Inactive Checkup

Status
Not open for further replies.

jcorvin

Posts: 61   +0
Been awhile, checking on my laptop to see if its ok:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2021
Ran by Brandon (administrator) on ACERI5 (Acer Aspire V5-561P) (20-01-2021 20:27:13)
Running from C:\Users\Brandon\Downloads
Loaded Profiles: Brandon
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Panda Security URL Filtering] => "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2020-01-29] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f <==== ATTENTION
HKLM\...\Windows x64\Print Processors\Canon MG3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3100 series: C:\Windows\System32\CNMLMAR.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.96\Installer\chrmstp.exe [2021-01-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\System32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\System32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-02-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-01-26]
ShortcutTarget: Twitch.lnk -> C:\Users\Brandon\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
GroupPolicyScripts: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D76F319-154A-4E13-BF71-E896E07447B3} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {27E04B6B-8CBC-480F-A360-D1AEDFCBDB60} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [584408 2013-09-09] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {42990C97-45A9-48DF-931E-C1A4E6E04550} - System32\Tasks\CorelUpdateHelperTask-884BC45790FDF6B638830C9F1ED215CC => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {4C0F55E9-2D7A-4FB7-AA9A-B500C253CF20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-03] (Google Inc -> Google Inc.)
Task: {5F202829-1F3B-4416-A402-079D88735994} - System32\Tasks\Touch Tools Launcher => C:\Program Files\Acer\Acer Touch Tools\TouchToolsLauncher.exe [237864 2013-08-24] (Acer Incorporated -> TODO: <Company name>)
Task: {658D8BD4-AF9E-45FB-A530-DD5E54082DD3} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {6A23E752-E558-477A-A96A-2D2215C1B332} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [17737800 2013-07-27] (Acer Incorporated -> Acer Incorporated)
Task: {71C4564D-DCC7-46E0-A87B-CA466D3A881E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [283880 2013-09-12] (Acer Incorporated -> Acer Incorporated)
Task: {8AF2FB40-8B59-464F-949E-569183DE97A2} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {A7E8CB14-A617-4D50-8DBA-9C088F16D845} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-03] (Google Inc -> Google Inc.)
Task: {B2C7D0EB-BD1F-4D86-9C6B-5549F4EF0D81} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [40168 2013-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {B6600615-C8A9-4DF2-8038-696302B510F2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [1362432 2018-04-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C523E1A2-15AD-4A53-83F5-1B23C3001107} - System32\Tasks\{B434E1F3-FC8F-4636-9855-EA0D7FEEEB17} => C:\Windows\system32\pcalua.exe -a C:\Windows\System32\control.exe -d C:\Windows\SysWOW64 -c "C:\Windows\SysWOW64\sr2_cpl.cpl",
Task: {DABAAC0B-1046-4650-BDC3-78A60B93CD47} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {E4887126-9DBA-45E2-A12B-64F7E9FB43FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {F17B4C93-CB99-4567-B92A-18A981DEAD41} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288 2013-08-02] (Acer Incorporated -> Acer Incorporate)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{A2A1C2B1-BCAC-420C-82B4-3DF9A15A81AC}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{B70EDA39-35EB-4E7F-8E7A-2ECAC6F45200}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default [2021-01-20]
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico
CHR Extension: (Slides) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-07]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-03-10]
CHR Extension: (Docs) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07]
CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-08]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-03]
CHR Extension: (Sheets) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-29]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-08]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated -> Acer Incorporated)
R2 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2577640 2013-12-04] (Acer Incorporated -> Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-30] (Malwarebytes Inc -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security S.L -> Panda Security, S.L.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation -> EldoS Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2021-01-17] (Malwarebytes Inc -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [118136 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [91392 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337520 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-11-03] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [153176 2018-01-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206424 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-20 20:08 - 2021-01-20 20:10 - 002295808 _____ (Farbar) C:\Users\Brandon\Downloads\FRST64.exe
2021-01-19 17:30 - 2021-01-17 23:17 - 001128960 _____ (Disk Wipe) C:\Users\Brandon\Downloads\DiskWipe.exe
2021-01-17 18:28 - 2021-01-17 18:28 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-17 18:28 - 2017-05-22 05:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-12-24 15:36 - 2021-01-11 18:53 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\dvdcss

