Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
Ran by Admin (administrator) on DESKTOP-A13PA2Q (ASUS System Product Name) (18-01-2023 23:19:21)
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin
Platform: Microsoft Windows 11 Pro Version 21H2 22000.1455 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Areson Technology Corp. -> Areson) C:\Program Files (x86)\PATRIOT VIPER GAMING MOUSE\PATRIOT VIPER MOUSE.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Riot Games\League of Legends\LeagueClient.exe ->) (Riot Games, Inc. -> ) C:\Riot Games\League of Legends\LeagueCrashHandler.exe
(C:\Riot Games\League of Legends\LeagueClient.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\League of Legends\LeagueClientUx.exe
(C:\Riot Games\League of Legends\LeagueClientUx.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\League of Legends\LeagueClientUxRender.exe <6>
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\League of Legends\LeagueClient.exe
(C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoNotificationUx.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <8>
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_09773fc762985b7e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_1b5e80ff87b1f5c8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.11281.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [182888 2022-03-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-31] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [PATRIOT VIPER GAMING MOUSE] => C:\Program Files (x86)\PATRIOT VIPER GAMING MOUSE\PATRIOT VIPER MOUSE.exe [8565536 2020-12-03] (Areson Technology Corp. -> Areson)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2023-01-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [146309056 2023-01-04] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [Discord] => C:\Users\Admin\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [electron.app.GitGut] => C:\Users\Admin\AppData\Local\Programs\GitGut\GitGut.exe (No File)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-10-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2148528 2022-10-11] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2022-11-14] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [DriverFix] => C:\Program Files (x86)\DriverFix\DriverFix.exe [25313536 2022-10-30] (Blueroad Technologies Limited -> DriverFix)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-552103675-223904322-1626239445-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01AFBE54-C64C-4E68-BE38-5ED0AA7C4166} - System32\Tasks\GoogleUpdateTaskMachineCore{19FD541F-E923-438C-BC86-5A7CC7557164} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-14] (Google LLC -> Google LLC)
Task: {0B235A58-C415-4A73-B598-22153195A70D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {160A1035-5466-4E73-BB83-F8936139DAD5} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43022856 2022-01-11] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {16B4BD66-B0E5-414D-9A30-CD4025495031} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-09-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {23D2F3D9-DCA0-40DA-8A56-286674EEFB70} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [294880 2022-01-24] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {29EF0085-D777-4225-9871-BD2E3ACE8FA4} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.55\Installer\setup.exe [4020680 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {311E90EE-5CF4-4AFB-882D-72B261BAD76A} - System32\Tasks\GoogleUpdateTaskMachineUA{BF58BC0A-F81A-45FD-A5CA-73D6A739316F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-14] (Google LLC -> Google LLC)
Task: {3E5CFF10-E113-42BB-9F3B-7B3CC10AD0EB} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2196448 2022-01-24] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {466C26D1-2490-474C-9ED2-60FD8AAC595B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d837ae317d328d => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-03-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {49DC1EF5-4CD8-4E8B-85CE-09F89F40E33B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189104 2023-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {58F163CD-3BFA-49DE-A6C4-F213D35D2A6D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-552103675-223904322-1626239445-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189104 2023-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {61E5D355-C931-4DCA-84D7-CABB80A85A5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86DC361C-2DB3-4F67-902E-47D97211915F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8D62404-468E-4BA0-8332-95E698A8F17B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-03-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {C91AEB69-7847-4E8D-9C20-13C6AED5B0DF} - System32\Tasks\Opera scheduled Autoupdate 1649273672 => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {DA44E856-EF3A-4E04-B126-1BC8AAC0E4DB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {DDCB428D-5090-41E9-97A7-04E5A8C8CBAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9225DAF-2608-4B8A-9817-B29282267431} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {F0F61FF7-5722-40F3-A4FA-61F2190A6A02} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File 
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File 
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File 
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File 
Tcpip\Parameters: [DhcpNameServer] 192.168.18.1
Tcpip\..\Interfaces\{d67dcb5f-f1f4-49fb-9a19-cb70f74a2aca}: [DhcpNameServer] 192.168.18.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-18]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2022-10-30] [not signed]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2023-01-18]
CHR Notifications: Default -> hxxps://web.snapchat.com
CHR Extension: (BetterTTV) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-01-18]
CHR Extension: (7TV) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2022-08-16]
CHR Extension: (FrankerFaceZ) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2022-03-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera: 
=======
OPR Profile: C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable [2023-01-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-25]
OPR Extension: (Opera Wallet) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-15]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-04-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [382112 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.15\atkexComSvc.exe [468504 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-03-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-03-14] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.08\AsusFanControlService.exe [1438744 2022-08-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [158224 2022-03-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2023-01-18] (ASUSTeK Computer Inc. -> )
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [640448 2023-01-04] (NZXT, Inc. -> )
