Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-03-2026 Ran by moran (administrator) on SMIKI (Acer Nitro ANV15-41) (04-03-2026 19:04:01) Running from C:\Users\moran\Downloads\FRST64English.exe.exe Loaded Profiles: klinc & moran Platform: Microsoft Windows 11 Pro Version 25H2 26200.7922 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\TotalAV\SecurityService.exe ->) (Total Security Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe (C:\Program Files\Fortect\MainService.exe ->) (Fortect LTD -> Fortect LTD) C:\Program Files\Fortect\MainProtection.exe <2> (C:\Program Files\Google\Play Games Services\26.2.475.1\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\26.2.475.1\Service\data\windows.assets\crashpad_handler.exe (DriverStore\FileRepository\acergaicameracomponent.inf_amd64_96e61d1a348ad182\AcerGAICameraService.exe ->) (Acer Incorporated -> Acer Inc.) C:\Windows\System32\DriverStore\FileRepository\acergaicameracomponent.inf_amd64_96e61d1a348ad182\AcerGAICameraW.exe (DriverStore\FileRepository\acerservicecomponent.inf_amd64_dc983e19363ee831\AcerServiceWrapper.exe ->) (ULIC TEK INC. -> Node.js) C:\Windows\System32\DriverStore\FileRepository\acerservicecomponent.inf_amd64_dc983e19363ee831\AcerService.exe (DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerCentralService.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerAgentService.exe (DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerCentralService.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerHardwareService.exe (DriverStore\FileRepository\sysmonitorservice.inf_amd64_58adec8bbcd5aac3\x64\AcerSystemCentralService.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\sysmonitorservice.inf_amd64_58adec8bbcd5aac3\x64\AcerSysHardwareService.exe (DriverStore\FileRepository\sysmonitorservice.inf_amd64_58adec8bbcd5aac3\x64\AcerSystemCentralService.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\sysmonitorservice.inf_amd64_58adec8bbcd5aac3\x64\AcerSysMonitorService.exe (DriverStore\FileRepository\u0406523.inf_amd64_69f0df3563112762\B405523\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0406523.inf_amd64_69f0df3563112762\B405523\atieclxx.exe <2> (explorer.exe ->) (Fortect LTD -> Fortect Ltd.) C:\Program Files\Fortect\bin\FortectTray.exe <2> (explorer.exe ->) (Fortect LTD®) [File not signed] C:\Program Files\Fortect\FortectMain.exe <4> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <24> (explorer.exe ->) (Viber Media S.a r.l. -> Viber Media S.à r.l.) C:\Users\klinc\AppData\Local\Viber\Viber.exe (I3D Technology Inc. -> I3D Technology Inc.) C:\Program Files\AcerCCAgent\ACCUserPS.exe <2> (I3D Technology Inc. -> I3D Technology Inc.) C:\Program Files\AcerQAAgent\AQAUserPS.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13> (Microsoft Corporation -> Microsoft Corporation) C:\Users\moran\AppData\Local\Microsoft\OneDrive\25.087.0506.0001\Microsoft.SharePoint.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe (services.exe ->) (Acer Incorporated -> Acer Inc.) C:\Windows\System32\DriverStore\FileRepository\acerartaimmxdrivercomponent.inf_amd64_b81b7341e842129a\AcerPixyService.exe (services.exe ->) (Acer Incorporated -> Acer Inc.) C:\Windows\System32\DriverStore\FileRepository\acerartaimmxdrivercomponent.inf_amd64_b81b7341e842129a\ARTAimmxService.exe (services.exe ->) (Acer Incorporated -> Acer Inc.) C:\Windows\System32\DriverStore\FileRepository\acergaicameracomponent.inf_amd64_96e61d1a348ad182\AcerGAICameraService.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\acerartaimmxdrivercomponent.inf_amd64_b81b7341e842129a\AAADSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\acerdeviceenablingservicecomponent.inf_amd64_0a9a6f50fc73b215\ADESv2Svc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerCentralService.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerLightingService.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Windows\System32\DriverStore\FileRepository\sysmonitorservice.inf_amd64_58adec8bbcd5aac3\x64\AcerSystemCentralService.exe (services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0406523.inf_amd64_69f0df3563112762\B405523\atiesrxx.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Fortect LTD -> Fortect Ltd.) C:\Program Files\Fortect\bin\MainDaemon.exe (services.exe ->) (Fortect LTD -> Fortect LTD.) C:\Program Files\Fortect\MainService.exe (services.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Play Games Services\26.2.475.1\Service\GooglePlayGamesServices.exe (services.exe ->) (I3D Technology Inc. -> I3D Technology Inc.) C:\Windows\System32\AcerCCAgent.exe (services.exe ->) (I3D Technology Inc. -> I3D Technology Inc.) C:\Windows\System32\AcerDIAgent.exe (services.exe ->) (I3D Technology Inc. -> I3D Technology Inc.) C:\Windows\System32\AcerQAAgent.