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-21 08:36 - 2014-01-15 02:44 - 000000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-01-20 20:27 - 2017-08-01 17:43 - 000022854 _____ C:\Users\Brandon\Downloads\FRST.txt
2021-01-20 20:27 - 2017-08-01 17:43 - 000000000 ____D C:\FRST
2021-01-20 20:14 - 2017-08-01 17:46 - 000049930 _____ C:\Users\Brandon\Downloads\Addition.txt
2021-01-20 20:11 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\Inf
2021-01-20 20:10 - 2017-08-07 21:11 - 000000000 ____D C:\Users\Brandon\Downloads\FRST-OlderVersion
2021-01-20 20:01 - 2018-12-13 21:33 - 000008192 ___SH C:\Users\Brandon\Documents\Thumbs.db
2021-01-19 17:59 - 2014-06-09 01:15 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1123904499-927742330-4291546209-1001
2021-01-19 17:33 - 2013-12-15 23:01 - 000863592 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-19 17:30 - 2016-12-03 13:41 - 000002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-19 17:30 - 2016-12-03 13:41 - 000002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-19 17:30 - 2016-12-03 13:41 - 000002167 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-17 18:28 - 2013-08-22 09:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-12 07:43 - 2019-07-28 19:44 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\vlc
2021-01-11 18:23 - 2015-11-09 12:03 - 000105984 ___SH C:\Users\Brandon\Desktop\Thumbs.db
2020-12-31 16:41 - 2014-10-10 13:01 - 000000000 ____D C:\Users\Brandon\Documents\Bluetooth Folder

==================== Files in the root of some directories ========

2019-07-28 19:37 - 2019-07-28 19:38 - 000014336 _____ () C:\Users\Brandon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-01-19 17:59
==================== End of FRST.txt ========================
 

