Been awhile, checking on my laptop to see if its ok:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2021
Ran by Brandon (administrator) on ACERI5 (Acer Aspire V5-561P) (20-01-2021 20:27:13)
Running from C:\Users\Brandon\Downloads
Loaded Profiles: Brandon
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Panda Security URL Filtering] => "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2020-01-29] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MG3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3100 series: C:\Windows\System32\CNMLMAR.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.96\Installer\chrmstp.exe [2021-01-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\System32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\System32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-02-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-01-26]
ShortcutTarget: Twitch.lnk -> C:\Users\Brandon\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicyScripts: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D76F319-154A-4E13-BF71-E896E07447B3} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {27E04B6B-8CBC-480F-A360-D1AEDFCBDB60} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [584408 2013-09-09] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {42990C97-45A9-48DF-931E-C1A4E6E04550} - System32\Tasks\CorelUpdateHelperTask-884BC45790FDF6B638830C9F1ED215CC => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {4C0F55E9-2D7A-4FB7-AA9A-B500C253CF20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-03] (Google Inc -> Google Inc.)
Task: {5F202829-1F3B-4416-A402-079D88735994} - System32\Tasks\Touch Tools Launcher => C:\Program Files\Acer\Acer Touch Tools\TouchToolsLauncher.exe [237864 2013-08-24] (Acer Incorporated -> TODO: <Company name>)
Task: {658D8BD4-AF9E-45FB-A530-DD5E54082DD3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {6A23E752-E558-477A-A96A-2D2215C1B332} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [17737800 2013-07-27] (Acer Incorporated -> Acer Incorporated)
Task: {71C4564D-DCC7-46E0-A87B-CA466D3A881E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [283880 2013-09-12] (Acer Incorporated -> Acer Incorporated)
Task: {8AF2FB40-8B59-464F-949E-569183DE97A2} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {A7E8CB14-A617-4D50-8DBA-9C088F16D845} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-03] (Google Inc -> Google Inc.)
Task: {B2C7D0EB-BD1F-4D86-9C6B-5549F4EF0D81} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [40168 2013-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {B6600615-C8A9-4DF2-8038-696302B510F2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [1362432 2018-04-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C523E1A2-15AD-4A53-83F5-1B23C3001107} - System32\Tasks\{B434E1F3-FC8F-4636-9855-EA0D7FEEEB17} => C:\Windows\system32\pcalua.exe -a C:\Windows\System32\control.exe -d C:\Windows\SysWOW64 -c "C:\Windows\SysWOW64\sr2_cpl.cpl",
Task: {DABAAC0B-1046-4650-BDC3-78A60B93CD47} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {E4887126-9DBA-45E2-A12B-64F7E9FB43FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {F17B4C93-CB99-4567-B92A-18A981DEAD41} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{A2A1C2B1-BCAC-420C-82B4-3DF9A15A81AC}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{B70EDA39-35EB-4E7F-8E7A-2ECAC6F45200}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default [2021-01-20]
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico
CHR Extension: (Slides) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-07]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-03-10]
CHR Extension: (Docs) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07]
CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-08]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Sheets) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-29]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated -> Acer Incorporated)
R2 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2577640 2013-12-04] (Acer Incorporated -> Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security S.L -> Panda Security, S.L.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation -> EldoS Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2021-01-17] (Malwarebytes Inc -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [118136 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [91392 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337520 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [153176 2018-01-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206424 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-20 20:08 - 2021-01-20 20:10 - 002295808 _____ (Farbar) C:\Users\Brandon\Downloads\FRST64.exe
2021-01-19 17:30 - 2021-01-17 23:17 - 001128960 _____ (Disk Wipe) C:\Users\Brandon\Downloads\DiskWipe.exe
2021-01-17 18:28 - 2021-01-17 18:28 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-17 18:28 - 2017-05-22 05:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-12-24 15:36 - 2021-01-11 18:53 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\dvdcss
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-21 08:36 - 2014-01-15 02:44 - 000000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-01-20 20:27 - 2017-08-01 17:43 - 000022854 _____ C:\Users\Brandon\Downloads\FRST.txt
2021-01-20 20:27 - 2017-08-01 17:43 - 000000000 ____D C:\FRST
2021-01-20 20:14 - 2017-08-01 17:46 - 000049930 _____ C:\Users\Brandon\Downloads\Addition.txt
2021-01-20 20:11 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\Inf
2021-01-20 20:10 - 2017-08-07 21:11 - 000000000 ____D C:\Users\Brandon\Downloads\FRST-OlderVersion
2021-01-20 20:01 - 2018-12-13 21:33 - 000008192 ___SH C:\Users\Brandon\Documents\Thumbs.db
2021-01-19 17:59 - 2014-06-09 01:15 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1123904499-927742330-4291546209-1001
2021-01-19 17:33 - 2013-12-15 23:01 - 000863592 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-19 17:30 - 2016-12-03 13:41 - 000002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-19 17:30 - 2016-12-03 13:41 - 000002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-19 17:30 - 2016-12-03 13:41 - 000002167 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-17 18:28 - 2013-08-22 09:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-12 07:43 - 2019-07-28 19:44 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\vlc
2021-01-11 18:23 - 2015-11-09 12:03 - 000105984 ___SH C:\Users\Brandon\Desktop\Thumbs.db
2020-12-31 16:41 - 2014-10-10 13:01 - 000000000 ____D C:\Users\Brandon\Documents\Bluetooth Folder
==================== Files in the root of some directories ========
2019-07-28 19:37 - 2019-07-28 19:38 - 000014336 _____ () C:\Users\Brandon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-01-19 17:59
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2021
Ran by Brandon (administrator) on ACERI5 (Acer Aspire V5-561P) (20-01-2021 20:27:13)
Running from C:\Users\Brandon\Downloads
Loaded Profiles: Brandon
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Panda Security URL Filtering] => "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2020-01-29] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MG3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3100 series: C:\Windows\System32\CNMLMAR.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.96\Installer\chrmstp.exe [2021-01-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\System32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\System32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-02-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-01-26]
ShortcutTarget: Twitch.lnk -> C:\Users\Brandon\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicyScripts: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D76F319-154A-4E13-BF71-E896E07447B3} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {27E04B6B-8CBC-480F-A360-D1AEDFCBDB60} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [584408 2013-09-09] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {42990C97-45A9-48DF-931E-C1A4E6E04550} - System32\Tasks\CorelUpdateHelperTask-884BC45790FDF6B638830C9F1ED215CC => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {4C0F55E9-2D7A-4FB7-AA9A-B500C253CF20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-03] (Google Inc -> Google Inc.)
