TechSpot

Possible virus remains after formatting and rescue disk execution

By Sander
Aug 9, 2015
  1. Hello and thanks for your help in advance,

    A few days ago, I got difficulties with: streaming videos, chrome would randomly download files and in general I could not download any virus removal tools. When downloading a virus removal tool, Chrome would give the following error message: Failed - Network error. Videos would stream sometimes but in general videos would stutter a lot or would not load at all.

    After this I executed my virus scanner(McAfee) and found several trojans present in my system. I tried to remove the virusses with my virus scanner however it was not succesfull and the problems described above remained. Ran the Kaspersky Rescue disk afterwards, found several trojans remaining. However the problems still persisted and decided to execute factory reset and format the entire system. I formatted the entire laptop without any internet connected, just to be sure.

    Started the system a new, installed a new virus scanner(Kaspersky) by CD, no internet used. Ran a scan of the system and no threats remained. After this I went on the internet(no internet was connected before this), downloaded Chrome and as a test I tried to download Malware bytes with Chrome. Bad luck: still have the error: Failed - Network error.

    I was wondering if there still is some virus remaining(stealth rootkit maybe?). I ran the Far Bar recovery scan tool and the results I will paste below. FYI: I have an ASUS ROG G751JY-T7234H, which runs windows 8.1.

    Sorry for the long story, hope the context helps to solve the problem.

    TL;DR: Chrome network errors persist after full system format, rescue disk and new virus scanner.
     
  2. Sander

    Sander TS Rookie Topic Starter

    The Far Bar recovery scan output:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-08-2015 01
    Ran by Sander (administrator) on BAKBEEST (09-08-2015 22:27:35)
    Running from C:\Users\Sander\Desktop
    Loaded Profiles: Sander (Available Profiles: Sander)
    Platform: Windows 8.1 (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
    (ASUSTeK) C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
    () C:\Windows\SysWOW64\UMonit64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP15.0.2\Temp\temporaryFolder\updates\bin\kav15\15.0.2.361_kis_b\avp.exe.2346_2553_4126.removeOnNextReboot
    (Kaspersky Lab ZAO) C:\ProgramData\Kaspersky Lab\AVP15.0.2\Temp\temporaryFolder\updates\bin\kav15\15.0.2.361_kis_b\avpui.exe.2346_2553_4126.removeOnNextReboot
    (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\Camera\Camera.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3246920 2014-10-15] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
    HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
    HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
    HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2980810981-1312304709-3873871237-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
    HKU\S-1-5-21-2980810981-1312304709-3873871237-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
    Tcpip\Parameters: [DhcpNameServer] 192.87.36.36 192.87.106.106
    Tcpip\..\Interfaces\{24E7AF51-5ACB-4CB1-BAFD-464808851648}: [DhcpNameServer] 192.87.36.36 192.87.106.106

    FireFox:
    ========
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
    FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-08-09] ()
    FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-08-09] ()
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-13] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-13] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-09] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
    FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
    FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-08-09]
    FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
    FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-08-09]