jcorvin

Posts: 61   +0
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by Brandon (20-01-2021 20:28:02)
Running from C:\Users\Brandon\Downloads
Windows 8.1 (Update) (X64) (2014-06-09 06:09:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1123904499-927742330-4291546209-500 - Administrator - Disabled)
Brandon (S-1-5-21-1123904499-927742330-4291546209-1001 - Administrator - Enabled) => C:\Users\Brandon
Guest (S-1-5-21-1123904499-927742330-4291546209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1123904499-927742330-4291546209-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Power Management (HKLM\...\{E438A632-CADC-49E4-9492-C9F50F9AE37F}) (Version: 7.01.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8101 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Acer Screen Grasp (HKLM-x32\...\{84443E5D-0767-438B-B1C8-6A52FAB2101B}) (Version: 1.01.3006 - Acer Incorporated)
Acer Touch Tools (HKLM\...\{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Version: 1.00.3014 - Acer Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7D606B87-0AEB-4C27-ABCE-1138EE09777B}) (Version: 13.0.0.41 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris FX Continuum Plug-ins 11 for Corel VideoStudio 2018 (HKLM\...\{4ECCA8FB-F015-4546-BBDD-86F01A6EA710}_is1) (Version: - Boris FX, Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Contents64 (HKLM\...\{6E4E6A71-CE25-4DCE-8C81-E0934234B035}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Contents64 (HKLM\...\{C2D307EA-96F8-4F6E-880E-E244779D8477}) (Version: 19.1.0.10 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{2C033F91-236B-4C29-854D-5CC0F67FE7DA}) (Version: 2.13.594 - Corel corporation) Hidden
Corel VideoStudio Ultimate 2018 (HKLM-x32\...\_{BF97DEDE-1D94-4E94-826A-344D85B45DD1}) (Version: 21.4.0.165 - Corel Corporation)
Corel VideoStudio X9 (HKLM-x32\...\_{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.10 - Corel Corporation)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.96 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Graffiti x64 Corel VideoStudio 2018 (HKLM\...\{BC3DA515-5476-44BA-A064-1E241EBED92E}) (Version: 7.0.1004 - Boris FX, Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
ICA (HKLM-x32\...\{BF97DEDE-1D94-4E94-826A-344D85B45DD1}) (Version: 21.0.0.68 - Corel Corporation) Hidden
ICA (HKLM-x32\...\{EE80DAA0-0071-475C-A222-F1782888FC55}) (Version: 19.1.0.10 - Corel Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
iExplorer 3.8.8.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
IPM_VS_Pro64 (HKLM\...\{1BD7EE90-7C52-4142-B4DD-55C4F28F9EE7}) (Version: 19.0 - Corel Corporation) Hidden
IPM_VS_Pro64 (HKLM\...\{BB43C25C-CC43-447B-B258-9DAA3E9A1002}) (Version: 21.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{49F48AA2-DEA7-453A-8735-9C862E7C8467}) (Version: 12.10.4.2 - Apple Inc.)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
LibreOffice 4.2.4.2 (HKLM-x32\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Midnight Outlaw Illegal Street Drag (HKLM-x32\...\{A7947E1A-5793-4504-A2B3-5974D2A69927}) (Version: - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
MyDVD Content Pack 2 (HKLM-x32\...\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}) (Version: 1.00.0000 - Corel Corporation)
NewBlue Titler Pro 5 for Corel (HKLM-x32\...\NewBlue Titler Pro 5 for Corel) (Version: 1.0.181026 - NewBlue)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.14.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.6.0 - Panda Security)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.1 - proDAD GmbH) Hidden
proDAD Mercalli 2.0 (64bit) (HKLM\...\proDAD-Mercalli-2.0) (Version: 2.0.127 - proDAD GmbH) Hidden
proDAD Route 4.0 (64bit) (HKLM\...\proDAD-HeroglyphRoute-4.0) (Version: 4.0.257.1 - proDAD GmbH) Hidden
proDAD Script 4.0 (64bit) (HKLM\...\proDAD-HeroglyphScript-4.0) (Version: 4.0.257.1 - proDAD GmbH) Hidden
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.244 - proDAD GmbH) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.11 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
RogueKiller version 13.0.17.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.17.0 - Adlice Software)
SEGA RALLY 2 (HKLM-x32\...\SEGA RALLY 2) (Version: - )
Setup (HKLM-x32\...\{73DEC847-B519-427C-BAAA-9034445703B6}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Setup (HKLM-x32\...\{F8B95E3C-40A0-49CE-B5F9-3861F238B9FF}) (Version: 19.1.0.10 - Corel Corporation) Hidden
Share64 (HKLM\...\{A61EEC3A-E37C-49A5-BE61-7AEE04F1A15D}) (Version: 19.1.0.10 - Corel Corporation) Hidden
Share64 (HKLM\...\{E233030D-601B-46F5-A797-771DEEDDBEE3}) (Version: 21.0.0.68 - Corel Corporation) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
Twitch (HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VideoStudio 3D Title Editor (HKLM\...\{7A42BE28-5371-429F-A25C-95E1AB46F20D}) (Version: 1.0.7.109 - Corel Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
VSClassic64 (HKLM\...\{8592E7A8-CA1A-4E55-B2DD-E7A4895807B7}) (Version: 21.0.0.68 - Corel Corporation) Hidden
VSClassic64 (HKLM\...\{99B95309-4793-43D9-8F1C-EC086FC74CB5}) (Version: 19.1.0.10 - Corel Corporation) Hidden
VSPro64 (HKLM\...\{2287D9D6-98FC-4985-B27F-771BBD702B7F}) (Version: 19.1.0.10 - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{DAB1A9B0-B93C-4EC2-B626-D57478981107}) (Version: 21.0.0.68 - Corel Corporation) Hidden
WingMan Software (HKLM-x32\...\{435673AB-6821-416D-806A-E477DFA60A42}) (Version: 4.20 - Logitech)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24125}) (Version: 24.0.13650 - Corel Corporation)

Packages:
=========
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2016-06-28] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2016-06-28] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2016-06-28] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2016-06-28] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2016-06-28] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2016-06-28] (Microsoft Platform Extensions Internal)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation -> EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects: Virtual Storage Mount Notification -> {5FF49FE8-B332-4CB9-B102-FB6951629E55} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {5FF49FE8-B332-4CB9-B102-FB6951629E55} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation -> EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.dvacm_vspX11] => c:\Program Files\Corel\Corel VideoStudio 2018\DVACM.acm [23552 2018-01-04] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\System32\prodad-codec.dll [607256 2013-08-17] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [msacm.dvacm_vspx9] => c:\Program Files\Corel\Corel VideoStudio X9\DVACM.acm [23552 2016-02-03] (Corel TW Corp.) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\Public\Desktop\PRIVATE WiFi.lnk -> C:\Program Files\PRIVATE WiFi\StartURL.exe () -> hxxp://www.privatewifi.com/partner/clicks.php?pid=928649&bid=76&campaign=default
ShortcutWithArgument: C:\Users\Public\Desktop\VideoStudio X9 Training.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudioX9

==================== Loaded Modules (Whitelisted) =============

2013-09-25 06:04 - 2013-09-25 06:04 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-25 06:01 - 2013-09-25 06:01 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-25 06:09 - 2013-09-25 06:09 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
2013-09-25 06:09 - 2013-09-25 06:09 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
2013-09-25 06:09 - 2013-09-25 06:09 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
2013-09-25 06:09 - 2013-09-25 06:09 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.DLL
2013-09-25 06:09 - 2013-09-25 06:09 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
2013-09-25 06:09 - 2013-09-25 06:09 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2013-09-25 06:10 - 2013-09-25 06:10 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2013-09-25 06:10 - 2013-09-25 06:10 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutlookLib.dll
2013-09-25 06:10 - 2013-09-25 06:10 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2013-09-25 06:10 - 2013-09-25 06:10 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
2013-09-25 06:02 - 2013-09-25 06:02 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
2013-09-25 06:03 - 2013-09-25 06:03 - 000209920 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2013-09-25 06:02 - 2013-09-25 06:02 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2013-09-25 06:02 - 2013-09-25 06:02 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2013-09-25 05:59 - 2013-09-25 05:59 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
2013-09-25 06:02 - 2013-09-25 06:02 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2013-09-25 06:02 - 2013-09-25 06:02 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2013-09-25 06:03 - 2013-09-25 06:03 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2013-09-25 06:04 - 2013-09-25 06:04 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2013-09-25 06:03 - 2013-09-25 06:03 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2013-09-25 06:03 - 2013-09-25 06:03 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll
2013-08-27 16:57 - 2013-08-27 16:57 - 001199104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\iCLS Client\libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1123904499-927742330-4291546209-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1123904499-927742330-4291546209-1001 -> {64AF5761-D3F9-4C3F-8C9B-6823DDB6C274} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Acer\Remote Files\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\RogueKiller;
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Brandon\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1123904499-927742330-4291546209-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D116C8D9-CEA0-4829-9242-AABD4CE085D3}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe => No File
FirewallRules: [{4A0B499D-F187-45B2-839D-FF7BAE526144}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe => No File
FirewallRules: [{33DBC11E-1EDA-4B28-8DEC-F7C47EBF6B1D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{7FF4C6E9-D498-4BDE-8C33-506BA01401DD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{F3DFB9BE-7569-4628-BD9E-0C415FBE97EE}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{4235766D-287D-4845-84D0-5A0A764DBC2D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{FC35BC78-A7E9-4865-876C-94CEAF5DF2A1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{A1D0511A-C3A0-4C6F-9C25-49B44C8E14F9}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{1BCA69BD-DC44-4676-BA9E-57F5605A2C79}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe => No File
FirewallRules: [{AF908593-69B2-4CB7-B07A-CCEB2A144EB0}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe => No File
FirewallRules: [{35C30AC2-CCEB-4970-B764-35C75DDA2288}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe => No File
FirewallRules: [{627338D1-2649-444D-8C7A-32869D7B83EC}] => (Allow) C:\Program Files\Soluto\SolutoService.exe => No File
FirewallRules: [{276DE69E-2A2B-4138-AD9C-642EA1D08431}] => (Allow) C:\Program Files\Soluto\Soluto.exe => No File
