Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05-2021 01
Ran by 91709 (08-05-2021 21:03:54) Run:3
Running from C:\Users\91709\Downloads
Loaded Profiles: 91709 & postgres
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\91709\AppData\Local\Kingsoft\WPS Office\11.2.0.9327\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\91709\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\91709\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ContextMenuHandlers1_S-1-5-21-2768028787-2044878470-836221256-1001: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\91709\AppData\Local\Kingsoft\WPS Office\11.2.0.9327\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-2768028787-2044878470-836221256-1001: [          kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\91709\AppData\Local\Kingsoft\WPS Office\11.2.0.9327\office6\kwpsmenushellext64.dll -> No File
SearchScopes: HKU\S-1-5-21-2768028787-2044878470-836221256-1001 -> DefaultScope {90037DE7-7B1B-44CD-964C-1B7D550DD7E0} URL = 
SearchScopes: HKU\S-1-5-21-2768028787-2044878470-836221256-1001 -> {90037DE7-7B1B-44CD-964C-1B7D550DD7E0} URL = 
FirewallRules: [UDP Query User{4C02F474-76C9-455B-883B-CC7C6823D754}D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe => No File
FirewallRules: [TCP Query User{B3F3443F-F068-460E-939D-3BD90C14A859}D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe => No File
FirewallRules: [{1704D8E8-A361-4216-A923-288D3D05CAD0}] => (Allow) D:\GTA\GTA V\7launcher\tools\aria2\aria2c.exe => No File
FirewallRules: [{A11E34F2-52BB-4CE9-B5C7-273D227436B7}] => (Allow) D:\GTA\GTA V\7launcher\tools\aria2\aria2c.exe => No File
FirewallRules: [{5BD48D88-4CE2-4E99-B83E-0BB4A82362E2}] => (Allow) D:\GTA\GTA V\Run_GTAV.exe => No File
FirewallRules: [{83CB345C-1423-423C-BE8F-586AC35C8F58}] => (Allow) D:\GTA\GTA V\Run_GTAV.exe => No File
FirewallRules: [{586BD10B-6EC7-447E-873F-1F57CF83D230}] => (Allow) D:\GTA\GTA V\GTA5.exe => No File
FirewallRules: [{0780DF22-F952-4278-A10E-43F94F61C21C}] => (Allow) D:\GTA\GTA V\GTA5.exe => No File
FirewallRules: [TCP Query User{8BA95E40-CCAC-4BD5-B160-BD6BA2CEA2A6}D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe => No File
FirewallRules: [UDP Query User{BCC16BE9-F6CE-4B89-B822-DC30036A0E86}D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe] => (Allow) D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2021-05-08]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
Task: {B3C9C90C-EE12-4B8C-9A3F-4429C344FBC1} - System32\Tasks\Microsoft\Office\Osktpapi => rundll32 C:\ProgramData\MenuGoogle\ZWka0t_Wjeamip.dll,Sfstem_Workflow_Runessp
C:\ProgramData\MenuGoogle
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-04-30] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [531896 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385464 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107448 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2021-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522168 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [91576 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1019832 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82360 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2021-03-19] (McAfee, Inc. -> McAfee, LLC)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
S3 MpKsldeb9ed07; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{404DBFAF-60E2-471F-8CA2-6D9BABB33351}\MpKslDrv.sys [X]
C:\ProgramData\Xnqfxq
C:\Program Files\McAfee\
C:\Program Files\Common Files\McAfee
C:\WINDOWS\System32\drivers\mfeaack.sys 
C:\WINDOWS\System32\drivers\mfeavfk.sys
C:\WINDOWS\System32\DRIVERS\mfedisk.sys 
C:\WINDOWS\System32\drivers\mfeelamk.sys 
C:\WINDOWS\System32\drivers\mfefirek.sys 
C:\WINDOWS\System32\drivers\mfehck.sys 
C:\WINDOWS\System32\drivers\mfehidk.sys 
C:\WINDOWS\system32\DRIVERS\mfenlfk.sys 
C:\WINDOWS\System32\drivers\mfeplk.sys 
C:\WINDOWS\System32\drivers\mfewfpk.sys
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\nlansp_c.dll [83456 2021-04-25] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 C:\Windows\system32\nlansp_c.dll [126976 2021-04-25] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
cmd: netsh winsock reset
RemoveProxy:
EmptyTemp:

