Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

mic volume drop, have Microsoft(C) Register Sever in mixer.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

mic volume drop, have Microsoft(C) Register Sever in mixer.

Unread postby Get_Clicked » April 15th, 2017, 6:31 pm

So i have tried everything in my power so far to fix this and nothing has worked. I have used Malwarebytes, hitmanPro, and CCleaner to solve this and they have not worked. In my task manger processes there is 2 regsvr32.exe running and the program is located in my SysWoW64 file. both of them take me there.

So the issue im having is my mic from my headset is set to 0, and when i change it back to anynumber it goes back to 0 anywhere from 10 seconds to 5 mins it takes. I have tried the headset on the family computer and it works fine. I have tried other headsets and the same thing happens.

logs -
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 (ATTENTION: ====> FRSTversion is 31 days old and could be outdated)
Ran by Andre (administrator) on ANDRE-PC (15-04-2017 17:23:08)
Running from C:\Users\Andre\Downloads
Loaded Profiles: Andre & Guest (Available Profiles: Andre & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Users\Andre\Desktop\computer crap\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\Andre\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Gaijin Entertainment) C:\Users\Andre\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Wargaming.net) Z:\World of TanksSB\WargamingGameUpdater.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Logitech Inc.) Z:\Logitech\LWS\Webcam Software\LWS.exe
() Z:\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Razer, Inc.) C:\Users\Andre\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Remote GO!\AsDLNAServerReal.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TeamSpeak Systems GmbH) Z:\ts3\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70080 2015-06-16] ()
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-07-22] (RealNetworks, Inc.)
HKLM-x32\...\Run: [LWS] => Z:\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [GoogleChromeAutoLaunch_CDE9B9A3C1D351C05B61B6CB536D0894] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-28] (Google Inc.)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [puush] => C:\Users\Andre\Desktop\computer crap\puush.exe [568904 2015-03-29] ()
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [BingSvc] => C:\Users\Andre\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [Gaijin.Net Agent] => C:\Users\Andre\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-03-21] (Gaijin Entertainment)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [World of Tanks] => Z:\World of TanksSB\WargamingGameUpdater.exe [3135752 2017-01-12] (Wargaming.net)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\MountPoints2: {0dbb6643-2143-11e7-a14a-74d02b97155f} - E:\VerizonWirelessUpgradeAssistantSetup.exe
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\MountPoints2: {354b1940-aa71-11e5-8d7d-74d02b97155f} - E:\VerizonWirelessUpgradeAssistantSetup.exe -a
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\MountPoints2: {37554d56-dde1-11e3-bcce-74d02b97155f} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\MountPoints2: {45b939d6-50f0-11e5-8b92-74d02b97155f} - E:\VerizonWirelessUpgradeAssistantSetup.exe -a
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\MountPoints2: {b9fd0170-b19b-11e3-9390-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\...\MountPoints2: {f5a6f943-12d5-11e4-8b74-74d02b97155f} - E:\VerizonWirelessUpgradeAssistantSetup.exe -a
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322240 2014-01-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
Startup: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5f5b45.lnk [2017-04-10]
ShortcutTarget: 5f5b45.lnk -> C:\Users\Andre\AppData\Local\db7671\f6e754.1621fee ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:47574
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75F417D0-2513-4A07-9937-60AC05C01EED}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-us
SearchScopes: HKU\S-1-5-21-1446484643-1097288149-3862632497-1000 -> DefaultScope {CDBA2A1E-57A1-4C6A-93C4-C8947B0C389A} URL = hxxps://search.yahoo.com/search?fr=mcaf ... 0140902&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1446484643-1097288149-3862632497-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1446484643-1097288149-3862632497-1000 -> {CDBA2A1E-57A1-4C6A-93C4-C8947B0C389A} URL = hxxps://search.yahoo.com/search?fr=mcaf ... 0140902&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\x3okv0no.default [2017-04-15]
FF user.js: detected! => C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\x3okv0no.default\user.js [2015-08-28]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\x3okv0no.default -> Secure Search
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\x3okv0no.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\x3okv0no.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-us
FF DefaultSearchEngineuser_pref("browser.startup.page", 1);: Mozilla\Firefox\Profiles\x3okv0no.default -> user_pref("browser.startup.page", 1);Yahoo!
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\x3okv0no.default -> Yahoo!
FF Extension: (Bing Search) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\x3okv0no.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-05-12]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor [not found]
FF SearchPlugin: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\x3okv0no.default\searchplugins\bing-.xml [2016-05-12]
FF SearchPlugin: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\x3okv0no.default\searchplugins\McSiteAdvisor.xml [2015-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-07-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-10-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-03-31] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-03-31] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-07-22] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-07-22] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=dsites1202&cd=2XzuyEtN2Y1L1QzuyCzztCyBtBzyyDtDzztDtByE0CtByCyCtN0D0Tzu0CyBtCyDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=798733547&ir=","hxxp://search.conduit.com/?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF90A2093-C7AA-48B2-959C-480F3F405D7C&SSPV=","hxxp://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP03D593A0-F9E0-47B6-A56A-F22042067A93&SSPV=","hxxp://search.conduit.com/?gd=&ctid=CT3325805&octid=EB_ORIGINAL_CTID&ISID=M6D0708BB-B121-466B-8A41-624259DE5268&SearchSource=55&CUI=&UM=5&UP=SPA40F6D56-A7B6-4E86-88A7-50F59818BB25&SSPV=","hxxp://search.yahoo.com/?type=293224&fr=spigot-yhp-ch","hxxp://start.toshiba.com","hxxp://search.conduit.com/?gd=&ctid=CT3321486&octid=EB_ORIGINAL_CTID&ISID=MFFE79B04-5205-4FD2-9F3D-2EA1B02DCA5F&SearchSource=55&CUI=&UM=5&UP=SP0B065C4C-6B94-45EB-A530-27EF28CC3973&SSPV="
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default [2017-04-15]
CHR Extension: (Google Slides) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-28]
CHR Extension: (Google Docs) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-28]
CHR Extension: (Google Drive) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Authenticator) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2016-04-12]
CHR Extension: (YouTube) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-24]
CHR Extension: (Google Search) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Sheets) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-28]
CHR Extension: (Google Docs Offline) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-02-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Gmail) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-28]
CHR Extension: (Chrome Media Router) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Andre\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-04]
CHR HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1446484643-1097288149-3862632497-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"RuntimeManager" => service was unlocked. <===== ATTENTION