FirewallRules: [{32F08CA8-466C-43C2-866B-5C123E8F6DAB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{37719F36-4097-458D-99E6-BE5195B46CCC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{E00D346C-22D3-445A-A21C-CEC93A8C45B2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{B5A11760-FC49-481F-8BEB-93D9147B63FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{A18B220A-D2A6-4F0D-A69F-37FCBB242030}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{06616D13-90E1-4EA5-B232-A5E8C65166A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6B442212-B6AA-4B66-86AA-8D4AD27D94BD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{25F179AD-BB48-4F3D-A49C-9E88B5E7CAAC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9BBADF6F-9599-4F81-A779-3BC11F63FA2B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{E5C40BF0-F999-4B81-8DF1-EB5ABD50C946}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{E9669AD5-939B-4104-AE36-B6E7CBA109E1}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{4AE990DF-FEFF-476C-AE13-AD6C1850B60D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{888C7E47-2EE5-4CB7-B7A5-AAB4FB12F15D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{DCC47D20-9951-46CC-A1D5-E1152CDF010E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{EA44727C-C103-4CB9-A2DF-606C241AC97B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{65CD2C3C-1E00-4523-BEFE-5D9DDD780AD7}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1B330949-3645-4802-968F-FF4D2F150C77}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{99280DA9-581B-40AC-A3A5-093A469C4AA2}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{042A9EE1-25DA-4146-A08F-9A0334669F19}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{2C035EA4-5959-4FB3-A1A9-C0FB614136CD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{0FC3D221-73A6-44E3-BF83-ADA962E8109B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{70897726-89A3-436C-9FDB-C788545F9400}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{BA4F413E-3A38-497A-973B-610A810224A5}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{CD2DEFCE-B70D-4F9F-8D3F-142409778BB8}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{FF5829EA-C0EF-4A38-8F93-B43FA680FB49}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{8523DB26-BB1A-4CA6-986E-DE982276A011}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{0ED46883-4A3C-4AED-B9C5-D334CF5C033C}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{8FC9C821-FC52-4F79-AB2F-EDBBE30D01D9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe (Acer Incorporated -> Acer Incorporated)
FirewallRules: [{0630B701-594C-4B70-A815-C9BCFF5382AD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{50E38946-51B9-4058-84D9-378650D0D3C9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{C9D99022-2963-4095-9FA1-792E75610CC9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{179A0428-E367-4A58-A2FB-5465A25947F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53F527F4-E22F-454F-948E-CD44D6E5C590}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A3C3E7B-DE23-4898-8F5F-11BCA368664D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{27BA62EC-F8CB-4C27-A3E6-68E1BF866D80}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe => No File
FirewallRules: [UDP Query User{8A986E2F-C525-495D-908F-279F9E2D8BB9}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DB71F892-A98E-4DEF-89AE-D7ADD3B7BDFE}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe => No File
FirewallRules: [UDP Query User{079FC1A9-D0BD-4234-AF94-25EB7C4DB27B}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe => No File
FirewallRules: [TCP Query User{384665DC-28E3-4C68-8EB4-0D591D4AD7CF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File
FirewallRules: [UDP Query User{C60374D2-62A4-4FA0-8565-F2ABBBD12C07}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe => No File
FirewallRules: [TCP Query User{AB9BA782-255D-4FBC-B883-D94B0F4218B7}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D7D480A2-0E78-4EE4-A068-A3B6A212EBB2}C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_111\bin\javaw.exe => No File
FirewallRules: [TCP Query User{665EDC6C-0694-4384-BB2F-880DB4E06250}C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0773F5B0-A0CD-43A4-898B-2A976C1195E8}C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{31A4391E-9276-4148-8247-48CC391ECB7A}C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CB85A58C-A829-42EC-8AD8-5A70546D0EE8}C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\brandon\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A2F6D61A-9FB1-49CF-A4DF-0E6B400694EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7A78EC2B-24D3-4C15-A87D-0519E9F7D148}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{20439B9D-511E-4BB3-A00A-9BAFC2C70764}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5FA78B8B-670E-4548-AB44-48CCCDF02286}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{46293F42-58D5-448A-9EF3-E3F018A40185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [{14E17732-CE4F-424E-98EF-DD653BDA6B54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Flipper\HouseFlipper.exe () [File not signed]
FirewallRules: [TCP Query User{1D4F5E8D-2D71-40EC-AC09-0C1357F78ECB}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{04FBE5EF-E617-4955-B0D6-432727C8855A}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{77B8A2AD-B976-45B9-ADE3-87523E324717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C715B3C6-35CE-42DB-8F6C-43339DC70EEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{6068C51A-AB6B-47DB-B79A-7E54ACFE95F3}C:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{2BBF7D85-58B8-4C69-BF1B-00484B6D26E6}C:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\golf it!\golfit\binaries\win64\golfit-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8E59D990-EA55-469A-9E03-06E4CE9F007C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17A1DCDD-85FC-44C1-9AC7-5DB8F90EDB80}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{098A7EB3-7C40-4DB1-9951-F9AB7D031AF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-12-2020 18:51:18 Scheduled Checkpoint
07-01-2021 08:25:40 Scheduled Checkpoint
19-01-2021 18:08:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/31/2020 04:40:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wmplayer.exe version 12.0.9600.19145 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a40

