Jump to content

Mbam.exe Application unable to start correctly(0xc0000022)

kitchai2

By kitchai2
in Resolved Malware Removal Logs

 Share

Recommended Posts

kitchai2

kitchai2

Posted
Posted

This is my first time posting in this forum but after going through multiple forums looking for an answer,I could not take it anymore so please be patient with me.

Im sure im infected as a pop up(I think adware) ad always appears even b4 explorer.exe even loads whenever i start the computer in normal mode.

I am however able to start malwarebytes in safe mode and so far managed to start the threat scan and remove some viruses. However, i still get the same 'The application was unable to start correctly (0xc0000022).Click ok to close the application' message whenever k try to load it in normal mode and whenever i go back to safe mode to do another scan,it just keeps detecting at least 1 malware  which i have constantly scanned then deleted but still somehow a virus still seems to be detected.In fact no adware was detected either despite it appearing b4 my very eyes.

I tried adwcleaner but to no avail did it work.I also tried other software like hitmanpro and avast but they still despite getting multiple threats detected which i then deleted,did not solve the problem.

Therefore i have come to seek help on how to get malwarebytes to run in normal mode as it had always helped me in previous situations.If it cant run in normal mode,it is no mistake that there is still a problem lurking in my computer along with the obvious pop up still appearing.

Im willing to do nearly anything to solve this problem as i've been stuck scaning and deleting this whole time with no progress made.

Please help.Thank you

Link to post
Share on other sites
kitchai2

kitchai2

Posted
  • Author
Posted

Update:So i just searched up about the website in the url address that always pops up on google being 'baymaletinet' with a dot b4 the net  and now im really terrified after reading

 http://rimuovi-pc-spyware.blogspot.com/2018/12/rimozione-baymaletinet-in-pochi-passi.html?m=1 this article about what i may potentially be facing.

True it may not be a credible source but its the only lead i got after typing baymaletinet in google seadch and now i can't even sleep knowing someone may potentially be able to remotely control my computer.I didnt click any of the links of course so im desperately in need of advice on what to do now.

Thanks

Link to post
Share on other sites
kitchai2

kitchai2

Posted
  • Author
Posted
1 minute ago, kitchai2 said:

Update:So i just searched up about the website in the url address that always pops up on my browser when i start the computer in normal mode being 'baymaletinet' with a dot b4 the net  and now im really terrified after reading

 http://rimuovi-pc-spyware.blogspot.com/2018/12/rimozione-baymaletinet-in-pochi-passi.html?m=1 this article about what i may potentially be facing.

True it may not be a credible source but its the only lead i got after typing baymaletinet in google seadch and now i can't even sleep knowing someone may potentially be able to remotely control my computer.I didnt click any of the links of course so im desperately in need of advice on what to do now.

Thanks

 

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions
===

Let me know also if you are Syncing this computer with other devices.
Using Chrome, IE or other browsers.

Link to post
Share on other sites
kitchai2

kitchai2

Posted
  • Author
Posted

Thanks so much for the help nasdaq!

I actually deleted chrome just yesterday thinking it would have solved the pop up problem but it didn't as it now pops up in internet explorer when i had set it as my default browser.

 