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray_service.exe (services.exe ->) (MEDIATEK INC. -> MediaTek Inc.) C:\Windows\System32\mtkbtsvc.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_9f4cbe60880c3b57\amdfendrsr.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <5> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_3420b0f600026006\Display.NvContainer\NVDisplay.Container.exe <3> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_26fe2d6db570c75a\RtkAudUService64.exe <3> (services.exe ->) (Total Security Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2> (services.exe ->) (ULIC TEK INC. -> ) C:\Windows\System32\DriverStore\FileRepository\ezservicecomponent.inf_amd64_b8ac8921d0de9689\AcerEZService.exe (services.exe ->) (ULIC TEK INC. -> CloudBees, Inc.) C:\Windows\System32\DriverStore\FileRepository\acerservicecomponent.inf_amd64_dc983e19363ee831\AcerServiceWrapper.exe (sihost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> WhatsApp.Root) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2606.102.0_x64__cv1g1gvanyjgm\WhatsApp.Root.exe (sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe (sihost.exe ->) (F5240129-3993-455E-8347-B5A9BDDF4B89 -> ULIC Tek) C:\Program Files\WindowsApps\ULICTekInc.NitroSenseforNotebook_5.0.1452.0_x64__nt9dgb7efx6bt\app\NitroSense.exe <8> (sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Copilot_1.25121.84.0_x64__8wekyb3d8bbwe\Copilot.exe (svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.229.1.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.7911_none_a4ec25d37778e59e\TiWorker.exe (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_26fe2d6db570c75a\RtkAudUService64.exe [3267736 2025-11-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Fortect] => C:\Program Files\Fortect\bin\FortectTray.exe [3473976 2026-02-05] (Fortect LTD -> Fortect Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\145.0.3800.82\Installer\setup.exe [5590096 2026-03-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\Run: [Viber] => C:\Users\klinc\AppData\Local\Viber\Viber.exe [88641432 2026-02-04] (Viber Media S.a r.l. -> Viber Media S.à r.l.) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\Run: [Spotify] => C:\Users\klinc\AppData\Roaming\Spotify\Spotify.exe [2225536 2026-01-13] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [50985400 2026-02-17] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5760152 2026-01-21] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24773784 2026-02-03] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\Run: [MicrosoftEdgeAutoLaunch_209EA767517136868A31F8237907130E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253736 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3815476893-3251729537-2019210730-1001\...\MountPoints2: {cd5f21b2-cddf-11f0-961d-c0bfbef4b6b8} - "E:\setup.exe" HKU\S-1-5-21-3815476893-3251729537-2019210730-1003\...\Run: [MicrosoftEdgeAutoLaunch_95E3E8C082E54FA7902C7F588741CCF5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253736 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3815476893-3251729537-2019210730-1010\...\Run: [MicrosoftEdgeAutoLaunch_87EB38F7C0703F67D3709CBDDE75586C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253736 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3815476893-3251729537-2019210730-1010\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24773784 2026-02-03] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-3815476893-3251729537-2019210730-1010\...\Run: [Discord] => C:\Users\Šmiki\AppData\Local\Discord\Update.exe [1596344 2025-12-01] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3815476893-3251729537-2019210730-1010\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [50985400 2026-02-17] (Epic Games Inc. -> Epic Games, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\142.0.7444.176\Installer\chrmstp.exe [2025-11-21] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {7FDFC10B-9026-47B7-8B9C-4047CBCA896B} - System32\Tasks\DelayStartCareCenter2 => C:\Program Files\AcerCCAgent\Launcher.exe [157488 2025-03-31] (I3D Technology Inc. -> I3D Technology Inc.) Task: {41F003D4-EC59-4982-B66C-9F563F9C47E0} - System32\Tasks\DelayStartDeviceInfo2 => C:\Program Files\AcerDIAgent\Launcher.exe [157504 2024-10-13] (I3D Technology Inc. -> I3D Technology Inc.) Task: {CD6D03B9-63D5-47CB-AC6F-37259CCA127F} - System32\Tasks\DelayStartQuickAccess2 => C:\Program Files\AcerQAAgent\Launcher.exe [157512 2025-04-29] (I3D Technology Inc. -> I3D Technology Inc.) Task: {E4CF58DA-378E-4F9D-902D-B06E7E48FABF} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [375448 2026-02-21] (Google LLC -> Google LLC) Task: {9A5A4551-2813-49AA-BE4E-E6A512DD879C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem147.0.7703.0{2FFF24EA-07EA-42AF-98F3-2CE4962BE47C} => C:\Program Files (x86)\Google\GoogleUpdater\147.0.7703.0\updater.exe [8495256 2026-02-25] (Google LLC -> Google LLC) Task: {C92E749E-4C08-44AF-8EEC-BBC3D5B3C105} - System32\Tasks\Launch Adobe CCXProcess => "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (No File) Task: {A5680D68-1A29-4508-AC51-52FEC197C4E7} - System32\Tasks\Microsoft\Windows\Setup\SetupRecoveryDataTask => {717aa9c3-17e5-483b-81cc-8e27ed927763} C:\WINDOWS\system32\oobe\SetupRecoveryDataTask.dll [106496 2026-03-03] (Microsoft Windows -> Microsoft Corporation) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {EAFD5B14-E284-4078-89AA-0DC58A74197D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E3E8C7EE-5FBD-4CC6-A43F-F33DDD5C607A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {68A3BBB1-8F40-44D3-943F-E06DEBB7E0BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B61BDFE2-67EA-47F6-943C-3C5D074C2EA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpCmdRun.exe [1786528 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BCFBDE3C-A0CD-401D-9D52-93E6BBBD7CA0} - System32\Tasks\NitroSenseLauncher => C:\Program Files\NitroSense\Prerequisites\NitroSenseLauncher.exe [21264 2024-07-15] (ULIC TEK INC. -> ) Task: {3A82CFB5-9D06-46DB-B482-CE4E772A5E55} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AB371EC0-AA14-4271-AEAE-1D7BCEC3425F} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3815476893-3251729537-2019210730-1004 => C:\Users\SM L\AppData\Local\Microsoft\OneDrive\25.149.0803.0003\OneDriveLauncher.exe /startInstances (No File) Task: {7307665E-A6A7-4909-AA0F-AFAFFBCB23EE} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3815476893-3251729537-2019210730-1007 => C:\Users\Šmiki\AppData\Local\Microsoft\OneDrive\25.199.1012.0002\OneDriveLauncher.exe /startInstances (No File) Task: {3DB538DE-4DA1-4792-A980-BB6C7E907C31} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3815476893-3251729537-2019210730-1008 => C:\Users\dadaadadadada\AppData\Local\Microsoft\OneDrive\25.087.0506.0001\OneDriveLauncher.exe /startInstances (No File) Task: {C6AE4A27-3E98-44FF-B2A7-169391FC5A3F} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1764771148 => C:\Users\dadaadadadada\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe -> --scheduledtask --productiscomponent --installdir="C:\Users\dadaadadadada\AppData\Local\Programs\Opera GX\assistant" --producttype=assistant $(Arg0) Task: {5C908DC7-9711-4231-AB79-4868A6D980D5} - System32\Tasks\Opera GX scheduled Autoupdate 1753269582 => C:\Users\klinc\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File) Task: {9238186A-B677-4B76-AAD2-ED906B581F09} - System32\Tasks\Opera GX scheduled Autoupdate 1756236909 => C:\Users\klinc\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File) Task: {B693F6CC-5D0D-4883-8D27-B7B280DC00E3} - System32\Tasks\Opera GX scheduled Autoupdate 1764771142 => C:\Users\dadaadadadada\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe --scheduledtask $(Arg0) (No File) Task: {68A6C8E9-E613-4200-BBEE-DFBE77ACA1A9} - System32\Tasks\Seelen\Seelen UI Service => C:\Users\Šmiki\AppData\Local\Microsoft\WindowsApps\slu-service.exe [0 0] () [symlink -> ] Task: {68C8BA2C-CBB3-4DEA-B104-4BB9477BDDBE} - System32\Tasks\SoftLanding\S-1-5-21-3815476893-3251729537-2019210730-1001\SoftLandingCreativeManagementTask => {F576B2F9-7850-4226-ADB0-E5993FED4F02} Task: {4E21B8C9-2BF7-46D5-BE9F-5468F07D4B21} - System32\Tasks\SoftLanding\S-1-5-21-3815476893-3251729537-2019210730-1003\SoftLandingCreativeManagementTask => {F576B2F9-7850-4226-ADB0-E5993FED4F02} Task: {532B04C9-65B9-4F99-982A-A1784B6F7F0D} - System32\Tasks\SoftLanding\S-1-5-21-3815476893-3251729537-2019210730-1005\SoftLandingCreativeManagementTask => {F576B2F9-7850-4226-ADB0-E5993FED4F02} Task: {09FE77A7-33DA-4264-AE7C-207324C73433} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe [17246392 2026-01-15] (UBISOFT ENTERTAINMENT INC. -> Ubisoft) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{70195ef3-badf-466e-a644-79ef767181f8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{70195ef3-badf-466e-a644-79ef767181f8}\061D696B696F5630363: [DhcpNameServer] 10.167.15.137 Tcpip\..