Start Time: 01d6dfb79a3d8712

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Report Id: c5e77415-4bb0-11eb-82b8-485ab64fafcc

Faulting package full name:

Faulting package-relative application ID:

Error: (12/29/2020 09:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1062

Error: (12/29/2020 09:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1062

Error: (12/29/2020 09:46:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2020 02:57:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3281

Error: (12/28/2020 02:57:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3281

Error: (12/28/2020 02:57:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2020 02:57:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2203


System errors:
=============
Error: (01/20/2021 04:11:15 AM) (Source: DCOM) (EventID: 10010) (User: AcerI5)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/20/2021 04:10:44 AM) (Source: DCOM) (EventID: 10010) (User: AcerI5)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/19/2021 06:00:15 PM) (Source: DCOM) (EventID: 10010) (User: AcerI5)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/19/2021 05:59:45 PM) (Source: DCOM) (EventID: 10010) (User: AcerI5)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/12/2021 07:42:50 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.

Error: (01/12/2021 07:42:49 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.

Error: (01/12/2021 07:42:49 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.

Error: (01/11/2021 06:23:11 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.


Windows Defender:
===================================
Date: 2018-08-22 16:34:08.038
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {B6AF5ED0-DA06-4FE1-A12D-B69B564F0E34}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-11-10 16:39:31.750
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {0A6A445A-4CDB-4CBA-B89B-F2DFAE9A0092}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-11-05 19:39:36.994
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {42D50FC2-500C-47C4-A4A5-C31311FE53A9}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-09-06 17:09:31.736
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {95915AA9-E586-4861-B0D9-27757DFE4785}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2015-10-11 15:23:27.823
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {C4C63FE2-7240-45B7-8F2E-CC800CCB0516}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-30 00:45:43.411
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Signature version: 1.271.366.0;1.271.366.0
Engine version: 1.1.15000.2

Date: 2018-09-30 00:45:39.233
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Signature version: 1.273.1626.0;1.273.1626.0
Engine version: 1.1.15100.1

Date: 2018-07-01 19:40:38.947
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80090305
Error description: The requested security package does not exist

Date: 2018-07-01 19:40:38.931
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.271.193.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15000.2
Error code: 0x80090305
Error description: The requested security package does not exist

Date: 2018-07-01 19:40:38.931
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.271.193.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15000.2
Error code: 0x80090305
Error description: The requested security package does not exist

==================== Memory info ===========================

BIOS: Insyde Corp. V2.13 11/21/2013
Motherboard: Acer VA50_HW
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 37%
Total physical RAM: 6024.27 MB
Available physical RAM: 3752.89 MB
Total Virtual: 15024.27 MB
Available Virtual: 12366.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.69 GB) (Free:733.23 GB) NTFS

\\?\Volume{f05ae939-2ea8-428d-b958-66941be0411b}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.15 GB) NTFS
\\?\Volume{f9251c30-deff-4b06-a6fa-e0059da38435}\ (Push Button Reset) (Fixed) (Total:16.01 GB) (Free:1.51 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E4B6584)

Partition: GPT.

==================== End of Addition.txt =======================
 

Broni

Posts: 55,719   +501
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
Status
Not open for further replies.