Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-01-2021
Ran by Ondřej Zuna (administrator) on DESKTOP-8K3K8KT (ASUS All Series) (18-01-2021 22:03:53)
Running from C:\Users\Ondřej Zuna\Downloads
Loaded Profiles: Ondřej Zuna
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Genesys Logic, Inc. -> ) C:\Windows\SysWOW64\UMonit.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ondřej Zuna\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [175504 2020-11-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2032062789-1159367724-3628616144-1001\...\Run: [Steam] => D:\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-2032062789-1159367724-3628616144-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32873544 2021-01-15] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2032062789-1159367724-3628616144-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2032062789-1159367724-3628616144-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14858824 2021-01-03] (GOG Sp. z o.o. -> GOG.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-06] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0195F942-3D2B-43EE-B53B-7806A816ED39} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DE12DCA-750C-49CE-A2E3-FCFE4DE827B8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {31971962-5794-4AFC-B074-E6BA08D8A4C2} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2016-12-29] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {41F6A45A-F7FD-4664-973B-968F17439E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-09-27] (Google Inc -> Google Inc.)
Task: {5E7A6B9A-E1B1-439B-AD4E-C7B12C71C84C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {61D01850-ECE7-48F4-9F2A-0A4DA461D0D7} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {646C5DA3-E2BA-42B1-ADB7-54F3F03EA62A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6501D2A9-BD93-400F-9527-ED5861A251F0} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1995736 2017-02-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {790E1755-5BC3-4D36-9FD7-2A86745AC474} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7ABE347F-4537-42B2-82A4-DB5CAA690C4A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DA3AAB1-A132-43F7-8E4F-B92B7563E281} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A92DC21C-3E07-4032-9920-DCC4DE09A404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-09-27] (Google Inc -> Google Inc.)
Task: {C61386DD-A2DF-45C1-B2E9-9CC75B3CF10C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C78AD61E-6E81-4EA4-855D-752C90578F00} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD646B59-8DAC-4A31-9787-E0D07FEE1F1C} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)
Task: {DF54EF76-304F-4110-BEBB-81BCBAF42A4C} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit.exe [68216 2018-11-26] (Genesys Logic, Inc. -> )
Task: {E6242D4F-B45D-4A7E-8493-DDE3109FCD83} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA0EF0AF-DD02-4692-B121-F50C1AAF3B34} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EAD7FB24-456C-4A98-AC58-6447625AE4A7} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2019-02-26] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {F90ACF77-1850-4074-986A-5FDE22709806} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1290200 2017-01-24] (ASUSTeK Computer Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ea36af2-c8cc-4cb6-8149-01d84b9f3de5}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ondřej Zuna\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-18]

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default [2021-01-18]
CHR Notifications: Default -> hxxps://www.letgo.cz; hxxps://www.netflix.com
CHR Extension: (Prezentace) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-27]
CHR Extension: (Dokumenty) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-27]
CHR Extension: (Disk Google) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-27]
CHR Extension: (Tabulky) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Ondřej Zuna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-01-22] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe [975832 2017-01-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-06-21] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-10-29] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-03-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-07] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2021-01-03] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-08] (GOG Sp. z o.o. -> GOG.com)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [88888 2019-04-24] (ProtonVPN AG -> )
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181072 2020-09-26] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win10\ProtonVPNSplitTunnelCalloutDriver.Sys [48664 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U4 edevmon; system32\DRIVERS\edevmon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-18 22:03 - 2021-01-18 22:04 - 000022035 _____ C:\Users\Ondřej Zuna\Downloads\FRST.txt
2021-01-18 22:03 - 2021-01-18 22:04 - 000000000 ____D C:\FRST
2021-01-18 22:02 - 2021-01-18 22:02 - 001222144 _____ C:\Users\Ondřej Zuna\Downloads\RSITx64.exe
2021-01-18 22:00 - 2021-01-18 22:00 - 002295296 _____ (Farbar) C:\Users\Ondřej Zuna\Downloads\FRST64.exe
2021-01-18 21:21 - 2021-01-18 21:21 - 001527052 _____ C:\WINDOWS\Minidump\011821-5812-01.dmp
2021-01-18 20:15 - 2021-01-18 20:17 - 000000000 ____D C:\Users\Ondřej Zuna\Documents\STAR WARS Battlefront II
2021-01-18 20:15 - 2021-01-18 20:15 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Local\STAR WARS Battlefront II
2021-01-18 20:13 - 2021-01-18 20:13 - 000000809 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk
2021-01-18 20:13 - 2021-01-18 20:13 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2021-01-18 20:13 - 2021-01-18 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II
2021-01-17 23:37 - 2021-01-17 23:37 - 001027308 _____ C:\WINDOWS\Minidump\011721-6828-01.dmp
2021-01-14 19:17 - 2021-01-18 21:21 - 962502378 _____ C:\WINDOWS\MEMORY.DMP
2021-01-14 19:17 - 2021-01-14 19:18 - 000967260 _____ C:\WINDOWS\Minidump\011421-6234-01.dmp
2021-01-14 18:34 - 2021-01-14 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2021-01-14 18:32 - 2021-01-14 18:32 - 009325056 _____ C:\Users\Ondřej Zuna\Downloads\IPDT_Installer_4.1.5.37_64bit.msi