*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B} => not found
HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => not found
HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => not found
HKU\S-1-5-21-2768028787-2044878470-836221256-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13} => not found
HKU\S-1-5-21-2768028787-2044878470-836221256-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\          kwpsshellext => not found
HKU\S-1-5-21-2768028787-2044878470-836221256-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\          kwpsshellext => not found
"HKU\S-1-5-21-2768028787-2044878470-836221256-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-2768028787-2044878470-836221256-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{90037DE7-7B1B-44CD-964C-1B7D550DD7E0} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4C02F474-76C9-455B-883B-CC7C6823D754}D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B3F3443F-F068-460E-939D-3BD90C14A859}D:\vinaycelluloid\adobe after effects 2020\support files\afterfx.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1704D8E8-A361-4216-A923-288D3D05CAD0}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A11E34F2-52BB-4CE9-B5C7-273D227436B7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BD48D88-4CE2-4E99-B83E-0BB4A82362E2}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{83CB345C-1423-423C-BE8F-586AC35C8F58}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{586BD10B-6EC7-447E-873F-1F57CF83D230}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0780DF22-F952-4278-A10E-43F94F61C21C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8BA95E40-CCAC-4BD5-B160-BD6BA2CEA2A6}D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BCC16BE9-F6CE-4B89-B822-DC30036A0E86}D:\vinaycelluloid\adobe after effects 2021\support files\afterfx.exe" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk" => not found
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3C9C90C-EE12-4B8C-9A3F-4429C344FBC1}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Office\Osktpapi" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Osktpapi" => not found
"C:\ProgramData\MenuGoogle" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
McAfee WebAdvisor => service not found.
HKLM\System\CurrentControlSet\Services\mfefire => could not remove, key could be protected
mfemms => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfemms => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfevtp => could not remove, key could be protected
mfeaack => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfeaack => could not remove, key could be protected
mfeavfk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfeavfk => could not remove, key could be protected
mfedisk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfedisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeelamk => could not remove, key could be protected
mfefirek => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfefirek => could not remove, key could be protected
mfehck => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfehck => could not remove, key could be protected
mfehidk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfehidk => could not remove, key could be protected
mfenlfk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfenlfk => could not remove, key could be protected
mfeplk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfeplk => could not remove, key could be protected
mfewfpk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfewfpk => could not remove, key could be protected
"HKLM\System\CurrentControlSet\Services\DBUtilDrv2" => removed successfully
DBUtilDrv2 => service removed successfully
MpKsldeb9ed07 => service not found.
"C:\ProgramData\Xnqfxq" => not found
"C:\Program Files\McAfee" => not found

"C:\Program Files\Common Files\McAfee" folder move:

Could not move "C:\Program Files\Common Files\McAfee" => Scheduled to move on reboot.

Could not move "C:\WINDOWS\System32\drivers\mfeaack.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfeavfk.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\DRIVERS\mfedisk.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfeelamk.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfefirek.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfehck.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfehidk.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\system32\DRIVERS\mfenlfk.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfeplk.sys" => Scheduled to move on reboot.
Could not move "C:\WINDOWS\System32\drivers\mfewfpk.sys" => Scheduled to move on reboot.
Winsock: Catalog5 000000000007\\LibraryPath => restored successfully (%SystemRoot%\system32\NLAapi.dll)
Winsock: Catalog5-x64 000000000007\\LibraryPath => restored successfully (%SystemRoot%\system32\NLAapi.dll)

========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2768028787-2044878470-836221256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2768028787-2044878470-836221256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 14180352 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11643612 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 119320 B
Edge => 0 B
Chrome => 11551680 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1712 B
91709 => 4647475 B
postgres => 4647475 B

RecycleBin => 0 B
EmptyTemp: => 44.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-05-2021 21:06:36)

C:\Program Files\Common Files\McAfee => Could not move
C:\WINDOWS\System32\drivers\mfeaack.sys => Could not move
C:\WINDOWS\System32\drivers\mfeavfk.sys => Could not move
C:\WINDOWS\System32\DRIVERS\mfedisk.sys => Could not move
C:\WINDOWS\System32\drivers\mfeelamk.sys => Could not move
C:\WINDOWS\System32\drivers\mfefirek.sys => Could not move
C:\WINDOWS\System32\drivers\mfehck.sys => Could not move
C:\WINDOWS\System32\drivers\mfehidk.sys => Could not move
C:\WINDOWS\system32\DRIVERS\mfenlfk.sys => Could not move
C:\WINDOWS\System32\drivers\mfeplk.sys => Could not move
C:\WINDOWS\System32\drivers\mfewfpk.sys => Could not move

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\mfefire => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfemms => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfevtp => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeaack => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeavfk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfedisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeelamk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfefirek => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfehck => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfehidk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfenlfk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeplk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfewfpk => could not remove, key could be protected

==== End of Fixlog 21:06:42 ====