Task: {5F202829-1F3B-4416-A402-079D88735994} - System32\Tasks\Touch Tools Launcher => C:\Program Files\Acer\Acer Touch Tools\TouchToolsLauncher.exe [237864 2013-08-24] (Acer Incorporated -> TODO: <Company name>)
Task: {658D8BD4-AF9E-45FB-A530-DD5E54082DD3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {6A23E752-E558-477A-A96A-2D2215C1B332} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [17737800 2013-07-27] (Acer Incorporated -> Acer Incorporated)
Task: {71C4564D-DCC7-46E0-A87B-CA466D3A881E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [283880 2013-09-12] (Acer Incorporated -> Acer Incorporated)
Task: {8AF2FB40-8B59-464F-949E-569183DE97A2} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {A7E8CB14-A617-4D50-8DBA-9C088F16D845} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-03] (Google Inc -> Google Inc.)
Task: {B2C7D0EB-BD1F-4D86-9C6B-5549F4EF0D81} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [40168 2013-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {B6600615-C8A9-4DF2-8038-696302B510F2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [1362432 2018-04-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C523E1A2-15AD-4A53-83F5-1B23C3001107} - System32\Tasks\{B434E1F3-FC8F-4636-9855-EA0D7FEEEB17} => C:\Windows\system32\pcalua.exe -a C:\Windows\System32\control.exe -d C:\Windows\SysWOW64 -c "C:\Windows\SysWOW64\sr2_cpl.cpl",
Task: {DABAAC0B-1046-4650-BDC3-78A60B93CD47} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {E4887126-9DBA-45E2-A12B-64F7E9FB43FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {F17B4C93-CB99-4567-B92A-18A981DEAD41} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{A2A1C2B1-BCAC-420C-82B4-3DF9A15A81AC}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{B70EDA39-35EB-4E7F-8E7A-2ECAC6F45200}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default [2021-01-20]
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico
CHR Extension: (Slides) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-07]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-03-10]
CHR Extension: (Docs) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07]
CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-08]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Sheets) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-29]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated -> Acer Incorporated)
R2 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2577640 2013-12-04] (Acer Incorporated -> Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security S.L -> Panda Security, S.L.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation -> EldoS Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2021-01-17] (Malwarebytes Inc -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [118136 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [91392 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337520 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [153176 2018-01-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206424 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-20 20:08 - 2021-01-20 20:10 - 002295808 _____ (Farbar) C:\Users\Brandon\Downloads\FRST64.exe
2021-01-19 17:30 - 2021-01-17 23:17 - 001128960 _____ (Disk Wipe) C:\Users\Brandon\Downloads\DiskWipe.exe
2021-01-17 18:28 - 2021-01-17 18:28 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-17 18:28 - 2017-05-22 05:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-12-24 15:36 - 2021-01-11 18:53 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\dvdcss
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-21 08:36 - 2014-01-15 02:44 - 000000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-01-20 20:27 - 2017-08-01 17:43 - 000022854 _____ C:\Users\Brandon\Downloads\FRST.txt
2021-01-20 20:27 - 2017-08-01 17:43 - 000000000 ____D C:\FRST
2021-01-20 20:14 - 2017-08-01 17:46 - 000049930 _____ C:\Users\Brandon\Downloads\Addition.txt
2021-01-20 20:11 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\Inf
2021-01-20 20:10 - 2017-08-07 21:11 - 000000000 ____D C:\Users\Brandon\Downloads\FRST-OlderVersion
2021-01-20 20:01 - 2018-12-13 21:33 - 000008192 ___SH C:\Users\Brandon\Documents\Thumbs.db
2021-01-19 17:59 - 2014-06-09 01:15 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1123904499-927742330-4291546209-1001
2021-01-19 17:33 - 2013-12-15 23:01 - 000863592 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-19 17:30 - 2016-12-03 13:41 - 000002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-19 17:30 - 2016-12-03 13:41 - 000002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-19 17:30 - 2016-12-03 13:41 - 000002167 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-17 18:28 - 2013-08-22 09:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-12 07:43 - 2019-07-28 19:44 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\vlc
2021-01-11 18:23 - 2015-11-09 12:03 - 000105984 ___SH C:\Users\Brandon\Desktop\Thumbs.db
2020-12-31 16:41 - 2014-10-10 13:01 - 000000000 ____D C:\Users\Brandon\Documents\Bluetooth Folder
==================== Files in the root of some directories ========
2019-07-28 19:37 - 2019-07-28 19:38 - 000014336 _____ () C:\Users\Brandon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-01-19 17:59
==================== End of FRST.txt ========================