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [661016 2022-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [230504 2022-03-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [81512 2022-03-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-24] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-24] (Epic Games Inc. -> Epic Games, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.253.1204.0001\FileSyncHelper.exe [3480976 2023-01-16] (Microsoft Corporation -> Microsoft Corporation)
R3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [440936 2022-03-17] (Corsair Memory, Inc. -> Corsair)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [849744 2022-12-09] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.253.1204.0001\OneDriveUpdaterService.exe [3848592 2023-01-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6694520 2022-08-15] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [245224 2022-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_1b5e80ff87b1f5c8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_1b5e80ff87b1f5c8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43168 2022-03-14] (ASUSTeK Computer Inc. -> )
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [61976 2022-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [46600 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [22536 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz153; C:\Windows\temp\cpuz153\cpuz153_x64.sys [36864 2023-01-18] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2023-01-18] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [30728 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_e11257f05c0c2f89\iaLPSS2_GPIO2_ADL.sys [139928 2021-07-29] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1c06c20c35bb4d6d\iaLPSS2_I2C_ADL.sys [209552 2022-01-03] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1588424 2022-06-28] (Intel Corporation -> Intel Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [139264 2021-06-05] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsla7db06f8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5FC1845D-43BE-4EAC-BEAB-00DE84A0BB58}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-18 23:19 - 2023-01-18 23:20 - 000027737 _____ C:\Users\Admin\Downloads\FRST.txt
2023-01-18 23:17 - 2023-01-18 23:20 - 000000000 ____D C:\FRST
2023-01-18 23:17 - 2023-01-18 23:17 - 002376704 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2023-01-18 23:03 - 2023-01-18 23:03 - 000000000 ___HD C:\$SysReset
2023-01-12 11:15 - 2023-01-12 11:16 - 001006740 _____ C:\Windows\Minidump\011223-4203-01.dmp
2023-01-11 14:24 - 2023-01-11 14:24 - 000000000 ___HD C:\$WinREAgent
2022-12-22 19:04 - 2023-01-18 22:29 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-22 19:04 - 2022-12-22 19:04 - 002296488 _____ C:\Users\Admin\Downloads\SteamSetup (1).exe
2022-12-22 19:04 - 2022-12-22 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-18 23:13 - 2022-03-16 19:53 - 000000000 ____D C:\ProgramData\Riot Games
2023-01-18 23:04 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-18 22:33 - 2022-03-14 14:51 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-18 22:31 - 2022-03-10 03:17 - 001714078 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-18 22:31 - 2021-06-05 18:22 - 000712738 _____ C:\Windows\system32\perfh005.dat
2023-01-18 22:31 - 2021-06-05 18:22 - 000146544 _____ C:\Windows\system32\perfc005.dat
2023-01-18 22:31 - 2021-06-05 13:09 - 000000000 ____D C:\Windows\INF
2023-01-18 22:28 - 2022-10-20 19:48 - 000000000 ____D C:\Users\Admin\AppData\Local\Origin
2023-01-18 22:28 - 2022-10-20 19:48 - 000000000 ____D C:\ProgramData\Origin
2023-01-18 22:28 - 2022-03-16 18:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NZXT CAM
2023-01-18 22:28 - 2022-03-14 14:41 - 000000000 ___RD C:\Users\Admin\OneDrive
2023-01-18 22:28 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\AppReadiness
2023-01-18 22:27 - 2022-04-04 16:12 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2023-01-18 22:27 - 2022-03-16 20:46 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-18 22:27 - 2022-03-10 03:12 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2023-01-18 22:27 - 2022-03-10 03:12 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-01-18 22:27 - 2022-03-10 03:12 - 000012288 ___SH C:\DumpStack.log.tmp
2023-01-18 22:27 - 2022-03-10 03:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-18 22:27 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemTemp
2023-01-18 02:23 - 2022-03-14 14:38 - 000000000 ____D C:\Users\Admin
2023-01-18 02:23 - 2021-06-05 13:01 - 000524288 _____ C:\Windows\system32\config\BBI
2023-01-18 00:07 - 2022-03-10 03:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-17 23:14 - 2022-03-14 14:52 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-17 11:43 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-17 11:08 - 2022-03-14 14:50 - 000004784 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2023-01-17 11:08 - 2022-03-10 03:12 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-17 00:35 - 2022-11-27 10:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-01-17 00:29 - 2022-03-14 14:39 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2023-01-16 22:29 - 2022-11-27 10:01 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-01-16 22:29 - 2022-11-27 10:01 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-16 22:29 - 2022-03-14 14:41 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-552103675-223904322-1626239445-1001
2023-01-12 11:16 - 2022-10-30 20:35 - 000000000 ____D C:\Windows\Minidump
2023-01-12 11:15 - 2022-10-30 20:35 - 869256220 _____ C:\Windows\MEMORY.DMP
2023-01-11 14:37 - 2022-03-10 03:12 - 000292976 _____ C:\Windows\system32\FNTCACHE.DAT
2023-01-11 14:36 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemResources
2023-01-11 14:36 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\system32\oobe
2023-01-11 14:36 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\bcastdvr
2023-01-11 14:26 - 2022-03-16 18:10 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-01-11 14:26 - 2022-03-16 18:10 - 000000000 ____D C:\Windows\system32\MRT
2023-01-11 14:26 - 2021-06-05 13:01 - 000000000 ____D C:\Windows\CbsTemp
2023-01-11 14:25 - 2022-03-10 03:15 - 003110912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-01-06 18:02 - 2022-03-10 03:12 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-06 18:02 - 2022-03-10 03:12 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-05 14:58 - 2022-03-16 18:31 - 000000000 ____D C:\Program Files\NZXT CAM
2022-12-28 19:38 - 2022-05-07 12:35 - 000000000 ____D C:\Users\Admin\AppData\Local\Ubisoft Game Launcher
2022-12-24 05:39 - 2022-10-30 18:59 - 000000000 ____D C:\Users\Admin\AppData\Roaming\DriverFix
2022-12-23 13:22 - 2022-04-06 20:34 - 000004206 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1649273672
2022-12-23 13:22 - 2022-04-06 20:34 - 000001405 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-12-22 19:01 - 2022-10-30 19:04 - 000000000 ____D C:\DF_Files

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================