Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cmd prompt shows up every few minutes only for 0.1sec


  • This topic is locked This topic is locked
8 replies to this topic

#1 ferdFrost

ferdFrost

  • Members
  • 4 posts
  • OFFLINE
  •  

Posted 10 February 2017 - 08:08 AM

My command prompt box keeps showing up every few minutes only for like 0.1sec. I've read articles on the net and found out that I'm possibly infected by malwares. I've downloaded loads of scanners but the cmdprompt is still showing up, some of the scanners found some harmful files i've downloaded unintentionally but the problem hasn't fixed, what should i do?

BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:25 AM

Posted 10 February 2017 - 10:46 AM

Greetings ferdFrost and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 ferdFrost

ferdFrost
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  

Posted 10 February 2017 - 10:03 PM

First of all I have to inform you that I've downloaded TDSKiller, Rkill, MBAM, Zemana anti-malware, HitmanPro and IObit anti-malware already

I've found some malicious stuffs and adwares when I scan my computer with them but my command prompt keeps showing up still

 

Here's the info that you need

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-02-2017
Ran by Asus (administrator) on ASUS-PC (11-02-2017 09:54:02)
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Asus\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\Pub\PubMonitor.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-13] (Logitech Inc.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [610048 2015-01-20] (Waves Audio Ltd.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-16] ()
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [14448 2014-01-29] (ASUS)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-05-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-08-12] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [500696 2013-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avp] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6004512 2017-01-11] (IObit)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-09-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Run: [GarenaPlus] => C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9136168 2016-12-22] ()
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Run: [Spotify Web Helper] => C:\Users\Asus\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-04] (Spotify Ltd)
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Run: [Spotify] => C:\Users\Asus\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-04] (Spotify Ltd)
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\RunOnce: [Adobe Speed Launcher] => 1486776580
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP DeskJet 1110 series.lnk [2017-02-11]
ShortcutTarget: Monitor Ink Alerts - HP DeskJet 1110 series.lnk -> C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
BootExecute: autocheck autochk * bootdelete
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{92B26AA5-BA57-4BFD-BAC8-932324D53FA5}: [DhcpNameServer] 118.136.64.4 202.73.99.2 61.247.0.133

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-29] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: uqn7px68.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uqn7px68.default [2017-02-11]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\uqn7px68.default -> Google
FF Extension: (Firefox Hotfix) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\uqn7px68.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-27] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-10-25] ( Garena)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-722159229-2816441631-4118450648-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-23] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-16] () [File not signed]
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-09-29] (Windows ® Win 7 DDK provider) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [741360 2013-11-27] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2017-01-04] ()
R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-30] (ASUSTek Computer Inc.) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395536 2016-12-22] (EasyAntiCheat Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-25] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-15] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1740576 2017-01-10] (IObit)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2015-01-07] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-12-16] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-01] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-11] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-29] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4226560 2014-10-17] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-11-22] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-09-29] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-05-15] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-10] (REALiX™)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-16] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-09-05] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [98400 2015-05-15] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\system32\DRIVERS\klfltdev.sys [30816 2013-07-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [665184 2015-05-15] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-07-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-02-27] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177760 2013-07-01] (Kaspersky Lab ZAO)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-05] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [110536 2017-02-11] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-02-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-11] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-12] (Windows ® Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-11] (Razer, Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-02-09] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-02-09] (Zemana Ltd.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
R3 gkernel; \??\C:\Users\Asus\AppData\Local\Temp\gkernel.sys [X] <==== ATTENTION
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-11 09:54 - 2017-02-11 09:54 - 00023497 _____ C:\Users\Asus\Downloads\FRST.txt
2017-02-11 09:53 - 2017-02-11 09:54 - 00000000 ____D C:\FRST
2017-02-11 09:53 - 2017-02-11 09:53 - 02421248 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2017-02-11 08:56 - 2017-02-11 08:56 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-02-11 08:56 - 2017-02-11 08:56 - 00000212 _____ C:\Windows\system32\bootdelete.lst
2017-02-10 17:42 - 2017-02-10 17:42 - 00002388 _____ C:\Windows\System32\Tasks\Uninstaller_Install_Asus
2017-02-10 17:42 - 2017-02-10 17:42 - 00002205 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2017-02-10 17:42 - 2017-02-10 17:42 - 00000290 _____ C:\Windows\Tasks\Uninstaller_Install_Asus.job
2017-02-10 17:42 - 2017-02-10 17:42 - 00000000 ____D C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E}
2017-02-10 17:42 - 2017-02-10 17:42 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-02-10 17:41 - 2017-02-10 17:41 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2017-02-10 17:41 - 2016-11-09 13:00 - 00036288 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2017-02-10 17:41 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-02-10 17:40 - 2017-02-10 17:40 - 00027552 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-02-10 17:40 - 2017-02-10 17:40 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Asus)
2017-02-10 17:39 - 2017-02-10 17:39 - 00000000 ____D C:\Users\Asus\AppData\Roaming\ProductData
2017-02-10 17:38 - 2017-02-10 17:45 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-10 17:38 - 2017-02-10 17:42 - 00000000 ____D C:\Users\Asus\AppData\LocalLow\IObit
2017-02-10 17:38 - 2017-02-10 17:38 - 00001191 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2017-02-10 17:38 - 2017-02-10 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-02-10 17:38 - 2017-02-10 17:38 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2017-02-10 17:37 - 2017-02-10 17:38 - 46510120 _____ (IObit ) C:\Users\Asus\Downloads\IObit-Malware-Fighter-Setup.exe
2017-02-09 16:42 - 2017-02-11 09:53 - 00167245 _____ C:\Windows\ZAM.krnl.trace
2017-02-09 16:42 - 2017-02-11 09:53 - 00132034 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-02-09 16:42 - 2017-02-09 16:42 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-02-09 16:42 - 2017-02-09 16:42 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-02-09 16:42 - 2017-02-09 16:42 - 00000000 ____D C:\Users\Asus\AppData\Local\Zemana
2017-02-09 16:41 - 2017-02-09 16:41 - 14449600 _____ (Copyright 2017.) C:\Users\Asus\Downloads\Zemana.AntiMalware.Portable.exe