Here are the files you told me to attach and paste

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.12.2018
Ran by Kok Seong (administrator) on KOKSEONG-PC (23-12-2018 11:05:59)
Running from C:\Users\Kok Seong\Desktop\FARBAR SCANNER
Loaded Profiles: Kok Seong & Kwan Jet & Tieng Wai Yoke &  (Available Profiles: Kok Seong & Kwan Jet & Tieng Wai Yoke)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Users\Kok Seong\Desktop\wallpaper_engine\bin\wallpaperservice32_c.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Users\Kok Seong\Desktop\wallpaper_engine\wallpaper64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Akamai Technologies, Inc.) C:\Users\Kok Seong\AppData\Local\Akamai\netsession_win.exe
(Octoshape ApS) C:\Users\Kok Seong\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Akamai Technologies, Inc.) C:\Users\Kok Seong\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Kok Seong\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(KKBOX Taiwan Co., Ltd) C:\Program Files (x86)\KKBOX\KKBOX_Tray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\Gaming Mouse\Monitor.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(MosArt) C:\Program Files (x86)\ALCATROZ Wireless Gaming Mouse AP\ALCATROZ Wireless Gaming Mouse.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Kok Seong\Desktop\New folder\FRST64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-19] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM-x32\...\Run: [RaidCall] => C:\Program Files (x86)\RaidCall.RU\raidcall.exe [5127592 2016-05-06] (RAIDCALL.COM)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-01-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [Gaming Mouse Driver] => C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [491520 2015-01-22] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKLM-x32\...\Run: [ALCATROZ Wireless Gaming Mouse AP] => C:\Program Files (x86)\ALCATROZ Wireless Gaming Mouse AP\ALCATROZ Wireless Gaming Mouse.exe [3855872 2016-08-10] (MosArt)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kok Seong\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Kok Seong\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [MiPhoneManager] => C:\Users\Kok Seong\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] ()
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-23] (Disc Soft Ltd)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-27] (Valve Corporation)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Run: [Discord] => C:\Users\Kok Seong\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {26648fe8-9e1e-11e5-891d-14cc2003054f} - G:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {48d8fef9-d173-11e6-965c-14cc2003054f} - F:\Setup.exe /s
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {6a9ba697-964a-11e5-bd31-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {7c6152ff-684a-11e6-bbf5-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {9bd4ba7f-a882-11e6-a701-14cc2003054f} - J:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {a14ff776-6d6a-11e5-90dc-14cc2003054f} - F:\Setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {d6c0ab7a-e4a7-11e6-b65d-14cc2003054f} - G:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\...\MountPoints2: {eb253fd1-6a16-11e7-8ba8-14cc2003054f} - H:\AutoRun.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [Akamai NetSession Interface] => C:\Users\Kok Seong\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [Octoshape Streaming Services] => C:\Users\Kok Seong\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [MiPhoneManager] => C:\Users\Kok Seong\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] ()
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-23] (Disc Soft Ltd)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-27] (Valve Corporation)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Run: [Discord] => C:\Users\Kok Seong\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {26648fe8-9e1e-11e5-891d-14cc2003054f} - G:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {48d8fef9-d173-11e6-965c-14cc2003054f} - F:\Setup.exe /s
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {6a9ba697-964a-11e5-bd31-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {7c6152ff-684a-11e6-bbf5-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {9bd4ba7f-a882-11e6-a701-14cc2003054f} - J:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {a14ff776-6d6a-11e5-90dc-14cc2003054f} - F:\Setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {d6c0ab7a-e4a7-11e6-b65d-14cc2003054f} - G:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\...\MountPoints2: {eb253fd1-6a16-11e7-8ba8-14cc2003054f} - H:\AutoRun.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1003\...\Run: [AvastBrowserAutoLaunch_8FCA9E3585AD1CF469BEF8D18BF4D838] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1819824 2018-12-04] (AVAST Software)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3155075218-3489373767-3233365952-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105316807\...\Run: [AvastBrowserAutoLaunch_8FCA9E3585AD1CF469BEF8D18BF4D838] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1819824 2018-12-04] (AVAST Software)
HKU\S-1-5-21-3155075218-3489373767-3233365952-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105316807\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3155075218-3489373767-3233365952-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105316807\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\...\MountPoints2: {04a47023-deac-11e6-8821-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\...\MountPoints2: {074ae517-98bc-11e6-b266-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\...\MountPoints2: {48d8fef9-d173-11e6-965c-14cc2003054f} - G:\Setup.exe /s
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\...\MountPoints2: {a14ff776-6d6a-11e5-90dc-14cc2003054f} - F:\Setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\...\MountPoints2: {04a47023-deac-11e6-8821-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\...\MountPoints2: {074ae517-98bc-11e6-b266-14cc2003054f} - F:\setup.exe
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\...\MountPoints2: {48d8fef9-d173-11e6-965c-14cc2003054f} - G:\Setup.exe /s
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\...\MountPoints2: {a14ff776-6d6a-11e5-90dc-14cc2003054f} - F:\Setup.exe
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\System32\rtvcvfw64.dll [246272 2012-09-29] ()
HKLM\...\Drivers32: [MSVideo8] => C:\Windows\System32\VfWWDM32.dll [68096 2010-11-21] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\System32\frapsv64.dll [71680 2013-02-26] (Beepa P/L)
HKLM\...\Drivers32-x32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] ()
HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L)
HKLM\...\Drivers32-x32: [msacm.siren] => C:\Windows\SysWOW64\sirenacm.dll [58568 2014-03-31] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2010-08-03] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-05-17]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Kok Seong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KKBOX_Tray.lnk [2018-06-23]
ShortcutTarget: KKBOX_Tray.lnk -> C:\Program Files (x86)\KKBOX\KKBOX_Tray.exe (KKBOX Taiwan Co., Ltd)
Startup: C:\Users\Kok Seong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series.lnk [2016-02-03]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series.lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicyUsers\S-1-5-21-3155075218-3489373767-3233365952-1003\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-3155075218-3489373767-3233365952-1001\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7C0431FE-ADF3-4EC6-85D3-B8B717F66078}: [NameServer] 188.120.239.115,8.8.8.8
Tcpip\..\Interfaces\{7C0431FE-ADF3-4EC6-85D3-B8B717F66078}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9323881F-7405-4B80-ACFD-ED757DB26171}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131354474093217842&GUID=18A286CC-D2B7-4CCE-8731-2504322D6939
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131354474093217842&GUID=18A286CC-D2B7-4CCE-8731-2504322D6939
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131167624938263361&GUID=18A286CC-D2B7-4CCE-8731-2504322D6939
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131167624938263361&GUID=18A286CC-D2B7-4CCE-8731-2504322D6939
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?pli=1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?pli=1
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131354474093947884&GUID=18A286CC-D2B7-4CCE-8731-2504322D6939
HKU\S-1-5-21-3155075218-3489373767-3233365952-1004.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317144\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131354474093947884&GUID=18A286CC-D2B7-4CCE-8731-2504322D6939
URLSearchHook: [S-1-5-21-3155075218-3489373767-3233365952-1004] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-21-3155075218-3489373767-3233365952-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105317029] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3155075218-3489373767-3233365952-1001 -> {514643D1-9143-40F4-BC6C-D342ABAE4EBE} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508 -> {514643D1-9143-40F4-BC6C-D342ABAE4EBE} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3155075218-3489373767-3233365952-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3155075218-3489373767-3233365952-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3155075218-3489373767-3233365952-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105316807 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3155075218-3489373767-3233365952-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105316807 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.5.441\AVG Web TuneUp.dll => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-11] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-16] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.5\\npsitesafety.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [No File]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Kok Seong\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Kok Seong\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3155075218-3489373767-3233365952-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Kok Seong\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Kok Seong\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Kok Seong\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-01-03] (Octoshape ApS)