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe [1639424 2013-05-08] (ASUSTeK Computer Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] ()
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-04-09] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-03-31] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-03-31] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-07-31] (VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (VMware)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-08-19] (VMware, Inc.)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
S2 RuntimeManager; C:\Program Files (x86)\Windows NT\Accessories\RuntimeManager\runtimemanager.exe -service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology) [File not signed]
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-13] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
S3 lgLowAudio; C:\Windows\System32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-05] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-09-04] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 USBPNPA; system32\drivers\CM10864.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-15 17:23 - 2017-04-15 17:23 - 00031101 _____ C:\Users\Andre\Downloads\FRST.txt
2017-04-15 17:22 - 2017-04-15 17:23 - 00000000 ____D C:\FRST
2017-04-15 17:22 - 2017-04-15 17:22 - 02424832 _____ (Farbar) C:\Users\Andre\Downloads\FRST64.exe
2017-04-10 22:32 - 2017-04-10 22:32 - 00000315 _____ C:\Users\Andre\Desktop\ANDRE-PC.txt
2017-04-10 22:19 - 2017-04-10 22:19 - 00928176 _____ (Magical Jelly Bean ) C:\Users\Andre\Downloads\KeyFinderInstaller.exe
2017-04-10 22:19 - 2017-04-10 22:19 - 00001089 _____ C:\Users\Public\Desktop\KeyFinder.lnk
2017-04-10 22:19 - 2017-04-10 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2017-04-10 22:19 - 2017-04-10 22:19 - 00000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2017-04-10 20:00 - 2017-04-10 20:01 - 09274608 _____ (Piriform Ltd) C:\Users\Andre\Downloads\ccsetup528.exe
2017-04-10 00:44 - 2017-04-10 00:44 - 00000000 ____D C:\Users\Andre\AppData\Local\Apps\2.0
2017-04-09 23:39 - 2017-04-09 23:39 - 00007502 _____ C:\Windows\system32\.crusader
2017-04-09 23:34 - 2017-04-09 23:39 - 00000000 ____D C:\ProgramData\HitmanPro
2017-04-09 23:34 - 2017-04-09 23:34 - 11583584 _____ (SurfRight B.V.) C:\Users\Andre\Downloads\hitmanpro_x64.exe
2017-04-09 23:34 - 2017-04-09 23:34 - 00001900 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-04-09 23:34 - 2017-04-09 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-04-09 23:34 - 2017-04-09 23:34 - 00000000 ____D C:\Program Files\HitmanPro
2017-04-09 23:11 - 2017-04-09 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-04-09 00:51 - 2017-04-15 17:09 - 00000000 ____D C:\Users\Andre\AppData\Roaming\TS3Client
2017-04-09 00:50 - 2017-04-09 00:50 - 00000589 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-04-09 00:50 - 2017-04-09 00:50 - 00000539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-04-09 00:50 - 2017-04-09 00:50 - 00000000 ____D C:\Users\Andre\New folder
2017-04-09 00:48 - 2017-04-09 00:49 - 77586344 _____ (TeamSpeak Systems GmbH) C:\Users\Andre\Downloads\TeamSpeak3-Client-win64-3.1.3 (1).exe
2017-04-09 00:32 - 2017-04-09 00:32 - 77586344 _____ (TeamSpeak Systems GmbH) C:\Users\Andre\Downloads\TeamSpeak3-Client-win64-3.1.3.exe
2017-04-09 00:22 - 2017-04-09 00:22 - 00000044 _____ C:\Users\Andre\Desktop\ts key.txt
2017-04-08 21:32 - 2017-04-08 21:32 - 00039436 _____ C:\Users\Andre\Downloads\WGLNA Season 2 2016 - 2017 Scavenger Hunt.html
2017-04-08 21:32 - 2017-04-08 21:32 - 00000000 ____D C:\Users\Andre\Downloads\WGLNA Season 2 2016 - 2017 Scavenger Hunt_files
2017-04-07 04:35 - 2017-04-07 04:37 - 00000000 ____D C:\Users\Andre\AppData\Local\cbcb4c75
2017-04-07 04:03 - 2017-04-10 20:02 - 00000000 ____D C:\Users\Andre\AppData\Local\db7671
2017-04-07 01:16 - 2017-03-31 22:20 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-04-07 01:16 - 2017-03-31 20:36 - 00136248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-04-07 01:14 - 2017-04-02 11:12 - 00218040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-04-07 01:14 - 2017-04-02 11:12 - 00046008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 35315256 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 16431320 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 14653888 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-04-07 01:14 - 2017-03-31 22:20 - 11112928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 10636240 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 03430336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 03012152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 01054776 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00991800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00912952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00507504 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00426312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00406736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-04-07 01:14 - 2017-03-31 22:20 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-04-07 01:14 - 2017-03-31 22:20 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-04-07 01:14 - 2017-03-31 19:41 - 00076840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-04-05 23:52 - 2017-04-12 03:03 - 00004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-05 23:52 - 2017-04-07 04:08 - 00000000 ____D C:\Program Files\TrueKey
2017-03-31 02:17 - 2017-03-31 02:16 - 01416918 _____ C:\Users\Andre\Desktop\20170331_0206_france-F18_Bat_Chatillon25t_10_hills.wotreplay
2017-03-30 14:37 - 2017-03-30 14:37 - 04210352 _____ (Wargaming.net ) C:\Users\Andre\Downloads\WoT_internet_install_ct.exe
2017-03-30 14:37 - 2017-03-30 14:37 - 00000603 _____ C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2017-03-24 01:13 - 2017-03-24 01:13 - 13133386 _____ C:\Users\Andre\Downloads\WGLNA Silver Finals.rar
2017-03-18 19:50 - 2017-03-18 21:09 - 01260427 _____ C:\Users\Andre\Desktop\20170318_2058_france-F75_Char_de_25t_10_hills.wotreplay