\Interfaces\{70195ef3-badf-466e-a644-79ef767181f8}\1413D2634673666603: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9f34ebed-ce5c-41dd-b33e-1832b3a891fb}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation) Edge: ======= Edge Profile: C:\Users\moran\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-04] Edge Extension: (Google Docs Offline) - C:\Users\moran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-04] Edge Extension: (Edge relevant text changes) - C:\Users\moran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2026-03-04] Edge Extension: (Norton Safe Search Enhanced) - C:\Users\moran\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mlkldgfgjpbjleemanihhibhcanfhmel [2026-03-04] [UpdateUrl:0] <==== ATTENTION Edge crx: C:\Program Files (x86)\Microsoft\Edge\Application\Extensions\dsue.crx [2025-11-30] Chrome: ======= CHR Profile: C:\Users\moran\AppData\Local\Google\Chrome\User Data\Default [2026-03-04] CHR Extension: (Google Docs Offline) - C:\Users\moran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-04] CHR Extension: (Norton Safe Search Enhanced) - C:\Users\moran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngfdigdcljpnkdmddjcnocieopbfihek [2026-03-04] [UpdateUrl:0] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\moran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2026-03-04] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AASSvc; C:\WINDOWS\System32\DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerCentralService.exe [327472 2025-08-13] (Acer Incorporated -> Acer Incorporated) R2 AcerARTAIMMXDriverService; C:\WINDOWS\System32\DriverStore\FileRepository\acerartaimmxdrivercomponent.inf_amd64_b81b7341e842129a\AAADSvc.exe [367936 2025-10-30] (Acer Incorporated -> Acer Incorporated) R2 AcerARTAIMMXService; C:\WINDOWS\System32\DriverStore\FileRepository\acerartaimmxdrivercomponent.inf_amd64_b81b7341e842129a\ARTAimmxService.exe [274752 2025-10-30] (Acer Incorporated -> Acer Inc.) R2 AcerCCAgentSvis; C:\WINDOWS\system32\AcerCCAgent.exe [5997392 2025-03-31] (I3D Technology Inc. -> I3D Technology Inc.) R2 AcerDeviceEnablingServiceV2; C:\WINDOWS\System32\DriverStore\FileRepository\acerdeviceenablingservicecomponent.inf_amd64_0a9a6f50fc73b215\ADESv2Svc.exe [664880 2025-10-01] (Acer Incorporated -> Acer Incorporated) R2 AcerDIAgentSvis; C:\WINDOWS\system32\AcerDIAgent.exe [5692224 2024-10-13] (I3D Technology Inc. -> I3D Technology Inc.) R2 AcerEZSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ezservicecomponent.inf_amd64_b8ac8921d0de9689\AcerEZService.exe [12939112 2025-05-04] (ULIC TEK INC. -> ) R2 AcerGAICameraService; C:\WINDOWS\System32\DriverStore\FileRepository\acergaicameracomponent.inf_amd64_96e61d1a348ad182\AcerGAICameraService.exe [178960 2025-10-02] (Acer Incorporated -> Acer Inc.) R2 AcerLightingService; C:\WINDOWS\System32\DriverStore\FileRepository\predatorservice.inf_amd64_c634eb8e856fb962\AcerLightingService.exe [261936 2025-08-13] (Acer Incorporated -> Acer Incorporated) R2 AcerPixyService; C:\WINDOWS\System32\DriverStore\FileRepository\acerartaimmxdrivercomponent.inf_amd64_b81b7341e842129a\AcerPixyService.exe [615744 2025-10-30] (Acer Incorporated -> Acer Inc.) R2 AcerQAAgentSvis; C:\WINDOWS\system32\AcerQAAgent.exe [6181680 2025-04-29] (I3D Technology Inc. -> I3D Technology Inc.) R2 AcerServiceSvc; C:\WINDOWS\System32\DriverStore\FileRepository\acerservicecomponent.inf_amd64_dc983e19363ee831\AcerServiceWrapper.exe [678712 2024-08-20] (ULIC TEK INC. -> CloudBees, Inc.) R2 ASMSvc; C:\WINDOWS\System32\DriverStore\FileRepository\sysmonitorservice.inf_amd64_58adec8bbcd5aac3\x64\AcerSystemCentralService.exe [327448 2025-05-18] (Acer Incorporated -> Acer Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20285608 2025-08-01] (BattlEye Innovations e.K. -> ) S3 DiscordSystemHelper; C:\Program Files\Common Files\Discord\Discord\DiscordSystemHelper.exe [2131840 2025-12-20] (discord-code-sign-windows-admin -> Discord Inc.) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [457096 2024-04-29] (DTS, Inc. -> DTS Inc.) S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [173741304 2026-01-30] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [959216 2025-12-31] (EasyAntiCheat Oy -> Epic Games, Inc.) R2 EndpointProtectionService; C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe [13107056 2026-01-12] (Avira Operations GmbH -> Avira Operations GmbH) <==== ATTENTION S3 EndpointProtectionService2; C:\Program Files (x86)\TotalAV\Endpoint Protection SDK\endpointprotection.exe [13107056 2026-01-12] (Avira Operations GmbH -> Avira Operations GmbH) <==== ATTENTION S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3406264 2026-02-17] (Epic Games Inc. -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1603488 2025-12-31] (Epic Games Inc. -> Epic Games, Inc.) R2 FortectDaemon; C:\Program Files\Fortect\bin\MainDaemon.exe [5308472 2026-02-01] (Fortect LTD -> Fortect Ltd.) R2 FortectService; C:\Program Files\Fortect\MainService.exe [7482424 2026-02-05] (Fortect LTD -> Fortect LTD.) S3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [141680 2025-10-20] (Microsoft Corporation -> Microsoft Corporation) R2 GooglePlayGamesServices-26.2.475.1; C:\Program Files\Google\Play Games Services\26.2.475.1\Service\GooglePlayGamesServices.exe [512152 2026-02-25] (Google LLC -> Google LLC) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray_service.exe [11524960 2025-12-02] (Logitech Inc -> Logitech, Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MpDefenderCoreService.exe [2067464 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MTKBTSVC; C:\WINDOWS\System32\mtkbtsvc.exe [535408 2025-09-25] (MEDIATEK INC. -> MediaTek Inc.