2017-02-09 16:31 - 2017-02-09 16:31 - 00001907 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-02-09 16:31 - 2017-02-09 16:31 - 00000000 ____D C:\Program Files\HitmanPro
2017-02-09 16:29 - 2017-02-11 08:57 - 00000000 ____D C:\ProgramData\HitmanPro
2017-02-09 16:25 - 2017-02-09 16:27 - 11581544 _____ (SurfRight B.V.) C:\Users\Asus\Downloads\hitmanpro_x64.exe
2017-02-09 16:15 - 2017-02-09 20:46 - 00002456 _____ C:\Users\Asus\Desktop\Rkill.txt
2017-02-09 16:15 - 2017-02-09 16:15 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Asus\Downloads\rkill.com
2017-02-09 16:15 - 2017-02-09 16:15 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Asus\Downloads\rkill64.com
2017-02-09 16:04 - 2017-02-09 16:13 - 00492120 _____ C:\TDSSKiller.3.1.0.12_09.02.2017_16.04.12_log.txt
2017-02-09 16:02 - 2017-02-09 16:03 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Asus\Downloads\tdsskiller.exe
2017-02-05 14:15 - 2017-02-11 08:29 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-05 14:15 - 2017-02-11 08:29 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-05 14:15 - 2017-02-10 19:55 - 00091584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-05 14:15 - 2017-02-05 14:15 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-05 14:14 - 2017-02-11 08:29 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-05 14:14 - 2017-02-05 14:14 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-05 14:14 - 2017-02-05 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-05 14:14 - 2017-02-05 14:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-05 14:14 - 2017-02-05 14:14 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-05 14:14 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-02-05 14:12 - 2017-02-05 14:13 - 55566792 _____ (Malwarebytes ) C:\Users\Asus\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-05 07:22 - 2017-02-11 08:45 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2017-02-05 00:04 - 2017-02-05 00:04 - 00000000 _____ C:\Recovery.txt
2017-02-04 10:25 - 2017-02-04 10:25 - 00001520 _____ C:\Windows\Tasks\4544m58u33q2303.job
2017-02-04 08:37 - 2017-02-04 08:37 - 00140288 _____ C:\Users\Asus\AppData\Roaming\Installer.dat
2017-02-04 08:37 - 2017-02-04 08:37 - 00000000 ____D C:\Users\Public\Documents\Tools
2017-02-04 08:37 - 2017-02-04 08:37 - 00000000 ____D C:\Users\Public\Documents\Baidu
2017-02-04 08:37 - 2017-02-04 08:37 - 00000000 _____ C:\TOSTACK
2017-02-04 08:36 - 2017-02-10 17:44 - 00000000 ____D C:\ProgramData\ProductData
2017-02-04 08:36 - 2017-02-10 17:42 - 00000000 ____D C:\Users\Asus\AppData\Roaming\IObit
2017-02-04 08:36 - 2017-02-10 17:42 - 00000000 ____D C:\ProgramData\IObit
2017-02-04 08:36 - 2017-02-04 08:36 - 00000000 ____D C:\Windows\IObit
2017-02-04 08:36 - 2017-02-04 08:36 - 00000000 ____D C:\Users\Public\Documents\Guid
2017-02-04 08:35 - 2017-02-04 08:35 - 00000000 ____D C:\ProgramData\Avg
2017-02-04 08:34 - 2017-02-04 10:25 - 00000000 ____D C:\ProgramData\4544m58u33q2303
2017-02-04 08:34 - 2017-02-04 08:34 - 00000000 ____D C:\Users\Asus\AppData\Local\Driutain
2017-01-31 17:16 - 2017-01-31 17:16 - 06944768 _____ C:\Users\Asus\Downloads\Sistem Pencernaan.ppt
2017-01-30 19:14 - 2017-02-04 10:03 - 00000000 ___RD C:\Users\Asus\OneDrive
2017-01-29 18:52 - 2017-01-29 18:52 - 09136640 _____ C:\Users\Asus\Downloads\9. SEKOLAH WADAH PENGEMBANGAN POTENSI.ppt
2017-01-29 18:52 - 2017-01-29 18:52 - 05219840 _____ C:\Users\Asus\Downloads\8. KELUARGA PUSAT PENDIDIKAN , HOME SWEET HOME.ppt
2017-01-26 21:08 - 2017-02-11 08:29 - 00003476 _____ C:\Windows\System32\Tasks\Garena+ Plugin Host Service
2017-01-26 18:34 - 2017-01-26 18:34 - 04589203 _____ C:\Users\Asus\Downloads\esharp[1].pptx
2017-01-16 18:09 - 2017-01-16 18:09 - 00338108 _____ C:\Users\Asus\Downloads\Second Conditional.pptx
2017-01-15 18:39 - 2017-01-22 18:49 - 00000000 ____D C:\Users\Asus\AppData\Roaming\HpUpdate
2017-01-15 18:39 - 2017-01-15 18:39 - 00003582 _____ C:\Windows\System32\Tasks\HPCustParticipation HP DeskJet 1110 series
2017-01-15 18:39 - 2017-01-15 18:39 - 00002234 _____ C:\Users\Public\Desktop\HP DeskJet 1110 series.lnk
2017-01-15 18:39 - 2017-01-15 18:39 - 00002005 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2017-01-15 18:39 - 2017-01-15 18:39 - 00001181 _____ C:\Users\Public\Desktop\Shop for Supplies - HP DeskJet 1110 series.lnk
2017-01-15 18:39 - 2017-01-15 18:39 - 00000000 ____D C:\ProgramData\Visan
2017-01-15 18:39 - 2017-01-15 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-01-15 18:39 - 2017-01-15 18:39 - 00000000 ____D C:\ProgramData\HP Photo Creations
2017-01-15 18:39 - 2017-01-15 18:39 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2017-01-15 18:39 - 2017-01-15 18:39 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-01-15 18:37 - 2017-01-15 18:39 - 00000000 ____D C:\ProgramData\HP
2017-01-15 18:37 - 2017-01-15 18:39 - 00000000 ____D C:\Program Files (x86)\HP
2017-01-15 18:37 - 2017-01-15 18:37 - 00000000 ____D C:\Program Files\HP
2017-01-15 18:36 - 2017-01-15 18:36 - 00000057 _____ C:\ProgramData\Ament.ini
2017-01-14 16:17 - 2017-01-23 19:55 - 00000000 ____D C:\Users\Asus\BrawlhallaReplays
2017-01-14 16:11 - 2017-01-14 16:12 - 00000000 ____D C:\Users\Asus\AppData\Roaming\BrawlhallaAir
2017-01-14 16:00 - 2017-01-14 16:00 - 00000000 ____D C:\Users\Asus\AppData\Local\Gaijin
2017-01-14 16:00 - 2017-01-14 16:00 - 00000000 ____D C:\ProgramData\Gaijin
2017-01-14 15:58 - 2017-01-14 15:58 - 00000222 _____ C:\Users\Asus\Desktop\Brawlhalla.url
2017-01-12 20:58 - 2017-01-13 08:10 - 00127303 _____ C:\Users\Asus\Downloads\Presentasi Agama.pptx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-11 09:48 - 2016-11-18 20:12 - 00000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2017-02-11 09:42 - 2015-05-16 20:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-11 09:37 - 2015-05-14 11:08 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-722159229-2816441631-4118450648-1001