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-15 17:17 - 2014-03-23 22:20 - 00000000 ____D C:\Users\Andre\AppData\Roaming\Skype
2017-04-15 17:01 - 2015-07-22 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-15 17:01 - 2014-09-05 09:17 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-15 17:00 - 2015-03-13 14:13 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-15 16:53 - 2014-04-07 01:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-15 16:47 - 2015-08-06 19:42 - 00000342 ____H C:\Windows\Tasks\AVUXIBKKIYXHMGUE.job
2017-04-15 16:42 - 2009-07-13 23:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-15 16:42 - 2009-07-13 23:45 - 00029136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-15 16:41 - 2009-07-14 00:13 - 00788438 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-15 16:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2017-04-15 16:40 - 2014-03-22 13:49 - 00000000 _____ C:\Windows\Path.idx
2017-04-15 16:35 - 2014-03-21 13:54 - 01048576 _____ C:\Windows\PE_Rom.dll
2017-04-15 16:35 - 2014-03-21 13:01 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-15 16:35 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-14 13:55 - 2014-04-16 13:51 - 00000000 ____D C:\Users\Andre\AppData\Local\CrashDumps
2017-04-12 12:02 - 2015-07-22 21:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-12 12:02 - 2014-12-29 20:23 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 03:03 - 2014-04-07 01:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-12 03:03 - 2014-04-07 01:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-12 03:03 - 2014-04-07 01:39 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-12 03:03 - 2014-04-07 01:39 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-11 16:57 - 2016-08-30 21:43 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d2033175af73bc
2017-04-11 16:57 - 2016-08-30 21:43 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d2033175a49e24
2017-04-10 20:01 - 2015-08-29 19:22 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-04-10 20:01 - 2015-08-29 19:22 - 00000825 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-04-10 19:58 - 2015-08-29 19:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-10 19:35 - 2015-09-15 00:06 - 00000000 ____D C:\Users\Andre\Desktop\push
2017-04-10 19:34 - 2014-03-31 16:47 - 00000000 ____D C:\Users\Andre\AppData\Local\ElevatedDiagnostics
2017-04-10 01:07 - 2014-07-15 17:50 - 00000000 ____D C:\Users\Andre\AppData\Roaming\vlc
2017-04-09 23:41 - 2014-08-26 18:22 - 00000000 ____D C:\ProgramData\Razer
2017-04-09 23:14 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-09 17:24 - 2014-09-02 18:50 - 00000000 ____D C:\Windows\system32\iprint
2017-04-09 17:22 - 2016-03-11 13:24 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-09 17:18 - 2016-03-29 18:46 - 00000000 ___RD C:\Users\Andre\Dropbox
2017-04-09 16:09 - 2016-08-15 19:11 - 02572334 ____H C:\Users\Andre\AppData\Local\IconCache.db.backup
2017-04-09 00:50 - 2014-03-21 12:38 - 00000000 ____D C:\Users\Andre
2017-04-09 00:44 - 2015-08-29 19:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-08 17:16 - 2017-01-14 12:06 - 00000433 _____ C:\Users\Andre\Desktop\New Text Document (2).txt
2017-04-07 01:16 - 2015-02-03 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-07 01:16 - 2014-03-21 13:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-07 01:16 - 2014-03-21 13:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-07 01:16 - 2014-03-21 13:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-05 23:52 - 2014-09-02 19:55 - 00000000 ____D C:\ProgramData\McAfee