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_3420b0f600026006\Display.NvContainer\NVDisplay.Container.exe [1275624 2025-12-31] (NVIDIA Corporation -> NVIDIA Corporation) R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [236664 2026-02-09] (Total Security Limited -> TotalAV) <==== ATTENTION S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [811360 2026-03-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 UpcElevationService; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher Core\UpcElevationService.exe [351928 2026-01-15] (UBISOFT ENTERTAINMENT INC. -> Ubisoft) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\NisSrv.exe [4435096 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26010.5-0\MsMpEng.exe [290744 2026-02-11] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated) R3 AcerApplicationBaseDriver_Device; C:\WINDOWS\System32\DriverStore\FileRepository\acerapplicationbasedriver.inf_amd64_87fcd9ece24eed34\AcerApplicationBaseDriver.sys [28440 2025-10-26] (Acer Incorporated -> ) S3 AcerDeviceEnablingServiceComponentService; C:\WINDOWS\System32\DriverStore\FileRepository\acerdeviceenablingservicecomponent.inf_amd64_2cdf5cd411dbbf8e\x64\AcerDeviceEnablingServiceComponent.sys [37704 2024-10-14] (Acer Incorporated -> ) S3 AcerGAICameraComponentService; C:\WINDOWS\System32\DriverStore\FileRepository\acergaicameracomponent.inf_amd64_3d28e0967b3f8b98\AcerGAICameraComponent.sys [37216 2025-01-06] (Acer Incorporated -> ) R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_93221359f0901248\amdacpafd.sys [435608 2023-07-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_9f4cbe60880c3b57\amdfendrmgr.sys [56400 2024-08-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [144280 2022-08-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0406523.inf_amd64_69f0df3563112762\B405523\amdkmdag.sys [106038152 2024-08-18] (Advanced Micro Devices -> Advanced Micro Devices, Inc.) R2 amd_dpfc; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_3420b0f600026006\amd_dpfc.sys [47848 2025-12-31] (NVIDIA Corporation -> Advanced Micro Devices) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [179768 2026-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH) R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [223296 2026-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-06-07] (Microsoft Corporation) [File not signed] R1 cbfilter24-0; C:\Program Files\Fortect\cbfilter24.sys [407224 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbprocess24-0; C:\Program Files\Fortect\cbprocess24.sys [91360 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 cbregistry24-0; C:\Program Files\Fortect\cbregistry24.sys [143560 2025-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com) R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234688 2025-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Google) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-11] (Microsoft Windows -> Microsoft Corporation) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2025-08-15] (Logitech Inc -> Logitech) S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2025-08-15] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2025-08-15] (Logitech Inc -> Logitech) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_e7cd8faef8863187\logi_lamparray.sys [89440 2025-12-02] (Logitech Inc -> Logitech, Inc.) R3 MTKBTFilterx64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_be5b1c784d5b96f4\mtkbtfilterx.sys [601456 2025-09-25] (MEDIATEK INC. -> MediaTek Inc.) R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_e4e766c9f7adc16a\mtkwl6ex.sys [2086808 2025-09-24] (MEDIATEK INC. -> MediaTek Inc.) S3 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [119664 2026-01-07] (Avira Operations GmbH -> Avira Operations GmbH) R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [303848 2025-12-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 PredatorService; C:\WINDOWS\System32\DriverStore\FileRepository\predatorservice.inf_amd64_438f22dfe1d5b109\PredatorServiceSoftwareComponent.sys [36312 2024-06-18] (Acer Incorporated -> Acer Incorporated) R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_b337e9a1b0cf3552\rt68cx21x64.sys [752600 2023-12-04] (Realtek Semiconductor Corp. -> Realtek) S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek) R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [453912 