2017-02-11 09:32 - 2016-09-14 18:19 - 00000000 ____D C:\Users\Asus\AppData\Local\Spotify
2017-02-11 09:32 - 2015-05-16 18:37 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-11 09:12 - 2016-09-14 18:18 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Spotify
2017-02-11 09:01 - 2015-09-14 20:28 - 00004960 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-PC-Asus Asus-PC
2017-02-11 08:43 - 2013-08-22 20:36 - 00000000 ____D C:\Windows\Inf
2017-02-11 08:36 - 2015-05-14 11:13 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2709ED9F-558C-4367-852F-B29FCA4380E0}
2017-02-11 08:31 - 2015-05-14 11:03 - 00000000 ____D C:\Users\Asus
2017-02-11 08:30 - 2015-05-15 20:03 - 00000000 ____D C:\Users\Asus\Documents\YouCam
2017-02-11 08:29 - 2015-07-20 15:56 - 00001539 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2017-02-11 08:29 - 2015-05-15 19:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-11 08:29 - 2015-05-14 11:04 - 00000165 _____ C:\Users\Asus\AppData\Roaming\sp_data.sys
2017-02-11 08:28 - 2016-09-24 13:45 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-02-11 08:28 - 2013-08-22 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-10 17:36 - 2015-08-05 15:45 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-02-10 17:36 - 2015-08-05 15:45 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-02-10 10:08 - 2015-05-14 11:03 - 00000000 ____D C:\Users\Asus\AppData\Local\Packages
2017-02-09 17:19 - 2015-06-06 08:17 - 00000022 _____ C:\Windows\GPU-Z.INI
2017-02-06 16:06 - 2015-05-16 18:33 - 00000000 ____D C:\Users\Asus\AppData\Local\CrashDumps
2017-02-04 22:15 - 2013-08-22 20:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-04 10:24 - 2015-05-19 08:46 - 00000000 ___SD C:\Windows\system32\GWX
2017-02-04 10:24 - 2015-03-20 11:33 - 00000000 ____D C:\ProgramData\P4G
2017-02-04 10:24 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\WinMetadata
2017-02-04 10:22 - 2013-08-22 22:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-04 10:18 - 2015-05-24 08:20 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Skype
2017-02-04 10:18 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\registration
2017-01-30 19:23 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-28 17:01 - 2016-11-18 19:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 17:01 - 2015-05-15 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-15 18:39 - 2016-12-04 17:55 - 00000000 ____D C:\Users\Asus\AppData\Local\HP
2017-01-13 06:35 - 2014-03-18 16:53 - 00865068 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-06-30 10:56 - 2015-06-30 12:20 - 1191097640 _____ () C:\Program Files (x86)\PointBlank_GarenaPlus_Install_1004.exe
2016-11-02 16:43 - 2016-11-02 17:18 - 1524267527 _____ () C:\Program Files (x86)\PointBlank_GarenaPlus_Install_1093.0.dat
2016-11-02 17:18 - 2016-11-02 17:18 - 0127952 _____ () C:\Program Files (x86)\PointBlank_GarenaPlus_Install_1093.exe
2017-02-04 08:37 - 2017-02-04 08:37 - 0140288 _____ () C:\Users\Asus\AppData\Roaming\Installer.dat
2015-05-14 11:04 - 2017-02-11 08:29 - 0000165 _____ () C:\Users\Asus\AppData\Roaming\sp_data.sys
2017-01-15 18:36 - 2017-01-15 18:36 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-20 11:19 - 2015-03-20 11:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-03 17:36 - 2017-01-03 17:36 - 0000016 _____ () C:\ProgramData\mntemp
2014-12-03 23:56 - 2012-09-07 18:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-12-03 23:56 - 2009-07-22 17:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-12-03 23:56 - 2012-09-07 18:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
2015-07-15 10:41 - 2015-07-15 10:41 - 0000512 _____ () C:\Users\Asus\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
2015-06-30 12:26 - 2016-12-10 08:23 - 0000070 _____ () C:\Users\Asus\AppData\Local\Temp\c23e82c054ff08cc7ff3d989ab2133b9.dll
2015-06-30 12:26 - 2015-06-30 12:26 - 0000512 _____ () C:\Users\Asus\AppData\Local\Temp\c8eb790646128f34aa04a36111aca8cf.dll
2016-12-24 09:52 - 2016-10-10 09:59 - 0037376 _____ (Microsoft) C:\Users\Asus\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2016-12-24 09:52 - 2016-10-10 09:59 - 0020992 _____ (Microsoft) C:\Users\Asus\AppData\Local\Temp\HiRezLauncherControls.dll
2015-05-15 19:44 - 2012-10-01 17:22 - 0150648 ____R (Microsoft Corporation) C:\Users\Asus\AppData\Local\Temp\ose00000.exe
2015-07-04 07:36 - 2015-07-04 07:37 - 9240648 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1005.exe
2015-07-07 07:19 - 2015-07-07 07:22 - 42477720 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1006.exe
2015-07-07 09:02 - 2015-07-07 09:02 - 1972768 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1007.exe
2015-07-14 16:38 - 2015-07-14 16:42 - 43022368 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1008_1.exe
2016-11-02 17:22 - 2016-11-02 17:22 - 0095848 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1094.exe
2016-11-08 18:49 - 2016-11-08 18:49 - 0097672 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1095.exe
2016-11-08 18:49 - 2016-11-08 18:49 - 0095256 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1096.exe
2016-11-15 16:38 - 2016-11-15 16:38 - 0095968 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1097.exe
2016-11-22 16:06 - 2016-11-22 16:06 - 0095912 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1098.exe
2016-11-22 16:06 - 2016-11-22 16:06 - 0095928 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1099_1.exe
2016-11-29 12:09 - 2016-11-29 12:09 - 0095456 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1100.exe
2016-12-06 11:54 - 2016-12-06 11:54 - 0097656 _____ () C:\Users\Asus\AppData\Local\Temp\PointBlank_GarenaPlus_Patch_1101.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-11 09:37

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-02-2017
Ran by Asus (11-02-2017 09:54:39)
Running from C:\Users\Asus\Downloads
Windows 8.1 Single Language (Update) (X64) (2015-05-14 04:03:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-722159229-2816441631-4118450648-500 - Administrator - Disabled)
Asus (S-1-5-21-722159229-2816441631-4118450648-1001 - Administrator - Enabled) => C:\Users\Asus
Guest (S-1-5-21-722159229-2816441631-4118450648-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Endpoint Security 10 for Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Kaspersky Endpoint Security 10 for Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Endpoint Security 10 for Windows (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.3.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.10 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4105 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2326.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Garena - PointBlank ID (HKLM-x32\...\PBID) (Version:  - Garena Online Pte Ltd.)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.8.3 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HP DeskJet 1110 series Basic Device Software (HKLM\...\{87DEBE9C-FD90-4E36-8AD8-608F871B9BD9}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
HP DeskJet 1110 series Help (HKLM-x32\...\{9477806C-4CDB-4878-8B9D-800933878781}) (Version: 35.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.5 - IObit)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kamus 2.04 (HKLM-x32\...\Kamus2) (Version: 2.04 - Ebta Setiawan)
Kaspersky Endpoint Security 10 for Windows (HKLM\...\{04CF7FBD-E56C-446D-8FC9-DD444BDBEE8E}) (Version: 10.2.1.23 - Kaspersky Lab)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (Version: 1.6.5073.106 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 Mini Repack (HKLM\...\NMMS11) (Version:  - )
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)
Product Improvement Study for HP DeskJet 1110 series (HKLM\...\{C91FFDC7-9A7E-48E6-A170-1AC11E7A95D4}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.332 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Unity Web Player (HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 6.0.0.39) (HKLM\...\51B9B97722559D76D6429B83B71A86106A35BFCE) (Version: 07/02/2014 6.0.0.39 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BC3FB0-01CD-4585-8752-A60047901452} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-06] (ASUS)
Task: {2101A677-4F37-43B5-A9DC-D91AA0C99708} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {221A1390-C8E1-4DCC-965F-13D29156CD0C} - System32\Tasks\Driver Booster SkipUAC (Asus) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {24248C31-0D20-4AF1-A6D0-E860D00DAEAC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-03] (ASUSTek Computer Inc.)
Task: {243ECB96-35D9-401E-B704-97CF9464A247} - System32\Tasks\Uninstaller_Install_Asus => C:\Program Files (x86)\IObit\Advanced SystemCare\IObitUninstaller.exe
Task: {3CB583DE-EEF6-40CB-9738-6D2D0512B86C} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-04] (Realtek Semiconductor)
Task: {43E457BA-6420-4374-A10E-1B02FEE73758} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {452082E8-C37C-4F1D-AD79-7504F29A302C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-15] ()
Task: {53C027E4-704B-4E0D-8B70-78A51C11CAE0} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {5FE7AEA1-7194-42E9-B9AA-DADB10101183} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2016-10-20] ()
Task: {6D6C7CCE-FC9F-4208-99EF-8C98C0E32D3C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {7749731B-F1BF-4016-9013-23A81DFC389E} - System32\Tasks\ASUS GPUTweak => C:\Program Files\ASUS\ASUS GPU Tweak\GPUTweak.exe
Task: {78A8B967-818A-4517-AA76-DF7E8666AF29} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {7F2A2AD0-71D1-4267-90BA-2860745980A8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-12] (ASUSTek Computer Inc.)
Task: {87BDC8B1-EA02-4173-88C8-8085EF0F19A1} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B315F62D-EB46-4374-A7CE-43A7827FF5D8} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-12] (ASUSTek Computer Inc.)
Task: {B8A54AC4-A2A3-40A1-9D8D-57FB52CF2B44} - System32\Tasks\HPCustParticipation HP DeskJet 1110 series => C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPCustPartic.exe [2015-04-09] (Hewlett-Packard Development Company, LP)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => sc.execonfig upnphost start= auto
Task: {D50B8634-B234-4188-B728-7EB2AE5C0145} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-12] ()
Task: {E24FFB84-584A-42DB-9E84-D5AA253710C7} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-11-22] (AsusTek)
Task: {ECB81854-9DF7-41AD-9B2F-DC0467B444AB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-PC-Asus Asus-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {EF936F4C-C039-4B51-BA26-D8DC45CAF531} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F1FB56D6-FD6B-4791-A9CC-4B1A2ABD3436} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-12] (ASUS)
Task: {FFCB13A8-AA96-4C79-8FB3-6BF4256393D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\4544m58u33q2303.job => rundll32.exe  C:\ProgramData\4544m58u33q2303\4544m58u33q2303.dll <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Uninstaller_Install_Asus.job => C:\Program Files (x86)\IObit\Advanced SystemCare\IObitUninstaller.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 11:14 - 2014-12-24 17:38 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-16 20:24 - 2012-01-16 20:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-07-30 09:18 - 2016-06-15 03:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-03-11 01:20 - 2015-03-11 01:20 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-02-05 14:14 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-05 14:14 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2012-10-01 20:34 - 2012-10-01 20:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-12 07:08 - 2014-02-12 07:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-12 07:08 - 2014-02-12 07:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2016-10-20 15:57 - 2016-10-20 15:57 - 00175096 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe
2016-07-30 09:18 - 2016-06-15 03:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-30 09:18 - 2016-06-15 03:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-01-22 15:52 - 2014-12-15 12:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2014-09-29 12:22 - 2014-09-29 12:22 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-09-29 12:18 - 2014-09-29 12:18 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-09-18 14:23 - 2014-09-18 14:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-13 01:23 - 2015-03-13 01:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 14:23 - 2014-09-18 14:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-13 01:23 - 2015-03-13 01:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-09-29 12:26 - 2014-09-29 12:26 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-20 11:32 - 2013-05-16 04:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2017-02-10 17:38 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2013-11-27 21:21 - 2013-11-27 21:21 - 01309888 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\kpcengine.2.2.dll
2014-11-06 02:44 - 2014-11-06 02:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-06 02:44 - 2014-11-06 02:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-20 15:57 - 2016-10-20 15:57 - 03436536 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll
2015-05-29 09:11 - 2016-06-15 03:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-14 11:09 - 2013-08-05 14:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-05-06 10:11 - 2014-05-06 10:11 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-05-15 22:04 - 2013-12-10 14:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-05-15 22:04 - 2013-12-10 14:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2015-05-15 22:05 - 2014-08-12 17:36 - 00867080 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-05-15 22:04 - 2013-12-10 14:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2015-05-15 22:04 - 2013-12-10 14:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2017-02-10 17:38 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2017-02-10 17:38 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2017-02-10 17:38 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2017-02-10 17:38 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2015-01-07 05:40 - 2015-01-07 05:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 20:25 - 2013-08-22 20:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722159229-2816441631-4118450648-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\Pictures\Archangel-Warrior-Wallpaper.jpg
DNS Servers: 118.136.64.4 - 202.73.99.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-722159229-2816441631-4118450648-1001\...\StartupApproved\Run: => "GarenaPlus"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{A91FCD71-505B-44CA-A6AF-397B6980695D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{713842DF-6A35-4909-AA1A-D5085156F93B}] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{226F0D6D-7732-4EDD-9BFA-E77A93555521}] => C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{0BF9D995-0D80-4568-A8FB-F925891CCA63}] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{79C0FA96-6BEC-4C08-A1F2-1616CDF98BBC}] => C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{C4059014-A9F3-4DDE-9FCB-F5F53EB92B39}] => C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{DC6CBFD8-83EF-4A56-9FD5-F3237B86F595}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E4E5456F-4053-46E3-8678-50924802489B}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{04F1348C-F921-4963-B3E2-C5973A418A78}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{11C99F35-372C-4E9B-9E4B-DC9439BCE5FA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8EEBE337-287F-4100-B161-BB238966A3FC}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{20001921-2619-486D-BD00-399DC4A0DC34}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{AFF450FD-6659-4763-A23E-9499DC7C28BC}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A9B684DE-D898-4354-8503-C02DAB005300}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BB665879-586B-458E-8302-5C5CA685694B}] => C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C213435C-31E6-4F02-9125-3FA183C7E368}] => C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F2FC3EF5-70AE-460C-87E7-998AACF6AA51}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D862DDCB-6845-44BB-A0AA-E05635177411}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D372FCFE-362E-4467-B4EE-06D8536BA727}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6AD3D1F3-2ED0-4ECF-AEF5-139CE45647B3}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4E0A7CF4-E15D-41A3-8A94-D3A67030AD84}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC329074-545C-476D-BAA5-C8B1C35AE2E7}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6D0B34E-BEE3-437B-BC3B-111D006B3D93}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C18C0FB5-F926-4C5F-8DAA-D406B206D102}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8DB46FB-1D8F-4876-8913-FB97018B0A16}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2FC9FA24-88D0-4CC9-8AE6-2796B7237B0A}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{410A37EE-49E4-4168-964E-EB0955CE8440}] => C:\Program Files (x86)\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE
FirewallRules: [{89339B98-C3FD-44DE-A872-093E9F47FD83}] => C:\Program Files (x86)\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE
FirewallRules: [{BD99DD85-1BE7-4F5C-BAE2-CB2E8C2111B3}] => C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{2AAF62C8-D3BA-4887-A9AE-C7085DCE0526}] => C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{DF8C6FB9-00F7-4535-9B6A-ACA2A4750AA7}] => C:\Users\Asus\Downloads\pbidInstaller.exe
FirewallRules: [{22909F7B-C2AB-4AA8-9F65-A95E2D498AB5}] => C:\Users\Asus\Downloads\pbidInstaller.exe
FirewallRules: [{A3204F0C-CF62-431D-8548-FA5CF5342424}] => C:\Program Files (x86)\Garena Plus\ggdllhost.exe
FirewallRules: [{54F5D69A-2F2B-4844-88DF-C6BBF36A6911}] => C:\Program Files (x86)\GarenaPBID\gamedata\Apps\PBID\PointBlank.exe
FirewallRules: [{DB0EAC53-4C0B-419E-B6C7-B152DBDE8806}] => C:\Program Files (x86)\GarenaPBID\gamedata\Apps\PBID\PointBlank.exe
FirewallRules: [{2AB5DBBC-D631-477D-903D-F2BC8D5B7E69}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0D90E0B8-ACA1-40A1-8829-C101100988F9}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E2248188-1A55-42B7-8B86-4D34F667659D}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6FEC1716-FAAC-44B0-91FD-F1813BB25FDE}] => C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DDDF264A-F96E-4B5E-B8DC-7CFD9D9B9435}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DCE12B45-9F0E-47B0-B4B3-8B7C3BB499CB}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DB26113E-8DEF-4563-86B5-4595776686C9}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{A5760AF7-D901-4516-8B6B-0B05DA503631}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{DDBCD737-EDE8-4685-B515-6724F28D87BD}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{77496864-72FB-4096-B55C-DFD975BAFBB5}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{076FBC31-B0C2-4D26-B862-CB29E2785872}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3387EE04-D2C0-473A-B7D6-F2CD89E0CA69}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3AAD73D4-C363-47EA-AA91-68A4C664EC48}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CE557D87-37AB-471F-BE0F-A66D25200D25}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{33FB3E97-9963-4EE1-8612-8E402FA4DDB4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{21BCA550-97E3-4930-B27C-481426A9BF49}C:\users\asus\appdata\roaming\spotify\spotify.exe] => C:\users\asus\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C44DC28D-583C-4252-9712-96389814838B}C:\users\asus\appdata\roaming\spotify\spotify.exe] => C:\users\asus\appdata\roaming\spotify\spotify.exe
FirewallRules: [{42F6917F-853F-4D46-BEEA-D0E7B11F7160}] => C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{2A26ACDF-A7C2-4AD6-85C8-A22EDEB2C442}] => C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{7F15C926-B802-48BD-8A73-F50BFF7BD24A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{DEAA47C1-178F-4025-9DEB-9AD97BC98D77}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{E49BBF0C-7751-4E5D-A97B-A290315FB3CE}C:\program files (x86)\garena plus\garenamessenger.exe] => C:\program files (x86)\garena plus\garenamessenger.exe
FirewallRules: [UDP Query User{1A250FDC-8EFE-432C-862E-9D3A0296E02E}C:\program files (x86)\garena plus\garenamessenger.exe] => C:\program files (x86)\garena plus\garenamessenger.exe
FirewallRules: [TCP Query User{FC1C74A0-CB1E-4834-8FCF-32E722F90B6A}C:\users\asus\downloads\pbidinstaller(1).exe] => C:\users\asus\downloads\pbidinstaller(1).exe
FirewallRules: [UDP Query User{1285BAD0-A445-469E-B9CA-4A45E9802744}C:\users\asus\downloads\pbidinstaller(1).exe] => C:\users\asus\downloads\pbidinstaller(1).exe
FirewallRules: [TCP Query User{6C2ED9B4-31D5-4404-AB09-F57C9A44EF58}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{13DBB0C9-E4B9-45D6-8772-BA9B928D2120}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{3CB36899-5022-4D5B-8215-7BD74E49F33B}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{07DF2903-0757-43DA-80E5-E52EAE9E449F}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5C4DC3F7-1488-4FB3-B2BD-8A7BDB9E36E8}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{1D61C843-AC8D-4427-8530-2B4AD0CF6C09}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{3CFFA57A-67C6-4D0D-AC6A-6B480FD6A2DC}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{08452E2B-6FB7-4239-AC89-6DC61B8E5F3E}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{C08C8517-575D-4EE7-9A34-E4B6E1376AE4}] => C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{774515C5-1766-40EE-AD8D-1EF1AFD0076B}] => C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{EA8C0569-88C6-42DB-B8F7-7C417F8836EF}] => C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3C96BA30-D295-4CC4-AF92-BE6682E312D6}] => C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{6F13134B-2E14-40BC-8FEB-A0F6B4E8B055}] => C:\Program Files\HP\HP DeskJet 1110 series\Bin\USBSetup.exe
FirewallRules: [{0E1749EC-5BB1-4C35-8692-2D2430B4F628}] => C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4B0B5429-0A67-4997-99A5-9D679DF12C02}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{D9C76FFA-EC46-40FD-AF59-7F28EDD483AF}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{29298709-AD31-4CE6-9B64-0BBED53BC14F}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{4DBE00B6-47FA-434A-9EFB-9E4E8067201E}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe

==================== Restore Points =========================

22-01-2017 16:06:34 Scheduled Checkpoint
30-01-2017 17:50:11 Scheduled Checkpoint
04-02-2017 10:15:13 Restore Operation
11-02-2017 08:55:25 Checkpoint by HitmanPro

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2017 08:55:25 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2c45a472-7afb-4f09-abe4-a7bd7ad8900f}

Error: (02/10/2017 07:55:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process id: 0x171c
Faulting application start time: 0x01d2839ce553c812
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Report Id: 2677e6f8-ef90-11e6-84b3-086266e2ef6f
Faulting package full name:
Faulting package-relative application ID:

Error: (02/10/2017 07:37:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process id: 0x1528
Faulting application start time: 0x01d2839a74a9a6b3
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Report Id: b41f50c1-ef8d-11e6-84b2-086266e2ef6f
Faulting package full name:
Faulting package-relative application ID:

Error: (02/10/2017 05:42:46 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Notifications for the volume C:\ are not active.

Context: Windows Application

Details:
    The volume change journal is being deleted.  (HRESULT : 0x8007049a) (0x8007049a)

Error: (02/10/2017 10:07:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process id: 0x1504
Faulting application start time: 0x01d2834aceab88b8
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Report Id: 0fd5d2ec-ef3e-11e6-84af-086266e2ef6f
Faulting package full name:
Faulting package-relative application ID:

Error: (02/10/2017 06:58:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 784: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (02/10/2017 06:58:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (02/10/2017 06:58:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 548: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (02/10/2017 06:58:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (02/06/2017 04:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreshPaint.exe, version: 2.0.15133.1, time stamp: 0x568eb2f4
Faulting module name: nvwgf2um.dll, version: 9.18.13.4505, time stamp: 0x549a7caa
Exception code: 0xc00000fd
Fault offset: 0x004705fc
Faulting process id: 0x22a0
Faulting application start time: 0x01d280584345c8a7
Faulting application path: C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe\FreshPaint.exe
Faulting module path: C:\Windows\SYSTEM32\nvwgf2um.dll
Report Id: 9ac622bd-ec4b-11e6-84a9-086266e2ef6f
Faulting package full name: Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.FreshPaint


System errors:
=============
Error: (02/11/2017 09:44:12 AM) (Source: DCOM) (EventID: 10010) (User: Asus-PC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (02/11/2017 09:43:42 AM) (Source: DCOM) (EventID: 10010) (User: Asus-PC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (02/11/2017 09:38:23 AM) (Source: DCOM) (EventID: 10010) (User: Asus-PC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (02/11/2017 09:37:53 AM) (Source: DCOM) (EventID: 10010) (User: Asus-PC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (02/10/2017 07:36:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

Error: (02/10/2017 07:35:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
The service has not been started.

Error: (02/10/2017 07:35:40 PM) (Source: DCOM) (EventID: 10010) (User: Asus-PC)
Description: The server {7160A13D-73DA-4CEA-95B9-37356478588A} did not register with DCOM within the required timeout.

Error: (02/10/2017 07:28:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service.

Error: (02/10/2017 07:28:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

Error: (02/10/2017 05:45:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SMService service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2015-05-15 19:57:33.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-15 19:57:33.607
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 34%
Total physical RAM: 8081.02 MB
Available physical RAM: 5314.14 MB
Total Virtual: 8593.02 MB
Available Virtual: 5461.66 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:202.84 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:519.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4D258F69)

Partition: GPT.

==================== End of Addition.txt ============================

 

Thanks for the help, Garry

and feel free to call me Ferdinand

Attached Files



#4 ferdFrost

ferdFrost
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  

Posted 10 February 2017 - 10:05 PM

by the way i downloaded those stuffs before i came to this forum. i found some articles in the net that suggested me to download all of those stuff



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:25 AM

Posted 11 February 2017 - 09:13 AM

Greetings Ferdinand and welcome.

Unfortunately there is evidence of illegal software on your computer. The presence of such software compromises our efforts to clean your computer. I am going to request you completely uninstall Microsoft Office Professional Plus 2013 and any other products for which you do not have a valid Product Key, including all "cracked" software. If you are willing to do that please rerun a FRST scan and copy/paste both reports in your reply. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you decide to remove the program(s) please run this after removal.

===================================================

CKScanner

--------------------

  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

  • CKScanner report
  • FRST report
  • Addition report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 ferdFrost

ferdFrost
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  

Posted 11 February 2017 - 09:56 AM

I didn't even know that my Ms.Office is a cracked version, and can you please tell me what other apps that are cracked? So i can remove them first, thanks

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:25 AM

Posted 11 February 2017 - 11:25 AM

Do you have a valid Product Key for Office?

 

The CKScanner program will tell us if there are any other untrustworthy programs.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:25 AM

Posted 15 February 2017 - 01:23 PM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,136 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:25 AM

Posted 17 February 2017 - 11:58 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users