2017-04-05 23:52 - 2014-04-07 01:39 - 00000000 ____D C:\Users\Andre\AppData\Local\Adobe
2017-04-02 11:12 - 2015-02-03 16:40 - 01600560 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-04-02 00:57 - 2016-12-15 15:36 - 00004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-02 00:57 - 2016-11-28 19:42 - 00003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-02 00:57 - 2016-11-28 19:42 - 00001419 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-02 00:57 - 2016-11-28 19:41 - 00003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-02 00:57 - 2016-11-28 19:41 - 00003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-02 00:57 - 2016-11-28 19:41 - 00003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-02 00:57 - 2016-11-28 19:41 - 00003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-02 00:57 - 2016-11-28 19:41 - 00003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-03-31 22:20 - 2017-01-25 13:21 - 28560440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-03-31 22:20 - 2016-11-28 19:46 - 00491208 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-03-31 22:20 - 2015-11-25 16:18 - 04071816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-03-31 22:20 - 2015-11-22 22:59 - 17418608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-03-31 22:20 - 2014-03-21 13:00 - 20055968 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-03-31 22:20 - 2014-03-21 13:00 - 13398512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-03-31 22:20 - 2014-03-21 13:00 - 03588376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-03-31 22:20 - 2014-03-21 13:00 - 00042897 _____ C:\Windows\system32\nvinfo.pb
2017-03-31 21:10 - 2015-12-22 16:38 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-03-31 21:10 - 2015-12-22 16:38 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-03-31 21:10 - 2014-03-21 13:01 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-03-31 21:10 - 2014-03-21 13:01 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-03-31 21:10 - 2014-03-21 13:01 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-03-31 21:10 - 2014-03-21 13:01 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-03-31 21:10 - 2014-03-21 13:01 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-03-31 21:09 - 2016-11-28 19:41 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-03-31 05:15 - 2014-03-21 13:01 - 07851747 _____ C:\Windows\system32\nvcoproc.bin
2017-03-30 14:37 - 2015-03-14 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2017-03-30 14:37 - 2014-03-22 14:08 - 00000000 ____D C:\Games
2017-03-24 19:58 - 2015-01-12 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-03-24 19:58 - 2014-11-04 15:46 - 00002045 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-03-24 19:58 - 2014-11-04 15:46 - 00002043 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-03-24 19:58 - 2014-11-04 15:46 - 00002033 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-03-24 19:19 - 2014-05-30 13:53 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 19:19 - 2014-05-30 13:50 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2014-03-22 14:19 - 2015-11-20 22:20 - 0007597 _____ () C:\Users\Andre\AppData\Local\resmon.resmoncfg
2015-11-21 18:39 - 2015-11-21 18:39 - 0000000 _____ () C:\Users\Andre\AppData\Local\{3D2345A1-CD0F-4858-9FEE-A572A37AC78A}
2016-12-15 15:36 - 2017-01-25 13:16 - 0103601 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 15:36 - 2017-01-15 11:58 - 0006776 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2015-08-09 10:53 - 2015-08-09 11:06 - 0001610 _____ () C:\ProgramData\tempimage.bmp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-13 07:47