2021-01-14 18:32 - 2021-01-14 18:32 - 000002689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Processor Diagnostic Tool 64bit.lnk
2021-01-14 18:32 - 2021-01-14 18:32 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-14 18:32 - 2021-01-14 18:32 - 000000000 ____D C:\Program Files\Intel Corporation
2021-01-14 18:32 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-14 18:32 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-14 18:32 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-14 18:32 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-14 18:32 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-14 18:32 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-14 18:32 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-14 18:32 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-14 18:32 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-14 18:32 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-14 18:32 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-14 18:32 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-14 18:32 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-14 18:32 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-14 18:32 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-14 18:32 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-14 18:32 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-14 18:31 - 2021-01-14 18:31 - 088419879 _____ C:\Users\Ondřej Zuna\Downloads\IPDT_4.1.5.37_src.zip
2021-01-03 21:40 - 2021-01-03 21:40 - 000000202 _____ C:\Users\Ondřej Zuna\Desktop\Outer Wilds.url
2021-01-03 21:40 - 2021-01-03 21:40 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\LocalLow\Mobius Digital
2020-12-19 01:44 - 2020-12-19 01:44 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-19 01:44 - 2020-12-19 01:43 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-18 22:03 - 2020-12-01 18:22 - 000760504 _____ C:\WINDOWS\system32\perfh019.dat
2021-01-18 22:03 - 2020-12-01 18:22 - 000151212 _____ C:\WINDOWS\system32\perfc019.dat
2021-01-18 22:03 - 2020-09-16 00:11 - 002605486 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-18 22:03 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-18 22:03 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-18 22:03 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-18 21:59 - 2018-09-27 13:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-18 21:57 - 2020-09-16 00:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-18 21:57 - 2020-09-16 00:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-18 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-18 21:56 - 2020-09-16 00:08 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-18 21:24 - 2020-09-16 00:09 - 000000000 ____D C:\Users\Ondřej Zuna
2021-01-18 21:24 - 2019-11-24 12:58 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Roaming\Origin
2021-01-18 21:21 - 2020-09-24 20:57 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-18 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-18 21:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-18 21:21 - 2019-11-28 19:00 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-01-18 21:21 - 2019-11-24 12:58 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Local\Origin
2021-01-18 21:21 - 2019-11-24 12:58 - 000000000 ____D C:\ProgramData\Origin
2021-01-18 20:39 - 2020-01-26 23:19 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Local\MK11
2021-01-18 20:15 - 2018-10-01 22:34 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Local\D3DSCache
2021-01-18 17:43 - 2018-10-25 17:04 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Local\CrashDumps
2021-01-17 22:22 - 2019-11-24 12:59 - 000000000 ____D C:\Program Files (x86)\Origin
2021-01-17 22:22 - 2018-09-27 14:10 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-17 22:17 - 2019-10-05 13:29 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-17 22:14 - 2018-09-27 13:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-17 22:12 - 2018-09-27 13:58 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 18:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-14 23:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-14 18:34 - 2018-11-26 20:31 - 000001018 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2021-01-13 18:23 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-10 23:21 - 2020-06-09 16:46 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-10 23:21 - 2020-06-09 16:46 - 000002263 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-06 23:29 - 2018-09-27 14:16 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-06 23:29 - 2018-09-27 14:16 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-04 15:23 - 2020-04-21 23:56 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-01-04 15:23 - 2020-04-21 23:56 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-04 01:38 - 2018-09-30 23:07 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Local\Ubisoft Game Launcher
2021-01-03 22:31 - 2020-12-10 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-01-03 22:22 - 2018-09-30 23:20 - 000000000 ____D C:\Users\Ondřej Zuna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-01-03 21:39 - 2020-12-10 18:46 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-12-31 15:03 - 2020-04-21 23:56 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 10:48 - 2019-08-27 22:26 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2019-08-27 22:26 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2019-08-27 22:26 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2019-08-27 22:26 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2019-08-27 22:26 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2019-08-27 22:26 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-29 00:27 - 2019-08-27 22:26 - 009381947 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-19 01:44 - 2020-10-15 04:16 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-19 01:44 - 2020-08-14 15:25 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-19 01:44 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-19 01:44 - 2019-07-18 16:41 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-19 01:43 - 2019-07-18 16:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Files in the root of some directories ========

2018-10-25 16:51 - 2018-10-25 16:51 - 000214432 _____ () C:\Users\Ondřej Zuna\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================