2026-01-07] (Avira Operations GmbH -> Avira Operations GmbH) R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [453920 2026-01-07] (Avira Operations GmbH -> Avira Operations GmbH) S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [30152 2026-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH) S3 VirtualMic; C:\WINDOWS\System32\drivers\VirtualMic.sys [50232 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [635272 2026-02-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2026-02-11] (Microsoft Windows -> Microsoft Corporation) S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X] S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-04 19:04 - 2026-03-04 19:04 - 000035131 _____ C:\Users\moran\Downloads\FRST.txt 2026-03-04 19:03 - 2026-03-04 19:04 - 000000000 ____D C:\FRST 2026-03-04 18:57 - 2026-03-04 19:00 - 002445312 _____ (Farbar) C:\Users\moran\Downloads\FRST64English.exe.exe 2026-03-04 18:52 - 2026-03-04 18:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3815476893-3251729537-2019210730-1003 2026-03-04 18:52 - 2026-03-04 18:52 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3815476893-3251729537-2019210730-1003 2026-03-04 18:52 - 2026-03-04 18:52 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3815476893-3251729537-2019210730-1003 2026-03-04 18:52 - 2026-03-04 18:52 - 000002383 _____ C:\Users\moran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2026-03-04 18:52 - 2026-03-04 18:52 - 000000000 ___RD C:\Users\moran\OneDrive 2026-03-04 18:27 - 2026-03-04 18:50 - 000000000 ____D C:\Users\moran\AppData\Local\PlaceholderTileLogoFolder 2026-03-04 18:27 - 2026-03-04 18:27 - 000000000 ____D C:\Users\moran\AppData\Local\Publishers 2026-03-04 18:26 - 2026-03-04 18:52 - 000000000 ____D C:\Users\moran\AppData\Local\D3DSCache 2026-03-04 18:26 - 2026-03-04 18:27 - 000000000 ____D C:\Users\moran\AppData\Local\Google 2026-03-04 18:26 - 2026-03-04 18:26 - 000000000 ____D C:\Users\moran\AppData\LocalLow\NVIDIA 2026-03-04 18:26 - 2026-03-04 18:26 - 000000000 ____D C:\Users\moran\AppData\LocalLow\AMD 2026-03-04 18:26 - 2026-03-04 18:26 - 000000000 ____D C:\Users\moran\AppData\Local\NVIDIA 2026-03-04 18:25 - 2026-03-04 19:01 - 000000000 ____D C:\Users\moran\AppData\Local\Packages 2026-03-04 18:25 - 2026-03-04 18:52 - 000000000 ____D C:\Users\moran 2026-03-04 18:25 - 2026-03-04 18:26 - 000000000 ____D C:\Users\moran\AppData\Roaming\Microsoft\Windows 2026-03-04 18:25 - 2026-03-04 18:26 - 000000000 ____D C:\Users\moran\AppData\Roaming\Microsoft\Spelling 2026-03-04 18:25 - 2026-03-04 18:26 - 000000000 ____D C:\Users\moran\AppData\Local\AMD 2026-03-04 18:25 - 2026-03-04 18:25 - 000000020 ___SH C:\Users\moran\ntuser.ini 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ___SD C:\Users\moran\AppData\Roaming\Microsoft\SystemCertificates 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ___SD C:\Users\moran\AppData\Roaming\Microsoft\Protect 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ___SD C:\Users\moran\AppData\Roaming\Microsoft\Crypto 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ___SD C:\Users\moran\AppData\Roaming\Microsoft\Credentials 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ____D C:\Users\moran\AppData\Roaming\Microsoft\Vault 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ____D C:\Users\moran\AppData\Roaming\Microsoft\Network 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ____D C:\Users\moran\AppData\Roaming\Adobe 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ____D C:\Users\moran\AppData\Local\VirtualStore 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ____D C:\Users\moran\AppData\Local\NVIDIA Corporation 2026-03-04 18:25 - 2026-03-04 18:25 - 000000000 ____D C:\Users\moran\AppData\Local\ConnectedDevicesPlatform 2026-03-04 18:24 - 2026-03-04 18:24 - 000000000 ____D C:\Users\WsiAccount\AppData\Local\NVIDIA Corporation 2026-03-04 18:13 - 2026-03-04 18:15 - 000000000 ____D C:\Users\klinc\AppData\Roaming\Fortect 2026-03-04 18:13 - 2026-03-04 18:13 - 000000873 _____ C:\Users\Public\Desktop\Fortect.lnk 2026-03-04 18:13 - 2026-03-04 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect 2026-03-04 18:13 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbregistryevtmsg.dll 2026-03-04 18:13 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbprocessevtmsg.dll 2026-03-04 18:13 - 2025-01-09 15:18 - 000011768 _____ (Callback Technologies, Inc. - www.callback.com) C:\WINDOWS\system32\cbfilterevtmsg.dll 2026-03-04 18:12 - 2026-03-04 18:14 - 000000000 ____D C:\ProgramData\Fortect 2026-03-04 18:12 - 2026-03-04 18:13 - 000000000 ____D C:\Program Files\Fortect 2026-03-04 18:12 - 2026-03-04 18:12 - 000845928 _____ (Fortect) C:\Users\klinc\Downloads\Fortect.exe 2026-03-03 