(A.V.M. SOFTWARE, INC. -> AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
(Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe
HKU\S-1-5-21-3878838876-3164344232-606169047-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11219376 2020-12-08] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-3878838876-3164344232-606169047-1001\...\Run: [Paltalk] => C:\Program Files (x86)\Paltalk\Paltalk.exe [27189688 2020-09-15] (A.V.M. SOFTWARE, INC. -> AVM Software)
HKU\S-1-5-21-3878838876-3164344232-606169047-1001\...\Run: [PaltalkLauncher] => C:\Program Files (x86)\Paltalk\PaltalkLauncher.exe [771512 2020-09-15] (A.V.M. SOFTWARE, INC. -> AVM Software)
FILE: C:\Program Files\Windows Sidebar\sidebar.exe 
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk [2020-12-08]
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] [File is in use]
Task: {DC3B4102-0FF6-49B5-93AD-C90D392908E9} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [1635512 2013-03-25] (Bitberry Software -> Bitberry Software) <==== ATTENTION
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2020-12-08] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1337784 2020-09-15] (A.V.M. SOFTWARE, INC. -> AVM Software)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
2020-12-15 09:15 - 2020-12-15 09:15 - 000000000 ____D C:\Users\Acer\AppData\Roaming\TeamViewer
2020-12-15 09:11 - 2020-12-15 09:33 - 000000000 ____D C:\Users\Acer\AppData\Roaming\AnyDesk
2020-12-11 19:34 - 2020-12-11 19:35 - 000000000 ____D C:\Users\Acer\AppData\Local\FreeFileViewer
2020-12-08 23:13 - 2020-12-08 23:16 - 000000000 ____D C:\Users\Acer\AppData\Roaming\FreeFileViewer
2020-12-08 21:49 - 2020-12-14 20:02 - 000000000 ____D C:\ProgramData\Paltalk Update
2020-12-08 21:49 - 2020-12-08 21:51 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk
2020-12-08 21:49 - 2020-12-08 21:49 - 000001060 _____ C:\Users\Acer\Desktop\Paltalk.lnk
2020-12-08 21:49 - 2020-12-08 21:49 - 000000000 ____D C:\Users\Acer\AppData\Roaming\A.V.M
2020-12-08 21:49 - 2020-12-08 21:49 - 000000000 ____D C:\Users\Acer\AppData\Local\Paltalk
2020-12-08 21:49 - 2020-12-08 21:49 - 000000000 ____D C:\Users\Acer\AppData\Local\A.V.M
2020-12-08 21:49 - 2020-12-08 21:49 - 000000000 ____D C:\Program Files (x86)\Paltalk
2020-12-08 20:14 - 2020-12-08 20:14 - 000000000 ____D C:\Users\Acer\AppData\Roaming\SUPERAntiSpyware.com
2020-12-08 20:12 - 2020-12-14 09:14 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-12-08 20:12 - 2020-12-08 20:12 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-12-08 20:12 - 2020-12-08 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-12-08 18:55 - 2020-12-08 23:11 - 000000400 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2020-12-08 18:55 - 2020-12-08 18:55 - 000003164 _____ C:\Windows\system32\Tasks\FreeFileViewerUpdateChecker
2020-12-08 18:55 - 2020-12-08 18:55 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\FreeFileViewer.lnk
2020-12-08 18:55 - 2020-12-08 18:55 - 000001148 _____ C:\Users\Acer\Desktop\FreeFileViewer.lnk
2020-12-08 18:55 - 2020-12-08 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
2020-12-08 18:55 - 2020-12-08 18:55 - 000000000 ____D C:\Program Files (x86)\FreeFileViewer
2020-12-08 18:45 - 2020-12-08 18:49 - 000000000 ____D C:\Users\Acer\AppData\Local\Sidebar7
2020-12-08 18:44 - 2020-12-08 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2020-12-08 18:07 - 2020-09-20 15:38 - 089009584 _____ (AVM Software, Inc.) C:\Users\Acer\Downloads\PaltalkSetup.exe
2020-12-08 18:07 - 2016-02-06 21:05 - 024642208 _____ (SUPERAntiSpyware) C:\Users\Acer\Downloads\SUPERAntiSpyware.exe
2020-12-08 18:07 - 2016-02-06 01:15 - 000602112 _____ (OldTimer Tools) C:\Users\Acer\Downloads\OTL.exe
2020-12-08 18:44 - 2019-12-07 04:14 - 000000000 ___SD C:\Program Files\Windows Sidebar
2020-12-08 18:44 - 2019-12-07 04:14 - 000000000 ___SD C:\Program Files (x86)\Windows Sidebar
CustomCLSID: HKU\S-1-5-21-3878838876-3164344232-606169047-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll (AddGadgets IT -> )
CustomCLSID: HKU\S-1-5-21-3878838876-3164344232-606169047-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
Shortcut: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk\Remove settings.lnk -> C:\Program Files (x86)\Paltalk\ng_clean_settings.bat (No File)
2020-12-08 18:44 - 2013-07-20 22:45 - 000056320 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
HKU\S-1-5-21-3878838876-3164344232-606169047-1001\...\StartupApproved\Run: => "Paltalk"
HKU\S-1-5-21-3878838876-3164344232-606169047-1001\...\StartupApproved\Run: => "PaltalkLauncher"
FirewallRules: [TCP Query User{3D364531-7BDD-4379-82AC-C8FB6B8F8211}C:\program files (x86)\paltalk\qtwebengineprocess.exe] => (Block) C:\program files (x86)\paltalk\qtwebengineprocess.exe (The Qt Company Oy -> )
FirewallRules: [UDP Query User{562F02A7-F708-4C66-8058-C99B6B71BAC0}C:\program files (x86)\paltalk\qtwebengineprocess.exe] => (Block) C:\program files (x86)\paltalk\qtwebengineprocess.exe (The Qt Company Oy -> )
FirewallRules: [TCP Query User{947966D1-2D61-4DE0-90A3-ED0E9EAA0264}C:\users\acer\downloads\anydesk.exe] => (Allow) C:\users\acer\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{53D9CF2A-2D12-4A2F-A27D-9C008111AEFA}C:\users\acer\downloads\anydesk.exe] => (Allow) C:\users\acer\downloads\anydesk.exe => No File
FirewallRules: [{29F5CEB3-6478-4875-844C-A7F6251051CD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{42237FB2-845A-479B-BFD6-9B6B47B9E741}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{41ED1713-3777-47E1-ABE5-900CDDD9B9AD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{FB854711-00B7-49ED-903F-C8FA3ED6340F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{CD558D1D-163E-4C56-B01B-456A6E14BA9E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{93910515-2E87-4FB5-AE1F-47873CA841A7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot: