Can't seem to get rid of PUA:Win32/NetFilter

Stop doing full scans with the MSERT or in fact most any scanner unless you've already recently experienced a confirmed malware detection by your installed antivirus or highly suspect that malware exists for another reason.

I say this exactly because of situations like this one, since all full scans by any scanner are notoriously likely to display false positive detections, because they're performed out of context with where active malware is known to operate.

This can often result in the detection of either "dead" malware remnants in cache, other temporary folders or embedded within Window IMage (WIM), Provisioning package (.ppkg) or other compressed files where they clearly can't be active.

As you've seen in this thread and will find in multiple others in these and other forums relating to both that specific ASUS game and other .ppkg files within Recovery partitions, the Windows filing system is able to scan within these, so it's possible for any of their scanners to do this as well, often leading to situations like this where people who don't recognize compressed or packaged Recovery partition files end up sending unsuspecting people like yourself through lots of wasted effort and concern.

With all of this common knowledge about Windows, Full scans, Recovery partitions containing WIM, .ppkg and other installation files and the obvious file name of that ASUS - ROG Game First III itself, it should now be relatively obvious why this was never anything to be worried about.

So just ignore it and as I recommended, stop doing full scans, they almost never provide a useful result and in most cases simply convince people their primary antivirus scanner isn't "good enough" or they've got malware they can't get rid of, just like in this case.

As an aside, PUA (Potentially Unwanted Application) detections are also notorious as being false positive (e,g, incorrect) detections, so always take these with a grain of salt unless they clearly match the name or known action of their detection.

Rob

Sorry, I hadn't recognized the acronym. I don't usually refer to Microsoft Safety Scanner with this acronym.

But if MSERT isn't finding this threat, it probably won't find it in safe mode either. But it never hurts to try.

This file that Windows Defender is referring to is in the directory provided?

Ey! Thanks for helping out!

Actually what I refered as "MSERT" is the Microsoft Safety Scanner so I've already ran a full scan like 2/3 times and got nothing (it detected infected files but the scan finished okay). However, I'll try to run it again in safe mode.

I did not know about ADWCleaner so I installed it and... It found nothing. It only found the pre installed software.

I'm not so sure of what to do now.

Hi ValenRM,

I'm David, and I'm happy to help you.

Some PUAs can be persistent.

I suggest you run AdwCleaner. It usually removes these persistent PUAs.

Download through this link: https://malwarebytes.com/adwcleaner/

IMPORTANT: AdwCleaner detects pre-installed software and allows you to remove all of its features to improve Windows performance. It may be software that you need, so ignore this option or uncheck the software in the list provided after scanning.

________________________________________________________

Standard Disclaimer: This is a non-Microsoft website. The page appears to be providing accurate, safe information. Watch out for ads on the site that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the site before you decide to download and install it.

________________________________________________________

It's also a good idea to run the Microsoft Safety Scanner.

https://docs.microsoft.com/en-us/windows/securi...

If possible, run in safe mode with networking.

https://support.microsoft.com/en-us/windows/sta...

Feel free to ask back any questions.