20:21 - 2026-03-04 18:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding 2026-03-03 19:48 - 2026-03-04 19:02 - 000000000 ____D C:\WINDOWS\CbsTemp 2026-03-03 19:42 - 2026-03-03 19:42 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2026-03-03 19:42 - 2026-03-03 19:42 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2026-03-03 19:41 - 2026-03-03 19:41 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json 2026-03-03 19:41 - 2026-03-03 19:41 - 000083946 _____ C:\WINDOWS\system32\ctac.json 2026-02-19 21:21 - 2026-02-19 21:21 - 001375720 _____ (Shark Labs) C:\Users\klinc\Downloads\VoiceChanger64f(1.98).exe 2026-02-19 21:12 - 2026-02-19 21:12 - 000000000 ____D C:\ProgramData\Voicemod 2026-02-19 21:05 - 2026-02-19 21:05 - 000000000 ____D C:\Users\klinc\AppData\Roaming\Polyverse 2026-02-19 21:03 - 2026-02-19 21:08 - 000000000 ____D C:\Users\klinc\AppData\Roaming\EaseUS VoiceWave 2026-02-19 21:03 - 2026-02-19 21:03 - 000000000 ____D C:\Users\Public\EaseUS 2026-02-19 21:03 - 2026-02-19 21:03 - 000000000 ____D C:\ProgramData\EaseUS 2026-02-19 21:01 - 2026-02-19 21:01 - 000000000 ____D C:\Program Files (x86)\EaseUS 2026-02-19 20:37 - 2026-02-19 20:37 - 000000000 ____D C:\Users\klinc\AppData\Local\DEADLINE_DELIVERY 2026-02-17 20:58 - 2026-01-07 18:28 - 000119664 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys 2026-02-17 20:57 - 2026-01-07 18:29 - 000453920 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys 2026-02-17 20:57 - 2026-01-07 18:29 - 000453912 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys 2026-02-14 22:07 - 2026-02-14 22:07 - 000000000 ____D C:\WINDOWS\system32\braille-tables 2026-02-11 15:39 - 2026-02-11 15:39 - 000000000 ____D C:\Users\klinc\AppData\Local\Viber 2026-02-09 16:33 - 2026-02-09 16:33 - 000000000 ____D C:\Users\klinc\AppData\Local\Rocket League 2026-02-09 14:20 - 2026-02-09 14:20 - 000000368 _____ C:\Users\klinc\Desktop\Rocket League®.url 2026-02-09 14:15 - 2026-02-09 14:15 - 040212592 _____ (Google LLC) C:\Users\klinc\Downloads\Install-Pocket Tanks-GooglePlayGames.exe 2026-02-08 21:06 - 2026-02-19 20:26 - 000001292 _____ C:\Users\klinc\Desktop\Virtual Regatta Offshore.lnk 2026-02-08 20:42 - 2026-02-08 20:42 - 000000000 ____D C:\Users\klinc\Documents\Marvel's Spider-Man Remastered 2026-02-03 20:11 - 2026-02-03 20:12 - 000000000 ____D C:\Program Files\LGHUB 2026-02-03 20:11 - 2026-02-03 20:11 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk 2026-02-03 20:11 - 2026-02-03 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-04 19:03 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF 2026-03-04 19:01 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2026-03-04 18:58 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2026-03-04 18:50 - 2025-10-17 17:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH 2026-03-04 18:50 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps 2026-03-04 18:50 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2026-03-04 18:48 - 2025-07-23 10:16 - 000000000 ____D C:\ProgramData\Acer 2026-03-04 18:48 - 2025-07-22 19:54 - 000000000 ____D C:\ProgramData\NVIDIA 2026-03-04 18:26 - 2025-07-22 19:34 - 000000000 __RHD C:\Users\Public\AccountPictures 2026-03-04 18:24 - 2025-09-21 21:30 - 000000000 ____D C:\Users\WsiAccount\AppData\Roaming\Microsoft\Spelling 2026-03-04 18:24 - 2025-09-21 21:30 - 000000000 ____D C:\Users\WsiAccount\AppData\Local\Packages 2026-03-04 18:15 - 2025-07-22 19:35 - 000000000 ____D C:\Users\klinc\AppData\Local\D3DSCache 2026-03-04 17:27 - 2025-07-22 19:31 - 000000000 ____D C:\Users\klinc 2026-03-04 16:21 - 2025-10-03 19:40 - 000000000 ____D C:\ProgramData\Whesvc 2026-03-04 15:26 - 2025-07-23 09:46 - 000791266 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2026-03-04 15:26 - 2025-07-22 21:44 - 000000000 ____D C:\Users\klinc\Documents\ViberDownloads 2026-03-04 15:26 - 2025-07-22 21:41 - 000000000 ____D C:\Users\klinc\AppData\Roaming\ViberPC 2026-03-04 15:21 - 2025-11-25 20:37 - 000000000 ____D C:\Program Files\AcerQAAgent 2026-03-04 15:21 - 2025-08-06 11:44 - 000000000 ____D C:\Users\klinc\AppData\Local\CrashDumps 2026-03-04 15:21 - 2025-08-06 10:50 - 000000000 ____D C:\Program Files (x86)\TotalAV 2026-03-04 15:21 - 2025-07-23 09:40 - 000012288 ___SH C:\DumpStack.log.tmp 2026-03-04 15:21 - 2025-07-23 09:40 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2026-03-04 15:21 - 2025-07-23 09:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2026-03-04 15:21 - 2025-07-23 09:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2026-03-03 20:13 - 2024-04-01 08:21 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2026-03-03 20:12 - 2025-07-23 09:40 - 000296888 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2026-03-03 20:11 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\InboxApps 2026-03-03 20:11 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2026-03-03 20:11 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat 2026-03-03 20:11 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing 2026-03-03 19:55 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2026-03-03 19:55 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2026-03-03 19:41 - 2025-07-23 09:44 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2026-03-03 18:52 - 2025-07-30 18:22 - 000001081 _____ C:\Users\Public\Desktop\Google Play Games.lnk 2026-03-02 15:17 - 2026-01-13 18:53 - 000000000 ____D C:\Users\Šmiki\AppData\Local\com.seelen.seelen-ui 2026-03-02 15:09 - 2025-12-31 19:53 - 000000000 ____D C:\Users\Šmiki\AppData\Local\CrashDumps 2026-03-02 15:08 - 2025-12-05 19:16 - 000000000 ____D C:\Users\Šmiki\AppData\Local\D3DSCache 2026-03-02 15:06 - 2026-01-13 18:53 - 000000000 ____D C:\Users\Šmiki\AppData\Roaming\com.seelen.seelen-ui 2026-03-02 14:46 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2026-03-02 14:36 - 2025-07-23 09:40 - 000003612 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{7B2399D0-8986-4440-B611-C03D4EC8199E} 2026-03-02 14:36 - 2025-07-23 09:40 - 000003486 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{B6241C84-F05A-46EE-9730-9A97D392720F} 2026-02-19 21:25 - 2025-08-06 10:50 - 000000000 ____D C:\ProgramData\TotalAV 2026-02-19 21:24 - 2025-08-06 10:52 - 000197856 _____ C:\WINDOWS\system32\rtp.db 2026-02-19 21:24 - 2025-07-23 12:46 - 000000000 ____D C:\Program Files (x86)\Steam 2026-02-19 21:24 - 2025-07-23 12:17 - 000000000 ____D C:\Users\klinc\AppData\Roaming\discord 2026-02-19 21:24 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2026-02-19 21:21 - 2025-07-23 12:17 - 000000000 ____D C:\Users\klinc\AppData\Local\Discord 2026-02-19 20:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2026-02-19 20:21 - 2025-07-23 12:47 - 000000000 ____D C:\Users\klinc\AppData\Local\Steam 2026-02-19 20:21 - 2025-07-23 12:17 - 000002247 _____ C:\Users\klinc\Desktop\Discord.lnk 2026-02-17 20:57 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2026-02-14 22:07 - 2025-12-05 20:21 - 000000000 ____D C:\WINDOWS\system32\NarratorMCAT 2026-02-14 22:07 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2026-02-14 22:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels 2026-02-14 22:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2026-02-14 22:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\km-KH 2026-02-14 22:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs 2026-02-14 22:07 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning 2026-02-14 22:05 - 2025-12-05 20:54 - 000000000 ____D C:\Users\Šmiki\AppData\Roaming\discord 2026-02-14 21:45 - 2025-12-05 20:54 - 000000000 ____D C:\Users\Šmiki\AppData\Local\Discord 2026-02-14 19:45 - 2025-12-05 20:54 - 000002247 _____ C:\Users\Šmiki\Desktop\Discord.lnk 2026-02-14 19:40 - 2025-07-22 19:44 - 000000000 ____D C:\WINDOWS\system32\MRT 2026-02-14 19:30 - 2025-12-30 21:15 - 000000000 ____D C:\Users\Šmiki\AppData\Local\Skate 2026-02-14 19:13 - 2025-12-06 19:11 - 000000000 ____D C:\Users\Šmiki\AppData\Local\Ubisoft Game Launcher 2026-02-14 19:11 - 2025-12-05 19:17 - 000000000 ____D C:\Users\Šmiki\AppData\Local\Steam 2026-02-14 19:07 - 2025-07-22 19:44 - 221154392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2026-02-12 15:48 - 2025-12-05 19:16 - 000000000 ____D C:\Users\Šmiki 2026-02-11 15:48 - 2025-07-23 09:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2026-02-09 16:32 - 2025-08-04 11:31 - 000000000 ____D C:\Users\klinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Play Games 2026-02-09 16:32 - 2025-07-29 18:10 - 000000000 ____D C:\Users\klinc\Documents\My Games 2026-02-08 20:53 - 2025-08-15 10:20 - 000000000 ____D C:\Program Files\Epic Games 2026-02-08 20:48 - 2026-01-20 18:14 - 000000000 ____D C:\Users\klinc\AppData\Local\UVSU 2026-02-06 21:32 - 2025-12-30 21:11 - 000000000 ____D C:\ProgramData\Packer 2026-02-04 15:24 - 2025-12-05 19:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3815476893-3251729537-2019210730-1010 2026-02-04 15:24 - 2025-12-05 19:25 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3815476893-3251729537-2019210730-1010 2026-02-04 15:24 - 2025-12-05 19:25 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3815476893-3251729537-2019210730-1010 2026-02-04 15:24 - 2025-12-05 19:25 - 000002383 _____ C:\Users\Šmiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2026-02-03 20:48 - 2026-01-22 18:21 - 000000000 ____D C:\Users\klinc\AppData\Local\Skate 2026-02-03 20:11 - 2025-08-15 11:40 - 000000000 ____D C:\Users\klinc\AppData\Local\LGHUB ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================