Chrome: 
=======
CHR HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3155075218-3489373767-3233365952-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3155075218-3489373767-3233365952-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12232018105314508\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeoghjfjibnhpmakobgiidkhcckdhod] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-19] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-12-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-19] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-12-19] (AVAST Software)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881696 2016-01-25] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-01-25] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-12-18] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-23] (Disc Soft Ltd)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-24] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-24] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [473040 2018-02-24] (McAfee, LLC)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-11-21] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-11-21] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2018-12-18] ()
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2015-02-25] (AVG Technologies)
R2 Wallpaper Engine Service; C:\Users\Kok Seong\Desktop\wallpaper_engine\bin\wallpaperservice32_c.exe [25600 2017-02-11] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-11-16] (Microsoft Corporation)
S3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [X]
S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 6DA5333EA704; C:\Windows\6DA5333EA704.sys [621416 2018-12-19] (VideoDriver)
S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-12-19] (AVAST Software)
S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-12-19] (AVAST Software)
S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-12-19] (AVAST Software)
S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-12-19] (AVAST Software)
S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-12-19] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-12-19] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-12-19] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-12-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-12-19] (AVAST Software)
S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-12-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-12-19] (AVAST Software)
S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-12-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-12-19] (AVAST Software)
S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-12-19] (AVAST Software)
S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-12-19] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [0 2009-06-11] () <==== ATTENTION (zero byte File/Folder)
S3 cfwids; C:\Windows\system32\drivers\cfwids.sys [77224 2018-05-16] (McAfee, LLC)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-10-23] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-04-18] (Disc Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-08-22] (Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-08-22] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
S3 GMLXDFltr01; C:\Windows\System32\drivers\GMLXDFltr01.sys [10752 2014-07-24] (LXD Development, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2018-12-22] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2014-01-01] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2014-01-01] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2014-01-01] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2018-12-23] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 mfeaack; C:\Windows\system32\drivers\mfeaack.sys [497568 2018-05-16] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [360352 2018-05-16] (McAfee, LLC)
R3 mfefirek; C:\Windows\system32\drivers\mfefirek.sys [529312 2018-05-16] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [953248 2018-05-16] (McAfee, LLC)
R3 mfeplk; C:\Windows\system32\drivers\mfeplk.sys [115616 2018-05-16] (McAfee, LLC)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252832 2018-05-16] (McAfee, LLC)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-11] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-08-22] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-06-28] (Anchorfree Inc.)
R3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2016-10-10] (Wondershare)
U3 aswbdisk; no ImagePath
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 gkernel; \??\C:\Users\KOKSEO~1\AppData\Local\Temp\gkernel.sys [X] <==== ATTENTION
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-23 11:03 - 2018-12-23 11:05 - 000000000 ____D C:\Users\Kok Seong\Desktop\FARBAR SCANNER
2018-12-22 01:25 - 2018-12-22 01:22 - 007216355 _____ C:\Users\Kok Seong\Desktop\clamav-0.101.0-win-x64-portable.zip
2018-12-22 01:22 - 2018-12-22 01:22 - 007216355 _____ C:\Users\Kok Seong\Downloads\clamav-0.101.0-win-x64-portable.zip
2018-12-22 00:50 - 2018-12-22 00:50 - 007320272 _____ (Malwarebytes) C:\Users\Kok Seong\Downloads\adwcleaner_7.2.6.0 (2).exe
2018-12-22 00:08 - 2018-02-24 03:37 - 000473040 _____ (McAfee, LLC) C:\Windows\system32\mfevtps.exe
2018-12-22 00:04 - 2018-12-22 01:06 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-12-22 00:04 - 2018-12-22 00:04 - 000001831 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-22 00:04 - 2018-12-22 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-22 00:04 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-21 23:54 - 2018-12-21 23:54 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2018-12-21 23:25 - 2018-12-21 23:25 - 000072088 _____ C:\ProgramData\agent.update.1545405912.bdinstall.v2.bin
2018-12-21 23:23 - 2018-12-21 23:23 - 010372016 _____ C:\Users\Kok Seong\Downloads\bitdefender_online.exe
2018-12-21 22:37 - 2018-12-21 22:37 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-12-21 22:34 - 2018-12-22 00:00 - 000000000 _____ C:\Users\Kok Seong\AppData\Roaming\MCVi2UserDetail.ini
2018-12-21 22:34 - 2018-12-21 22:37 - 000000000 ____D C:\ProgramData\McAfee
2018-12-21 22:31 - 2018-12-21 23:25 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-12-21 22:31 - 2018-12-21 22:31 - 000105428 _____ C:\ProgramData\agent.1545402669.bdinstall.v2.bin
2018-12-21 22:31 - 2018-12-21 22:31 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2018-12-21 22:22 - 2018-12-21 22:22 - 000010058 _____ C:\Windows\system32\.crusader
2018-12-21 22:08 - 2018-12-21 22:22 - 000000000 ____D C:\ProgramData\HitmanPro
2018-12-21 22:08 - 2018-12-21 22:08 - 000001861 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-12-21 22:08 - 2018-12-21 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-12-21 22:08 - 2018-12-21 22:08 - 000000000 ____D C:\Program Files\HitmanPro
2018-12-21 22:07 - 2018-12-21 22:06 - 007320272 _____ (Malwarebytes) C:\Users\Kok Seong\Downloads\adwcleaner_7.2.6.0 (1).exe
2018-12-21 21:23 - 2018-12-21 21:23 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (8).exe
2018-12-21 21:23 - 2018-12-21 21:23 - 012572419 _____ C:\Users\Kok Seong\Downloads\Unconfirmed 771570.crdownload
2018-12-21 20:23 - 2018-12-21 20:23 - 006705178 _____ C:\Users\Kok Seong\Downloads\mbam-chameleon-3.1.33.0.zip
2018-12-21 20:00 - 2018-12-22 00:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-21 20:00 - 2018-12-21 20:00 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-21 19:59 - 2018-12-21 19:59 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (7).exe
2018-12-21 19:51 - 2018-12-21 19:51 - 000566128 _____ (Malwarebytes) C:\Users\Kok Seong\Downloads\mbam-clean-2.3.0.1001 (1).exe
2018-12-21 19:43 - 2018-12-21 19:43 - 000566128 _____ (Malwarebytes) C:\Users\Kok Seong\Downloads\mbam-clean-2.3.0.1001.exe
2018-12-21 19:14 - 2018-12-21 19:15 - 000000000 ____D C:\AdwCleaner
2018-12-21 19:14 - 2018-12-21 19:14 - 007320272 _____ (Malwarebytes) C:\Users\Kok Seong\Downloads\adwcleaner_7.2.6.0.exe
2018-12-21 19:09 - 2018-12-23 11:05 - 000000000 ____D C:\FRST
2018-12-21 19:05 - 2018-12-21 19:05 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (6).exe
2018-12-21 14:22 - 2018-12-21 14:22 - 000012154 _____ C:\Users\Kok Seong\Downloads\winmail (2).dat
2018-12-21 14:19 - 2018-12-21 14:19 - 000012154 _____ C:\Users\Kok Seong\Downloads\winmail (1).dat
2018-12-21 14:16 - 2018-12-21 14:16 - 000012154 _____ C:\Users\Kok Seong\Downloads\winmail.dat
2018-12-20 04:06 - 2018-12-20 04:06 - 000000219 _____ C:\Users\Kok Seong\Desktop\Team Fortress 2.url
2018-12-19 19:39 - 2018-12-19 19:39 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-12-19 19:39 - 2018-12-19 19:39 - 000002426 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-12-19 19:38 - 2018-12-19 19:38 - 000003374 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-12-19 19:38 - 2018-12-19 19:38 - 000003246 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-12-19 19:38 - 2018-12-19 19:38 - 000000000 ____D C:\Users\Kok Seong\AppData\Roaming\AVAST Software
2018-12-19 19:38 - 2018-12-19 19:38 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-12-19 19:37 - 2018-12-19 19:38 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\AVAST Software
2018-12-19 19:37 - 2018-12-19 19:37 - 000001886 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-12-19 19:37 - 2018-12-19 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-12-19 19:36 - 2018-12-21 19:04 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-12-19 19:35 - 2018-12-19 19:35 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-12-19 19:35 - 2018-12-19 19:35 - 000052328 _____ () C:\Windows\system32\Drivers\staport.sys
2018-12-19 19:35 - 2018-12-19 19:35 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-19 19:35 - 2018-12-19 19:34 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-12-19 19:35 - 2018-12-19 19:34 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-12-19 19:35 - 2018-12-19 19:34 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-12-19 19:34 - 2018-12-19 19:34 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-19 19:33 - 2018-12-19 21:38 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-19 19:33 - 2018-12-19 19:33 - 007481664 _____ (AVAST Software) C:\Users\Kok Seong\Downloads\avast_free_antivirus_setup_online_b2l.exe
2018-12-19 19:33 - 2018-12-19 19:33 - 000000000 ____D C:\Program Files\AVAST Software
2018-12-19 19:22 - 2018-12-19 19:22 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (5).exe
2018-12-19 17:15 - 2018-12-19 17:15 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\mbam
2018-12-19 17:14 - 2018-12-19 17:14 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\mbamtray
2018-12-19 17:13 - 2018-12-22 01:06 - 000794090 _____ C:\Windows\ntbtlog.txt
2018-12-19 17:05 - 2018-12-19 17:05 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (4).exe
2018-12-19 16:58 - 2018-12-19 16:58 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (3).exe
2018-12-19 16:57 - 2018-12-19 16:57 - 000621416 _____ (VideoDriver) C:\Windows\6DA5333EA704.sys
2018-12-19 16:57 - 2018-12-19 16:57 - 000140800 _____ C:\Users\Kok Seong\AppData\Local\installer.dat
2018-12-19 16:56 - 2018-12-21 22:22 - 000000000 ____D C:\Program Files (x86)\foldershare
2018-12-19 16:48 - 2018-12-19 16:48 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (2).exe
2018-12-19 16:22 - 2018-12-19 16:22 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (1).exe
2018-12-19 16:16 - 2018-12-19 16:16 - 081227760 _____ (Malwarebytes ) C:\Users\Kok Seong\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe
2018-12-18 22:39 - 2018-12-18 22:39 - 000000222 _____ C:\Users\Kok Seong\Desktop\America's Army Proving Grounds.url
2018-12-18 21:43 - 2018-12-18 21:43 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\SCE
2018-12-18 21:42 - 2018-12-18 21:42 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\BattlEye
2018-12-18 20:59 - 2018-12-18 20:59 - 000097095 _____ C:\Windows\uninstaller.dat
2018-12-18 19:13 - 2018-12-18 19:13 - 033542144 _____ C:\Users\Kok Seong\Downloads\EpicInstaller-7.16.0-fortnite (1).msi
2018-12-18 19:07 - 2018-12-18 19:07 - 033542144 _____ C:\Users\Kok Seong\Downloads\EpicInstaller-7.16.0-fortnite.msi
2018-12-18 00:41 - 2018-12-18 00:41 - 000001169 _____ C:\Users\Kok Seong\Desktop\Uplay.lnk
2018-12-18 00:40 - 2018-12-18 00:40 - 088741024 _____ (Ubisoft) C:\Users\Kok Seong\Downloads\UplayInstaller (1).exe
2018-12-10 20:26 - 2018-12-10 20:26 - 025699843 _____ C:\Users\Kok Seong\Downloads\519521 Hotaru Murasaki - Re_TrymenT.osz
2018-12-10 20:26 - 2018-12-10 20:26 - 010527215 _____ C:\Users\Kok Seong\Downloads\625986 Hotaru Murasaki - Re_TrymenT.osz
2018-12-09 14:27 - 2018-12-09 14:27 - 000001333 _____ C:\Users\Kok Seong\Desktop\Call of Duty - Advanced Warfare.lnk
2018-12-09 14:27 - 2018-12-09 14:27 - 000000000 ____D C:\Users\Kok Seong\AppData\Roaming\Call of Duty - Advanced Warfare
2018-12-09 14:27 - 2018-12-09 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-12-09 13:42 - 2018-12-09 13:42 - 000001357 _____ C:\Users\Kok Seong\Desktop\Play Call of Duty - Advanced Warfare.lnk
2018-12-09 02:00 - 2018-12-09 11:13 - 000000000 ____D C:\Users\Kok Seong\Downloads\[R.G. Mechanics] Call of Duty - Advanced Warfare

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-23 10:53 - 2014-01-01 03:33 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-12-23 10:51 - 2009-07-14 12:45 - 000023904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-23 10:51 - 2009-07-14 12:45 - 000023904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-22 00:59 - 2017-12-22 02:08 - 000000000 ____D C:\Users\Kok Seong\AppData\Roaming\discord
2018-12-21 22:27 - 2016-10-16 21:58 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\CrashDumps
2018-12-21 22:02 - 2015-05-16 05:53 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\Google
2018-12-21 22:02 - 2015-05-16 05:39 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-21 22:01 - 2015-05-16 05:54 - 000001213 _____ C:\Users\Kok Seong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-21 21:54 - 2016-06-11 18:43 - 000000000 ____D C:\Users\Tieng Wai Yoke
2018-12-21 19:04 - 2018-04-15 23:16 - 000003922 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2018-03-07 12:01 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{16FC9F69-EF24-4F8A-A5F2-EF69B8A00604}
2018-12-21 19:04 - 2017-11-06 23:48 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2017-04-06 22:50 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2017-04-06 22:50 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2017-04-06 22:50 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2017-04-06 22:50 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2017-04-06 22:50 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2017-04-06 22:50 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-21 19:04 - 2016-09-19 22:55 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-21 19:04 - 2016-09-19 22:55 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-21 19:04 - 2016-08-23 20:13 - 000003246 _____ C:\Windows\System32\Tasks\{EAB2D590-8C21-40E2-814A-7C08928CD6F8}
2018-12-21 19:04 - 2016-08-22 19:31 - 000003092 _____ C:\Windows\System32\Tasks\{DF7AED3F-B81E-4B0E-962A-D9CB6DD21AC6}
2018-12-21 19:04 - 2016-08-22 19:31 - 000003092 _____ C:\Windows\System32\Tasks\{2E5D0041-0BA9-491E-9481-77CD908C131E}
2018-12-21 19:04 - 2016-06-14 01:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-12-21 19:04 - 2016-01-16 17:14 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - d9fa459140d640f194093a0147f50b30b6b6cd859571436d9e6e9865e11101ba
2018-12-21 19:04 - 2015-12-11 02:27 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - d4bec81ac3a14ebf8f1c61524d27f70ac74cdfa81e4f4072bac1068c13d55e75
2018-12-21 19:04 - 2015-12-01 02:34 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - afdc848dd12a4e61b4edab582b6ec5db45c7e8fd47cd4f7686eecc1eafaeeb87
2018-12-21 19:04 - 2015-11-23 20:07 - 000003108 _____ C:\Windows\System32\Tasks\{6DB17E88-2D2A-4665-8B5C-EBB45965166F}
2018-12-21 19:04 - 2015-11-03 22:09 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 673609cbb4b04168ab6e8fab85b2b4076a709f25fc124493bfa08acff446760f
2018-12-21 19:04 - 2015-09-02 17:05 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - aacef7bd450f4573988b396f713be9eeae1a8cc4ecf34cb39070fe0a2309a723
2018-12-21 19:04 - 2015-09-02 17:05 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 917fc879a6f14b2a82d9ee29b29636a56801275e62ab48e89b34ebb187700668
2018-12-21 19:04 - 2015-08-03 21:06 - 000003566 _____ C:\Windows\System32\Tasks\HP AR Program Upload - b139f439cfc44258b6db529c13f190df1712492d68184ad8b4b1b65821e47d00
2018-12-21 19:04 - 2015-07-08 15:50 - 000003430 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-12-21 19:04 - 2015-05-25 22:29 - 000003640 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5510 series
2018-12-21 19:04 - 2015-05-24 22:50 - 000003304 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-12-21 19:04 - 2015-05-24 00:42 - 000002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2018-12-21 19:04 - 2015-05-16 05:49 - 000003852 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1431726558
2018-12-21 16:16 - 2017-10-31 22:09 - 000000000 ____D C:\Users\TEMP.KokSeong-PC
2018-12-21 16:16 - 2016-02-09 21:42 - 000000000 ____D C:\Users\Kwan Jet
2018-12-21 15:38 - 2018-11-09 12:33 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\osu!
2018-12-20 04:06 - 2015-05-17 15:37 - 000000000 ____D C:\Users\Kok Seong\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-12-19 18:31 - 2009-07-14 13:08 - 000032634 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-19 16:56 - 2016-05-01 22:32 - 000000000 ____D C:\Program Files\Rockstar Games
2018-12-19 16:52 - 2017-11-01 13:50 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-12-18 23:01 - 2015-07-01 17:42 - 000291512 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2018-12-18 23:01 - 2015-07-01 17:28 - 000291512 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2018-12-18 22:59 - 2015-07-01 17:28 - 000291496 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2018-12-18 22:59 - 2015-07-01 17:28 - 000076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2018-12-18 19:08 - 2018-11-10 15:57 - 000001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-12-18 19:08 - 2018-11-10 15:57 - 000001230 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-12-18 00:46 - 2016-09-17 11:55 - 000000000 ____D C:\Users\Kok Seong\Documents\ProfileCache
2018-12-18 00:45 - 2016-09-17 11:55 - 000000000 ____D C:\Users\Kok Seong\Documents\The Crew
2018-12-18 00:41 - 2016-09-17 00:07 - 000000000 ____D C:\Users\Kok Seong\AppData\Local\Ubisoft Game Launcher
2018-12-17 03:12 - 2015-06-30 08:49 - 000000000 ____D C:\Windows\Minidump
2018-12-16 20:13 - 2017-02-09 20:17 - 000906011 ____N C:\Windows\Minidump\121718-28048-01.dmp
2018-12-11 06:04 - 2010-11-21 11:27 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-12-09 20:41 - 2015-10-06 12:08 - 000000000 ____D C:\Users\Kok Seong\AppData\Roaming\qBittorrent
2018-12-09 14:25 - 2009-07-14 11:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-12-09 13:44 - 2016-04-22 15:23 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics

==================== Files in the root of some directories =======

2018-12-21 22:34 - 2018-12-22 00:00 - 000000000 _____ () C:\Users\Kok Seong\AppData\Roaming\MCVi2UserDetail.ini
2015-09-06 23:59 - 2015-09-06 23:59 - 000003584 _____ () C:\Users\Kok Seong\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-19 16:57 - 2018-12-19 16:57 - 000140800 _____ () C:\Users\Kok Seong\AppData\Local\installer.dat

Some files in TEMP:
====================
2016-09-11 12:44 - 2017-05-29 20:16 - 000000056 _____ () C:\Users\Kok Seong\AppData\Local\Temp\4460b09d88592dafa5d51e71fc8112e9.dll
2016-09-11 12:44 - 2018-12-19 18:40 - 000000180 _____ () C:\Users\Kok Seong\AppData\Local\Temp\5b19d6925d71b23efc3c31364270fe5d.dll
2017-08-13 01:42 - 2018-12-05 20:28 - 000000044 _____ () C:\Users\Kok Seong\AppData\Local\Temp\614140fc8b06752661dbef054804e79b.dll
2016-12-18 03:08 - 2016-12-18 03:08 - 000000068 _____ () C:\Users\Kok Seong\AppData\Local\Temp\c2e4a68f32fe988b9ab06dc8ba9f4091.dll
2017-01-20 18:51 - 2017-01-20 18:51 - 000692488 _____ (Disc Soft Ltd.) C:\Users\Kok Seong\AppData\Local\Temp\dt_BB4D.tmp.exe
2016-12-18 03:08 - 2016-12-18 03:08 - 000000512 _____ () C:\Users\Kok Seong\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2016-11-12 11:23 - 2016-11-12 11:23 - 000257944 _____ (Emotiplus) C:\Users\Kok Seong\AppData\Local\Temp\Emotiplus_Uninstaller.exe
2014-06-13 12:24 - 2014-12-23 18:35 - 000069808 _____ () C:\Users\Kok Seong\AppData\Local\Temp\ErrorReporting.exe
2014-01-02 03:12 - 2018-12-21 18:35 - 000000093 _____ () C:\Users\Kok Seong\AppData\Local\Temp\f20b775788aef2d3dc5487b1f07ff640.dll
2017-12-09 11:09 - 2018-01-18 21:03 - 000450880 _____ (Garena Online                   ) C:\Users\Kok Seong\AppData\Local\Temp\Garena.exe
2018-11-04 23:59 - 2018-11-04 23:59 - 001906040 _____ (Oracle Corporation) C:\Users\Kok Seong\AppData\Local\Temp\jre-8u181-windows-au.exe
2017-11-14 17:17 - 2017-11-14 17:17 - 037161288 _____ (Indigo Rose Corporation http://www.indigorose.com) C:\Users\Kok Seong\AppData\Local\Temp\KKBOX_Update.exe
2016-09-14 13:53 - 2016-09-14 13:56 - 218457368 _____ () C:\Users\Kok Seong\AppData\Local\Temp\lol_patch_160314to160324.exe
2018-10-21 23:03 - 2015-06-22 08:50 - 001050656 ____N (CANON INC.) C:\Users\Kok Seong\AppData\Local\Temp\MSETUP4.EXE
2016-03-13 17:05 - 2016-03-13 17:08 - 146698176 _____ () C:\Users\Kwan Jet\AppData\Local\Temp\lol_patch_160301to160310.exe
2016-06-12 13:04 - 2016-06-12 13:04 - 000000512 _____ () C:\Users\Tieng Wai Yoke\AppData\Local\Temp\5b19d6925d71b23efc3c31364270fe5d.dll
2016-07-03 15:56 - 2016-07-03 16:09 - 000000069 _____ () C:\Users\Tieng Wai Yoke\AppData\Local\Temp\c2e4a68f32fe988b9ab06dc8ba9f4091.dll
2017-02-23 01:34 - 2017-02-23 01:34 - 002612600 _____ (Microsoft Corporation) C:\Users\Tieng Wai Yoke\AppData\Local\Temp\DefaultPack.EXE
2016-06-12 13:04 - 2016-07-19 16:45 - 000000048 _____ () C:\Users\Tieng Wai Yoke\AppData\Local\Temp\e2638faef890698c0f8f63b5cd753462.dll
2016-07-03 15:56 - 2016-07-03 15:56 - 000000512 _____ () C:\Users\Tieng Wai Yoke\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2016-06-29 14:02 - 2016-06-29 14:02 - 000347258 _____ (Java(TM) Native Access (JNA)) C:\Users\Tieng Wai Yoke\AppData\Local\Temp\jna5014825294422162855.dll

Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\BrSerWdm.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-19 16:09

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites
nasdaq

nasdaq

Posted
Posted


Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

Restart IE when needed.
===

p.s.

Note that Internet Explorer Version 11 is using the AvastBrowser, (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
You do not have to use the Avast Browser.

You can delete it via the Control Panel > Programs > Programs and Features. Your call.
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.1.973.111 - AVAST Software)

Let me know if the problem persists.


 

fixlist.txt

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.