Jump to content

CACTUS

Members
 View Profile  See their activity

  • Posts

    16

  • Joined

  • Last visited

Reputation

0 Neutral
  1. CACTUS
    Glad to hear that! Thanks mate for your time!
  2. CACTUS
    Ohh I forgot to post this. lol. here the results for delfix # DelFix v1.013 - Logfile created 06/06/2017 at 12:45:29 # Updated 17/04/2016 by Xplode # Username : Nursyahirah Farihah - SF_FI # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Nursyahirah Farihah\Desktop\Addition.txt Deleted : C:\Users\Nursyahirah Farihah\Desktop\Fixlog.txt Deleted : C:\Users\Nursyahirah Farihah\Desktop\FRST.txt Deleted : C:\Users\Nursyahirah Farihah\Desktop\FRST64.exe Deleted : C:\Users\Nursyahirah Farihah\Desktop\JRT.exe Deleted : C:\Users\Nursyahirah Farihah\Desktop\JRT.txt ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #219 [Windows Update | 05/31/2017 12:52:46] Deleted : RP #221 [Restore Point Created by FRST | 06/02/2017 16:50:40] Deleted : RP #222 [JRT Pre-Junkware Removal | 06/02/2017 22:07:57] Deleted : RP #223 [Windows Update | 06/03/2017 17:48:54] Deleted : RP #224 [Xperia Companion | 06/06/2017 04:34:58] Deleted : RP #225 [Xperia Companion | 06/06/2017 04:38:27] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  3. CACTUS
    Nope. Now I can do my assignment without problem. Thanks dude! If need further assistance with my laptop, i know the perfect man to look for. hehe Thanks for extra tips about internet security. Bye for now. Again, thanks Yoan!
  4. CACTUS
    Wow. At this age, you have done so many good thing to many people. I also born on 1994, but unlike you I dont know what good thing I can do to help people. haha. Cheers mate. Greeting from Malaysia
  5. CACTUS
    My problem has been fixed by restarting laptop. LOL Now everything works smooth. Thank you, Master Yoan. Thank you so much for your help. Arigato Sensei
  6. CACTUS
    My system runs smooth now. Thanks to you. But, there is an issues I would like to address. Before this Steam run without any problem but now my Steam run slow. Playing dota i got no problem at all, just opening steam launcher I got problem. The icon tray (bottom right desktop) seems to be delayed when I right click to open dota. Same thing happen when I open Steam directly from desktop. Its like playing dota with -ping = 400~ and packet loss=30 and took ~10 seconds to response. Can you help me with this?
  7. CACTUS
    Hehe. Here the results for latest FRST scan. FRST.txt Addition.txt
  8. CACTUS
    Ops sorry Yoan. My bad. I missed that one. Sorry for being such an horrible person. Im stressed with all this assignment task. Forgot to think about others. Again, sorry Yoan. I feel ashamed with you. . We good, right? Ok. I will post the results as soon Ive complete the scan.
  9. CACTUS
    Yoan, is everything ok? I need to know whether my laptop still infected or not. Referring to your statement, i wouuld appreciate if you were to stay with me until the end, which means, until I declare your system clean. I will waiting for your approval.
  10. CACTUS
    ok. i've completed JRT and Adwcleaner. Here is the results. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 7 Ultimate x64 Ran by Nursyahirah Farihah (Administrator) on Sat 03/06/2017 at 6:07:53.91 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 13 Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\Users\Nursyahirah Farihah\AppData\Roaming\productdata (Folder) Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task) Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Nursyahirah Farihah) (Task) Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Nursyahirah_Farihah (Task) Successfully deleted: C:\Users\Nursyahirah Farihah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E5TQF3A (Temporary Internet Files Folder) Successfully deleted: C:\Users\Nursyahirah Farihah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C353RF1B (Temporary Internet Files Folder) Successfully deleted: C:\Users\Nursyahirah Farihah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHFG9F3M (Temporary Internet Files Folder) Successfully deleted: C:\Users\Nursyahirah Farihah\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W07ME87U (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7E5TQF3A (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C353RF1B (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHFG9F3M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W07ME87U (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sat 03/06/2017 at 6:12:55.23 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v6.047 - Logfile created 03/06/2017 at 06:24:55 # Updated on 19/05/2017 by Malwarebytes # Database : 2017-06-02.1 [Server] # Operating System : Windows 7 Ultimate Service Pack 1 (X64) # Username : Nursyahirah Farihah - SF_FI # Running from : C:\Users\Nursyahirah Farihah\Downloads\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [2251 Bytes] - [23/05/2017 07:55:36] C:\AdwCleaner\AdwCleaner[C2].txt - [1873 Bytes] - [24/05/2017 17:07:09] C:\AdwCleaner\AdwCleaner[C3].txt - [934 Bytes] - [03/06/2017 06:24:55] C:\AdwCleaner\AdwCleaner[S0].txt - [2179 Bytes] - [23/05/2017 07:50:01] C:\AdwCleaner\AdwCleaner[S1].txt - [2173 Bytes] - [24/05/2017 17:06:04] C:\AdwCleaner\AdwCleaner[S2].txt - [1477 Bytes] - [24/05/2017 22:58:00] C:\AdwCleaner\AdwCleaner[S3].txt - [1550 Bytes] - [25/05/2017 00:38:24] C:\AdwCleaner\AdwCleaner[S4].txt - [1624 Bytes] - [28/05/2017 10:39:41] C:\AdwCleaner\AdwCleaner[S5].txt - [1696 Bytes] - [30/05/2017 16:30:24] C:\AdwCleaner\AdwCleaner[S6].txt - [1764 Bytes] - [03/06/2017 06:24:29] ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1517 Bytes] ##########
  11. CACTUS
    ok. done. here the results. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/3/17 Scan Time: 2:06 AM Log File: Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.122 Update Package Version: 1.0.2074 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: SF_FI\Nursyahirah Farihah -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 356420 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 7 min, 55 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
  12. CACTUS
    ive just finished restarting my laptop.. here the results... Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017 Ran by Nursyahirah Farihah (03-06-2017 00:50:34) Run:1 Running from C:\Users\Nursyahirah Farihah\Desktop Loaded Profiles: Nursyahirah Farihah (Available Profiles: Nursyahirah Farihah & Administrator) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: CreateRestorePoint: HKLM\...\RunOnce: [SF_FI] => C:\Windows\TEMP\g8333.tmp.exe <===== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (U) HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (U) HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (U) HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (U) HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (U) HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (U) HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (U) HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (U) HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (U) HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (U) HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (U) HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (U) HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (U) HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION GroupPolicy: Restriction <======= ATTENTION GroupPolicyScripts: Restriction <======= ATTENTION R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [File not signed] Task: {2CB06134-E35A-4A28-97E8-596853033CB8} - System32\Tasks\{CBBEBB0D-98D7-4E24-BF34-1EDEF3E1B535} => pcalua.exe -a F:\setup.exe -d F:\ Task: {74D6EC9A-BF93-4E65-BF6E-1C54D7EED301} - System32\Tasks\53203m28070x616 => Rundll32.exe "C:\ProgramData\53203m28070x616\53203m28070x616.dll",LTG <==== ATTENTION Task: {76784F37-F35E-4AA8-894B-4626FE8922E3} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {7F3DBBA3-9447-4D4B-993B-0DE6A43AAA9B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {C439BB94-8F02-40B0-91FB-4EB1E6FAE8C2} - System32\Tasks\44594_3873-8368 => Rundll32.exe "C:\ProgramData\44594_3873-8368\44594_3873-8368.dll",CanShareFolder <==== ATTENTION Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe MSCONFIG\startupreg: Ukjxmedia => C:\Program Files\KMSpico C:\ProgramData\53203m28070x616 C:\ProgramData\44594_3873-8368 C:\Windows\AutoKMS C:\Windows\TEMP\g8333.tmp.exe EmptyTemp: ***************** Processes closed successfully. Restore point was successfully created. HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SF_FI => value removed successfully HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION => restored successfully HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION => restored successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\03D22C9C66915D58C88912B64C1F984B8344EF09 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\0F684EC1163281085C6AF20528878103ACEFCAAB => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1667908C9E22EFBD0590E088715CC74BE4C60884 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\18DEA4EFA93B06AE997D234411F3FD72A677EECE => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\249BDA38A611CD746A132FA2AF995A2D3C941264 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\331E2046A1CCA7BFEF766724394BE6112B4CA3F7 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3353EA609334A9F23A701B9159E30CB6C22D4C59 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\373C33726722D3A5D1EDD1F1585D5D25B39BEA1A => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3D496FA682E65FC122351EC29B55AB94F3BB03FC => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4420C99742DF11DD0795BC15B7B0ABF090DC84DF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5240AB5B05D11B37900AC7712A3C6AE42F377C8C => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DD3D41810F28B2A13E9A004E6412061E28FA48D => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7457A3793086DBB58B3858D6476889E3311E550E => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\76A9295EF4343E12DFC5FE05DC57227C1AB00D29 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\775B373B33B9D15B58BC02B184704332B97C3CAF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\872CD334B7E7B3C3D1C6114CD6B221026D505EAB => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\88AD5DFE24126872B33175D1778687B642323ACF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9132E8B079D080E01D52631690BE18EBC2347C1E => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\982D98951CF3C0CA2A02814D474A976CBFF6BDB1 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9C43F665E690AB4D486D4717B456C5554D4BCEB5 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A5341949ABE1407DD7BF7DFE75460D9608FBC309 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A59CC32724DD07A6FC33F7806945481A2D13CA2F => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD4C5429E10F4FF6C01840C20ABA344D7401209F => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD96BB64BA36379D2E354660780C2067B81DA2E0 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CDC37C22FE9272D8F2610206AD397A45040326B8 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB303C9B61282DE525DC754A535CA2D6A9BD3D87 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB77E5CFEC34459146748B667C97B185619251BA => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E22240E837B52E691C71DF248F12D27F96441C00 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\ED841A61C0F76025598421BC1B00E24189E68D54 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9 => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FBB42F089AF2D570F2BF6F493D107A3255A9BB1A => key removed successfully HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 => key removed successfully C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully "C:\Windows\system32\GroupPolicy\Machine" => not found. HKLM\System\CurrentControlSet\Services\Service KMSELDI => key removed successfully Service KMSELDI => service removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CB06134-E35A-4A28-97E8-596853033CB8} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CB06134-E35A-4A28-97E8-596853033CB8} => key removed successfully C:\Windows\System32\Tasks\{CBBEBB0D-98D7-4E24-BF34-1EDEF3E1B535} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CBBEBB0D-98D7-4E24-BF34-1EDEF3E1B535} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{74D6EC9A-BF93-4E65-BF6E-1C54D7EED301} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74D6EC9A-BF93-4E65-BF6E-1C54D7EED301} => key removed successfully C:\Windows\System32\Tasks\53203m28070x616 => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\53203m28070x616 => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{76784F37-F35E-4AA8-894B-4626FE8922E3} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76784F37-F35E-4AA8-894B-4626FE8922E3} => key removed successfully C:\Windows\System32\Tasks\AutoKMS => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F3DBBA3-9447-4D4B-993B-0DE6A43AAA9B} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F3DBBA3-9447-4D4B-993B-0DE6A43AAA9B} => key removed successfully C:\Windows\System32\Tasks\AutoPico Daily Restart => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C439BB94-8F02-40B0-91FB-4EB1E6FAE8C2} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C439BB94-8F02-40B0-91FB-4EB1E6FAE8C2} => key removed successfully C:\Windows\System32\Tasks\44594_3873-8368 => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\44594_3873-8368 => key removed successfully C:\Windows\Tasks\AutoKMS.job => moved successfully HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSCONFIG\startupreg: Ukjxmedia => => key not found. C:\Program Files\KMSpico => moved successfully C:\ProgramData\53203m28070x616 => moved successfully C:\ProgramData\44594_3873-8368 => moved successfully C:\Windows\AutoKMS => moved successfully "C:\Windows\TEMP\g8333.tmp.exe" => not found. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11583606 B Java, Flash, Steam htmlcache => 231081787 B Windows/system/drivers => 3672 B Edge => 0 B Chrome => 433692854 B Firefox => 14588289 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 60080039 B systemprofile32 => 66356 B LocalService => 66356 B NetworkService => 9752 B Nursyahirah Farihah => 25412842 B Administrator => 120934 B RecycleBin => 0 B EmptyTemp: => 748.7 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 00:51:34 ====
  13. CACTUS
    here is the results. Addition.txt FRST.txt
  14. CACTUS
    ok. I will post the results as soon ive completed the instruction.
  15. CACTUS
    Thank you for quick respond Yoan! . Ok, noted. Yes, we shall start now. I had a lot of assignment to do. Ever since that ransomware virus news spread, my laptop start acting so weird. i dont think i got infected by that. But still my laptop runs very slow than before. whenever I need to run application, its say "application blocked and bla bla bla" requesting for administration, but im using this laptop on full administration. i also had problem run my malwarebyte. its been blocked for security, unable to connect on startup. my fps when playing dota never fluctuated. since my laptop act so weird its even slow on main menu. i also had checked my task manager, there is something like g4ac.temp.exe run on background. not just one but 3 or 4. Im seeking for your kindness to figure out what the heck wrong with my laptop. I need help with expert. I really appreciate if you can resolve my problem. thank you Yoan
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.