.pdf
2020-09-29 20:24 - 2020-10-05 20:11 - 000000012 _____ C:\Windows\system32\perfdish001.dat
2020-09-27 13:04 - 2020-09-27 13:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2020-09-12 13:15 - 2020-09-12 13:15 - 000000024 _____ C:\Windows\system32\WinUpdates105.dat
2020-09-12 13:15 - 2020-09-12 13:15 - 000000003 _____ C:\Windows\system32\wdbcache.tmp
2020-09-12 13:15 - 2018-04-29 17:27 - 000024512 _____ C:\Windows\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2020-09-11 21:50 - 2020-09-11 21:50 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-11 19:51 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-11 19:48 - 2020-09-04 20:20 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-11 19:48 - 2020-09-04 20:20 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-11 19:48 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\NDF
2020-10-11 19:47 - 2020-08-25 23:09 - 001694640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-11 19:47 - 2019-03-19 13:57 - 000717182 _____ C:\Windows\system32\perfh005.dat
2020-10-11 19:47 - 2019-03-19 13:57 - 000145262 _____ C:\Windows\system32\perfc005.dat
2020-10-11 19:47 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-10-11 19:42 - 2020-08-31 20:19 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\LocalLow\Mozilla
2020-10-11 19:41 - 2020-09-01 20:33 - 000003656 _____ C:\Windows\system32\Tasks\AutoKMS
2020-10-11 19:41 - 2020-08-25 23:03 - 001229576 _____ C:\Windows\system32\wpbbin.exe
2020-10-11 19:41 - 2020-08-25 23:03 - 001191040 _____ C:\Windows\system32\AsusUpdateCheck.exe
2020-10-11 19:41 - 2020-08-25 23:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-11 19:41 - 2020-08-25 23:03 - 000000000 ____D C:\ProgramData\ASUS
2020-10-11 19:41 - 2020-08-25 17:15 - 000000000 ____D C:\Intel
2020-10-11 19:40 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-10-11 19:16 - 2020-08-26 00:03 - 000000000 ____D C:\Windows\Panther
2020-10-11 19:08 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-10-11 18:45 - 2020-08-31 22:12 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\Roaming\Lavasoft
2020-10-11 18:45 - 2020-08-31 22:12 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\Local\Lavasoft
2020-10-11 18:45 - 2020-08-31 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-10-11 18:45 - 2020-08-31 22:12 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-10-11 18:45 - 2020-08-31 22:11 - 000000000 ____D C:\ProgramData\Lavasoft
2020-10-11 18:42 - 2020-09-02 21:12 - 000002672 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2020-10-11 12:58 - 2020-08-10 03:34 - 000015288 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2020-10-11 12:57 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-10-10 21:12 - 2020-08-31 22:22 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\Roaming\BitComet
2020-10-10 21:11 - 2020-08-25 23:03 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-10-10 17:48 - 2020-09-04 20:20 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-10 17:48 - 2020-09-04 20:20 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-07 22:31 - 2020-08-31 22:52 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\Roaming\vlc
2020-10-05 20:06 - 2020-08-31 20:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-04 22:33 - 2020-08-31 20:19 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-29 22:52 - 2020-08-25 23:08 - 000000000 ____D C:\Users\Tomáš Adámek
2020-09-27 13:21 - 2020-09-05 19:54 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-27 13:21 - 2020-08-31 22:54 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\Local\Adobe
2020-09-27 13:21 - 2020-08-31 22:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2020-09-25 15:41 - 2020-08-31 20:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-23 19:26 - 2020-08-25 17:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 19:26 - 2020-08-25 17:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 19:25 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-23 19:25 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-09-16 19:52 - 2020-08-25 23:09 - 000000000 ____D C:\Users\Tomáš Adámek\AppData\Local\Packages
2020-09-16 19:35 - 2020-08-25 17:08 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-09-15 20:47 - 2020-08-25 17:10 - 000000000 ____D C:\Program Files\ASUS
2020-09-15 20:42 - 2020-08-25 17:10 - 000000000 ____D C:\Program Files (x86)\LightingService
2020-09-15 20:42 - 2020-08-25 17:08 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-14 21:27 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-09-11 21:50 - 2020-08-25 17:33 - 000000000 ____D C:\Program Files\Norton Security

==================== Files in the root of some directories ========

2020-09-06 12:07 - 2018-05-13 16:53 - 000000395 _____ () C:\Users\Tomáš\UserAccountControlSettingsDevice.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================