    Chrome:
    =======
    CHR Profile: C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-09]
    CHR Extension: (Google Docs) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-09]
    CHR Extension: (Google Drive) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-09]
    CHR Extension: (YouTube) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-09]
    CHR Extension: (Google Search) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-09]
    CHR Extension: (Kaspersky Protection) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-08-09]
    CHR Extension: (Google Sheets) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-09]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-09]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-09]
    CHR Extension: (Gmail) - C:\Users\Sander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-09]
    CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
    CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
    R2 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [345912 2014-08-29] (ASUSTeK)
    R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [194000 2015-08-09] (Kaspersky Lab ZAO)
    R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-10-01] (ELAN Microelectronics Corp.)
    R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
    R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-05-09] (Intel Corporation)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
    S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-05-13] (Intel Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-10-29] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-10-29] (Microsoft Corporation)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
    R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
    R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
    R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-08-09] (Kaspersky Lab UK Ltd)
    U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)
    R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel Corporation)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-08-09] (Kaspersky Lab ZAO)
    R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-08-09] (Kaspersky Lab ZAO)
    S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
    R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-08-09] (Kaspersky Lab ZAO)
    R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-08-09] (Kaspersky Lab ZAO)
    R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831664 2015-08-09] (Kaspersky Lab ZAO)
    R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-08-09] (Kaspersky Lab ZAO)
    S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-08-09] (Kaspersky Lab ZAO)
    S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-08-09] (Kaspersky Lab ZAO)
    R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [24944 2015-08-09] (Kaspersky Lab ZAO)
    R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-08-09] (Kaspersky Lab ZAO)
    R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-08-09] (Kaspersky Lab ZAO)
    R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-08-09] (Kaspersky Lab ZAO)
    S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-08-09] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
    R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
    S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
    R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [48336 2014-03-27] (Titan ARC Corp.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
    R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2014-10-13] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-10-29] (Microsoft Corporation)
    R4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
    S3 MFE_RR; \??\C:\Users\Sander\AppData\Local\Temp\mfe_rr.sys [X]
    U0 msahci; system32\drivers\msahci.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-09 22:27 - 2015-08-09 22:27 - 00020246 _____ C:\Users\Sander\Desktop\FRST.txt
    2015-08-09 22:27 - 2015-08-09 22:27 - 00000000 ____D C:\FRST
    2015-08-09 22:06 - 2015-08-09 22:06 - 02169856 _____ (Farbar) C:\Users\Sander\Desktop\FRST64.exe
    2015-08-09 21:57 - 2015-08-09 22:15 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
    2015-08-09 21:32 - 2015-08-09 21:33 - 03800100 _____ (Malwarebytes Corporation ) C:\Users\Sander\Downloads\mbam-setup-2.1.8.1057.exe.7xaiqw2.partial
    2015-08-09 21:31 - 2015-08-09 21:31 - 00002281 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-08-09 21:31 - 2015-08-09 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-08-09 21:30 - 2015-08-09 21:47 - 00000000 _____ C:\Recovery.txt
    2015-08-09 21:29 - 2015-08-09 21:34 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-08-09 21:29 - 2015-08-09 21:34 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-08-09 21:29 - 2015-08-09 21:31 - 00000000 ____D C:\Users\Sander\AppData\Local\Google
    2015-08-09 21:29 - 2015-08-09 21:31 - 00000000 ____D C:\Program Files (x86)\Google
    2015-08-09 21:29 - 2015-08-09 21:29 - 00003888 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-08-09 21:29 - 2015-08-09 21:29 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-08-09 21:29 - 2015-08-09 21:29 - 00000000 ____D C:\Users\Sander\AppData\Local\Deployment
    2015-08-09 21:29 - 2015-08-09 21:29 - 00000000 ____D C:\Users\Sander\AppData\Local\Apps\2.0
    2015-08-09 21:27 - 2015-08-09 21:27 - 00000000 __SHD C:\Users\Sander\AppData\Local\EmieUserList
    2015-08-09 21:27 - 2015-08-09 21:27 - 00000000 __SHD C:\Users\Sander\AppData\Local\EmieSiteList
    2015-08-09 21:20 - 2015-08-09 21:20 - 00001142 _____ C:\Users\Sander\Desktop\Welcome to ASUS Product Registration.lnk
    2015-08-09 21:05 - 2015-08-09 21:05 - 00002109 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
    2015-08-09 21:05 - 2015-08-09 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
    2015-08-09 21:05 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
    2015-08-09 21:04 - 2015-08-09 21:33 - 00000000 ____D C:\ProgramData\Kaspersky Lab
    2015-08-09 21:04 - 2015-08-09 21:09 - 00831664 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
    2015-08-09 21:04 - 2015-08-09 21:09 - 00159960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
    2015-08-09 21:04 - 2015-08-09 21:04 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
    2015-08-09 20:16 - 2015-08-09 21:01 - 00000093 _____ C:\Users\Sander\AppData\Roaming\sp_data.sys
    2015-08-09 19:51 - 2015-08-09 13:52 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Sander\Desktop\adla.exe
    2015-08-09 19:51 - 2015-08-09 11:45 - 00783640 _____ (McAfee, Inc.) C:\Users\Sander\Desktop\lksajdla.exe
    2015-08-09 15:38 - 2015-08-09 14:12 - 01797896 _____ (Malwarebytes Corporation) C:\Users\Sander\Desktop\6_lskmdlsad.exe
    2015-08-09 15:36 - 2015-08-09 19:36 - 00000000 ____D C:\AdwCleaner
    2015-08-09 15:36 - 2015-08-09 14:12 - 02248704 _____ C:\Users\Sander\Desktop\5_aksmdlaskd.exe
    2015-08-09 15:23 - 2015-08-09 19:40 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2015-08-09 15:23 - 2015-08-09 19:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-08-09 15:23 - 2015-08-09 15:23 - 00028672 ___SH C:\Windows\system32\config\BCD-Template.LOG
    2015-08-09 15:23 - 2015-08-09 15:23 - 00000000 ____D C:\ProgramData\Malwarebytes
    2015-08-09 15:21 - 2015-08-09 19:40 - 00000000 ____D C:\Users\Sander\Desktop\mbar
    2015-08-09 15:21 - 2015-08-09 15:21 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-08-09 15:19 - 2015-08-09 14:05 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Sander\Desktop\1_askdlaskd.exe
    2015-08-09 14:51 - 2015-08-09 14:51 - 00000000 ____D C:\Users\Sander\AppData\Roaming\WebStorage
    2015-08-09 14:50 - 2015-08-09 21:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2980810981-1312304709-3873871237-1001
    2015-08-09 14:46 - 2015-08-09 14:46 - 00000000 ____D C:\Users\Sander\Documents\My Received Files
    2015-08-09 14:46 - 2015-08-09 14:46 - 00000000 ____D C:\Users\Sander\AppData\Roaming\ASUS
    2015-08-09 14:45 - 2015-08-09 15:37 - 00000000 ____D C:\Users\Sander
    2015-08-09 14:45 - 2015-08-09 15:08 - 00000000 ____D C:\ProgramData\USBChargerPlus
    2015-08-09 14:45 - 2015-08-09 14:46 - 00000000 ____D C:\Users\Sander\AppData\Local\Packages
    2015-08-09 14:45 - 2015-08-09 14:46 - 00000000 ____D C:\Users\Sander\AppData\Local\NVIDIA Corporation
    2015-08-09 14:45 - 2015-08-09 14:45 - 00001448 _____ C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-08-09 14:45 - 2015-08-09 14:45 - 00000192 _____ C:\Windows\FixPatch.log
    2015-08-09 14:45 - 2015-08-09 14:45 - 00000020 ___SH C:\Users\Sander\ntuser.ini
    2015-08-09 14:45 - 2015-08-09 14:45 - 00000000 ____D C:\Users\Sander\AppData\Roaming\Intel
    2015-08-09 14:45 - 2015-08-09 14:45 - 00000000 ____D C:\Users\Sander\AppData\Roaming\Adobe
    2015-08-09 14:45 - 2015-08-09 14:45 - 00000000 ____D C:\Users\Sander\AppData\Local\VirtualStore
    2015-08-09 14:45 - 2015-08-09 14:45 - 00000000 ____D C:\Users\Sander\AppData\Local\NVIDIA
    2015-08-09 14:45 - 2014-10-29 16:11 - 00000000 ___RD C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-08-09 14:45 - 2014-10-29 15:20 - 00000000 ___RD C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-08-09 14:45 - 2014-03-18 17:27 - 00000369 _____ C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2015-08-09 14:45 - 2014-03-18 17:27 - 00000369 _____ C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2015-08-09 14:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-08-09 14:45 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-08-09 22:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
    2015-08-09 22:03 - 2015-04-12 05:30 - 01823035 _____ C:\Windows\WindowsUpdate.log
    2015-08-09 22:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
    2015-08-09 21:19 - 2014-11-22 14:12 - 00085360 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
    2015-08-09 21:19 - 2014-11-20 13:39 - 00077680 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
    2015-08-09 21:19 - 2014-11-10 17:48 - 00190648 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
    2015-08-09 21:19 - 2014-10-10 17:02 - 00039792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
    2015-08-09 21:19 - 2014-08-19 12:31 - 00064368 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
    2015-08-09 21:19 - 2014-03-31 10:47 - 00478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
    2015-08-09 21:19 - 2013-04-12 14:34 - 00024944 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klpd.sys
    2015-08-09 21:11 - 2015-04-12 05:43 - 00003400 _____ C:\Windows\System32\Tasks\ASUS Live Update1
    2015-08-09 21:11 - 2015-04-12 05:43 - 00003390 _____ C:\Windows\System32\Tasks\ASUS Live Update2
    2015-08-09 21:09 - 2014-10-30 04:22 - 00040304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
    2015-08-09 21:09 - 2014-10-22 21:13 - 00226480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
    2015-08-09 21:09 - 2013-08-08 16:11 - 00039792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
    2015-08-09 21:09 - 2013-01-14 20:10 - 00247016 _____ (Kaspersky Lab UK Ltd) C:\Windows\system32\Drivers\cm_km_w.sys
    2015-08-09 21:08 - 2014-10-29 14:33 - 00810868 _____ C:\Windows\system32\perfh013.dat
    2015-08-09 21:08 - 2014-10-29 14:33 - 00166216 _____ C:\Windows\system32\perfc013.dat
    2015-08-09 21:08 - 2014-10-29 14:22 - 00806616 _____ C:\Windows\system32\perfh010.dat
    2015-08-09 21:08 - 2014-10-29 14:22 - 00160306 _____ C:\Windows\system32\perfc010.dat
    2015-08-09 21:08 - 2014-10-29 14:12 - 00814850 _____ C:\Windows\system32\perfh00C.dat
    2015-08-09 21:08 - 2014-10-29 14:12 - 00163070 _____ C:\Windows\system32\perfc00C.dat
    2015-08-09 21:08 - 2014-10-29 14:02 - 00767704 _____ C:\Windows\system32\perfh007.dat
    2015-08-09 21:08 - 2014-10-29 14:02 - 00163124 _____ C:\Windows\system32\perfc007.dat
    2015-08-09 21:08 - 2014-03-18 17:26 - 04646338 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-08-09 21:05 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
    2015-08-09 21:05 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
    2015-08-09 21:01 - 2015-04-12 05:45 - 00000000 ____D C:\ProgramData\McAfee
    2015-08-09 21:01 - 2015-04-12 05:34 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-08-09 21:01 - 2014-03-18 10:16 - 00003874 _____ C:\Windows\PFRO.log
    2015-08-09 21:01 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-08-09 15:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\restore
    2015-08-09 15:23 - 2014-10-29 08:16 - 00000000 __SHD C:\Recovery
    2015-08-09 15:23 - 2013-08-22 17:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
    2015-08-09 15:07 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2015-08-09 14:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
    2015-08-09 14:45 - 2014-10-29 15:02 - 00000000 ____D C:\Windows\Panther
    2015-08-09 14:45 - 2014-10-29 13:24 - 00000000 ____D C:\Windows\Log
    2015-08-09 14:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Recovery
    2015-08-09 14:24 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
    2015-08-09 14:23 - 2013-08-22 16:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT

    ==================== Files in the root of some directories =======

    2015-08-09 20:16 - 2015-08-09 21:01 - 0000093 _____ () C:\Users\Sander\AppData\Roaming\sp_data.sys
    2015-04-12 05:39 - 2015-04-12 05:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
    2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
    2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

    Files to move or delete:
    ====================
    C:\ProgramData\SetStretch.VBS


    Some files in TEMP:
    ====================
    C:\Users\Sander\AppData\Local\Temp\0285311439146779mcinst.exe
    C:\Users\Sander\AppData\Local\Temp\Quarantine.exe
    C:\Users\Sander\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-08-09 14:23

    ==================== End of log ============================
     
  3. Sander

    Sander TS Rookie Topic Starter

    And the Far Bar recovery scan addition output:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-08-2015 01
    Ran by Sander (2015-08-09 22:27:54)
    Running from C:\Users\Sander\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2980810981-1312304709-3873871237-500 - Administrator - Disabled)
    Guest (S-1-5-21-2980810981-1312304709-3873871237-501 - Limited - Disabled)
    Sander (S-1-5-21-2980810981-1312304709-3873871237-1001 - Administrator - Enabled) => C:\Users\Sander

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.5 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.9 - ASUS)
    ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
    ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
    ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
    ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
    Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
    ELAN Touchpad 11.5.16.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.16.2 - ELAN Microelectronic Corp.)
    Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
    Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
    Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
    Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
    Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
    Maxx Audio Installer (x64) (Version: 1.6.5073.106 - Waves Audio Ltd.) Hidden
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    NVIDIA 3D Vision Driver 344.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.42 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.42 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA Miracast Virtual Audio 344.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.42 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7432 - Realtek Semiconductor Corp.)
    ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.16 - ASUSTeK Computer Inc.)
    SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
    Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
    WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    09-08-2015 15:39:02 JRT Pre-Junkware Removal

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {063EDC40-CF50-4B69-A910-EEA96BB3519A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-08-09] ()
    Task: {0AF381C5-61A1-4606-9C34-4F70B3C9C046} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-04-11] ()
    Task: {0EFA7C9E-8EC3-4FF9-B8C4-95CD6B689517} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
    Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
    Task: {36F3B5BF-A598-43C8-8812-1774C7DC7AA6} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2014-10-03] (ASUSTek Computer Inc.)
    Task: {4EE46631-03EE-448E-B76C-DB0BFC1CBC21} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
    Task: {4F6286DA-4209-44BA-B0C6-8C293187CC93} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-01-23] (Realtek Semiconductor)
    Task: {541FFB06-8890-4E9D-8CD6-CA0F8E019CFC} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
    Task: {67E21301-509F-4507-9A36-0E7765E9FE55} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] ()
    Task: {6A71E3CF-2D36-4FE3-B1FB-62E56A51B0E3} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
    Task: {70E4F2C2-2493-401C-B6CB-7B903D2B06F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
    Task: {7FE91943-35B4-48A3-8228-1B427F49C3ED} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
    Task: {8206C51C-7FEB-4E51-90C3-7D1283E206DC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-23] (Realtek Semiconductor)
    Task: {88E1DE14-AE9C-4E9F-B082-9B4581E34420} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2014-08-20] (Microsoft Corporation)
    Task: {928E8A52-453A-4F85-9168-905092FE601D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
    Task: {BAF55759-BBEB-451E-BD14-7255CF9219AF} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-08-09] ()
    Task: {CD33472C-EBA5-4EF0-BC1C-BBB160676ADD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
    Task: {FD6B1823-9978-4A2A-8333-47C225131CF0} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-04-12 05:34 - 2014-10-13 13:59 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-04-12 05:43 - 2013-05-15 15:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
    2015-04-12 05:41 - 2014-02-26 05:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
    2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
    2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
    2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
    2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
    2015-04-12 05:38 - 2013-10-23 14:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll
    2013-04-27 11:24 - 2013-04-27 11:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
    2015-08-09 21:31 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
    2015-08-09 21:31 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
    2015-08-09 21:31 - 2015-07-31 08:19 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90695952.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90695952.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2980810981-1312304709-3873871237-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
    DNS Servers: 192.87.36.36 - 192.87.106.106
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{BCE9F6C4-FF6A-4E38-9F64-3DC6CF07F7D7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{979E165E-57A1-43FA-B858-289E5D2B9C87}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{26F024B9-3E81-4D28-B314-14F77A9320A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{040B7654-0866-4839-9A0D-4C7F499C1FDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{D7CF73A0-22D6-4D94-9FA4-139EE8DAA28C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{BC48A6C9-49C9-4EDA-BEAE-7C6D09EBEB0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{D3584BF6-C124-4852-880D-7036C72ED6C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{B8935D45-09C9-42C9-9E7D-2D85DD3EE4F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{FA006D1B-0469-4E35-8D39-14F3FBAF9D86}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{363DA25D-0B62-4A5F-B862-85D9C65C09E3}] => (Allow) C:\Windows\system32\ftp.exe
    FirewallRules: [{35C88140-65B3-45FB-95BC-34CA41304F3D}] => (Allow) C:\Windows\system32\ftp.exe
    FirewallRules: [{21503656-9ACC-4B4F-A1B4-A41D2AE2B53D}] => (Allow) C:\Windows\SysWOW64\ftp.exe
    FirewallRules: [{35EA8026-A991-49F4-8887-205305F92101}] => (Allow) C:\Windows\SysWOW64\ftp.exe
    FirewallRules: [{415044B2-ABDF-4335-A9AD-306B095C5537}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/09/2015 03:47:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcSSAS and NSS certificates mismatching after deletion and regeneration [0]

    Error: (08/09/2015 02:44:30 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
    Description: Unable to remove Windows Search Service indexed data for user '<Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2015-08-09T12:44:30.000000000Z'/><EventRecordID>11</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>BAKBEEST</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>420041004B00420045004500530054005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>' in response to user profile deletion. Error code %2.

    %3.


    System errors:
    =============
    Error: (08/09/2015 09:32:41 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

    Error: (08/09/2015 09:32:40 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.

    Error: (08/09/2015 09:19:19 PM) (Source: KLIF) (EventID: 0) (User: )
    Description: Сonnection is not established

    Error: (08/09/2015 09:19:19 PM) (Source: KLIF) (EventID: 0) (User: )
    Description: Сonnection is not established

    Error: (08/09/2015 09:19:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Interactive Services Detection service terminated with the following error:
    %%1

    Error: (08/09/2015 09:19:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Interactive Services Detection service terminated with the following error:
    %%1

    Error: (08/09/2015 09:19:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Interactive Services Detection service terminated with the following error:
    %%1

    Error: (08/09/2015 09:04:59 PM) (Source: KLIF) (EventID: 0) (User: )
    Description: Сonnection is not established

    Error: (08/09/2015 09:04:59 PM) (Source: KLIF) (EventID: 0) (User: )
    Description: Сonnection is not established

    Error: (08/09/2015 09:00:50 PM) (Source: DCOM) (EventID: 10010) (User: BAKBEEST)
    Description: {209500FC-6B45-4693-8871-6296C4843751}


    Microsoft Office:
    =========================
    Error: (08/09/2015 03:47:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcSSAS and NSS certificates mismatching after deletion and regeneration [0]

    Error: (08/09/2015 02:44:30 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
    Description: <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Search-ProfileNotify' Guid='{FC6F77DD-769A-470E-BCF9-1B6555A118BE}' EventSourceName='Windows Search Service Profile Notification'/><EventID Qualifiers='49152'>2</EventID><Version>0</Version><Level>2</Level><Task>0</Task><Opcode>0</Opcode><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime='2015-08-09T12:44:30.000000000Z'/><EventRecordID>11</EventRecordID><Correlation/><Execution ProcessID='0' ThreadID='0'/><Channel>Application</Channel><Computer>BAKBEEST</Computer><Security/></System><ProcessingErrorData><ErrorCode>15005</ErrorCode><DataItemName>__binLength</DataItemName><EventPayload>420041004B00420045004500530054005C00410064006D0069006E006900730074007200610074006F00720000003000780038003000300034003200310030003300000000000000</EventPayload></ProcessingErrorData></Event>


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz
    Percentage of memory in use: 22%
    Total physical RAM: 16333.11 MB
    Available physical RAM: 12600.66 MB
    Total Virtual: 19277.11 MB
    Available Virtual: 15286.18 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:190.77 GB) (Free:170.6 GB) NTFS ==>[system with boot components (obtained from reading drive)]
    Drive d: (Data) (Fixed) (Total:270.93 GB) (Free:270.81 GB) NTFS
    Drive e: (Data1) (Fixed) (Total:465.75 GB) (Free:465.6 GB) NTFS
    Drive f: (Data2) (Fixed) (Total:465.76 GB) (Free:465.6 GB) NTFS
    Drive g: (KSPKY1) (CDROM) (Total:0.2 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 476.9 GB) (Disk ID: 5BDD5D54)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 1 (Size: 931.5 GB) (Disk ID: 29F13C55)

    Partition: GPT Partition Type.

    ==================== End of log ============================
     
  4. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =======================================

    Does Chrome error happen only when you try to download MBAM?
    Will MBAM download work with Internet Explorer?
     
  5. Sander

    Sander TS Rookie Topic Starter

    Does Chrome error happen only when you try to download MBAM?
    No, it also happens with rescue disks, hitman pro, but also with Matlab(engineering program). However my laptop did download the Far Bar recovery tool just now. It is inconsistent at best.

    Will MBAM download work with Internet Explorer?
    No MBAM will not download with IE. I get the error that MBAM-setup-"some version here" could not be downloaded.
     
  6. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    I don't see anything malicious in your logs so I suggest new topic in Windows forum.
     
  7. Sander

    Sander TS Rookie Topic Starter

    Allright it is not a virus then, pfew.
    Thanks for your help!
     
  8. Broni

    Broni Malware Annihilator Posts: 52,892   +344

    You're very welcome [​IMG]
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...