==================== End of FRST.txt ============================
You do not have the required permissions to view the files attached to this post.
Get_Clicked
Active Member
 
Posts: 3
Joined: April 15th, 2017, 6:13 pm
Advertisement
Register to Remove

Re: mic volume drop, have Microsoft(C) Register Sever in mix

Unread postby mAL_rEm018 » April 18th, 2017, 6:44 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello Get_Clicked,

Welcome to Malware Removal! My name is mAL_rEm018, but feel free to call me mAL. I will be helping you with your malware related problems :)

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.

To make sure everything goes smoothly, I would like you to observe the following rules:
  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread. Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum. Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

Before continuing please read and get acquainted with the following topic: HOW TO GET HELP IN THIS FORUM - everyone must read this, where the conditions for receiving help here are explained.

Let's get to work! :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 (ATTENTION: ====> FRSTversion is 31 days old and could be outdated)

Your version of Farbar Recovery Scan Tool is outdated. Please delete the one you have on your computer and do the following..

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.



-----------------------------------------
In your next reply, I would like to see..
  • FRST.txt
  • Addition.txt

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....
User avatar
mAL_rEm018
MRU Teacher
MRU Teacher
 
Posts: 2058
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: mic volume drop, have Microsoft(C) Register Sever in mix

Unread postby Get_Clicked » April 18th, 2017, 6:49 pm

I'm at work right now. But will be home in 3 hours. At the moment I found a quick fix to the issue by ending the process tree of the error but it only works untill I restart my PC.
Get_Clicked
Active Member
 
Posts: 3
Joined: April 15th, 2017, 6:13 pm

Re: mic volume drop, have Microsoft(C) Register Sever in mix

Unread postby Get_Clicked » April 19th, 2017, 12:28 am

thank you mal, but after a reinstall of windows i was able to fox the issue, i havent done this in the past 2 years so i felt it was time.
Get_Clicked
Active Member
 
Posts: 3
Joined: April 15th, 2017, 6:13 pm

Re: mic volume drop, have Microsoft(C) Register Sever in mix

Unread postby mAL_rEm018 » April 19th, 2017, 5:34 am

Get_Clicked wrote:thank you mal, but after a reinstall of windows i was able to fox the issue, i havent done this in the past 2 years so i felt it was time.

Thank you for informing me. Since you were able to fix your computer issues with a reformat, I will now request for this topic to be closed. Take care and stay safe! :)

mAL
User avatar
mAL_rEm018
MRU Teacher
MRU Teacher
 
Posts: 2058
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: mic volume drop, have Microsoft(C) Register Sever in mix

Unread postby pgmigg » April 19th, 2017, 9:41 am

As the problems seem to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see
Feedback for Our Helpers - Say "Thanks" Here.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4461
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 71 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware