Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox random redirect to Pipeschannel/porn site


  • Please log in to reply
3 replies to this topic

#1 Cepheron

Cepheron

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 14 August 2017 - 08:59 AM

I used the latest version of Firefox and I am on Windows 10

 

Now, in the last few days I have noticed that whenever I click on links in ANY website, it will sometimes redirect me to pipeschannel or some random porn site. I have tried Malwarebytes to get rid of this malware but to no avail. Does anyone have any suggestions on how to get rid of this problem? Thanks in advance!



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 PM

Posted 14 August 2017 - 11:23 AM

Hello,

In FireFox it may be the Add ons/Plugins. First look for unknown add ons and disable. Or
Try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date[/url

Also run these.

SKIP TDSSKiller

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • Please download and run ESET Online Scanner
  • Check qy7AMI8.jpg (if available) and click on the ePL5oyv.jpg button.
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See [url=https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/]here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Cepheron

Cepheron
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 14 August 2017 - 06:49 PM

Besides what I have installed for Firefox, there are no new extensions or addons.

 

Here are all the results of those scans. Nothing seems to have changed, still getting redirects.

---

MiniToolBox

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Cephy (administrator) on 14-08-2017 at 10:44:40
Running from "C:\Users\Cephy\Downloads"
Microsoft Windows 10 Home  (X64)
Model: To be filled by O.E.M. Manufacturer: To be filled by O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : GUMBO-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : D0-17-C2-89-CD-D4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4906:395:22c7:7022%3(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 13, 2017 4:50:59 PM
   Lease Expires . . . . . . . . . . : Tuesday, August 15, 2017 7:37:53 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 114300866
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3B-D9-8A-D0-17-C2-89-CD-D4
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:38d7:5e6d:ba56:4d7c(Preferred)
   Link-local IPv6 Address . . . . . : fe80::38d7:5e6d:ba56:4d7c%9(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 150994944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3B-D9-8A-D0-17-C2-89-CD-D4
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{4C90B7A8-F3F2-4475-9FF8-5125ED7D4461}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Yiffatronic
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4002:811::200e
      172.217.12.110


Pinging google.com [172.217.12.110] with 32 bytes of data:
Reply from 172.217.12.110: bytes=32 time=69ms TTL=49
Reply from 172.217.12.110: bytes=32 time=69ms TTL=49

Ping statistics for 172.217.12.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 69ms, Maximum = 69ms, Average = 69ms
Server:  Yiffatronic
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      206.190.36.45
      98.138.253.109
      98.139.180.149


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=25ms TTL=52
Reply from 206.190.36.45: bytes=32 time=25ms TTL=52

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 25ms, Maximum = 25ms, Average = 25ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  3...d0 17 c2 89 cd d4 ......Realtek PCIe GBE Family Controller #2
  1...........................Software Loopback Interface 1
  9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
  5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    281
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9    331 ::/0                     On-link
  1    331 ::1/128                  On-link
  9    331 2001::/32                On-link
  9    331 2001:0:5ef5:79fb:38d7:5e6d:ba56:4d7c/128
                                    On-link
  3    281 fe80::/64                On-link
  9    331 fe80::/64                On-link
  9    331 fe80::38d7:5e6d:ba56:4d7c/128
                                    On-link
  3    281 fe80::4906:395:22c7:7022/128
                                    On-link
  1    331 ff00::/8                 On-link
  3    281 ff00::/8                 On-link
  9    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2017 10:44:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:43:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:36:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:36:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:36:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:22:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:19:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.People_8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:19:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:07:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/14/2017 10:04:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: GUMBO-PC)
Description: Activation of app Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (08/14/2017 07:37:59 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/13/2017 10:09:10 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 5

Error: (08/13/2017 10:09:01 PM) (Source: DCOM) (User: GUMBO-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (08/13/2017 10:08:59 PM) (Source: DCOM) (User: GUMBO-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (08/13/2017 04:51:30 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/13/2017 04:51:30 PM) (Source: Service Control Manager) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (08/13/2017 04:51:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (08/13/2017 04:51:00 PM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (08/13/2017 04:50:59 PM) (Source: Service Control Manager) (User: )
Description: The luafv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading


Error: (08/13/2017 04:49:52 PM) (Source: DCOM) (User: GUMBO-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2017-08-13 13:40:52.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-12 17:36:54.954
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-10 12:47:30.965
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:30.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:30.915
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:30.866
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:30.857
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:30.848
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:29.342
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-10 12:47:29.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.


=========================== Installed Programs ============================

 (HKLM\...\UDK-38176093-59d8-48e2-9ad9-7c5766e9b628) (Version:  - RuneStorm
µTorrent (HKCU\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Age of Wonders III (HKLM\...\Steam App 226840) (Version:  - Triumph Studios)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{15E1B393-3CCA-4C5B-A187-ACBC36019E73}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
Baldur's Gate II: Enhanced Edition (HKLM\...\Steam App 257350) (Version:  - Beamdog)
Baldur's Gate: Enhanced Edition (HKLM\...\Steam App 228280) (Version:  - Beamdog)
Banished (HKLM\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blender 2.78 (HKLM\...\Steam App 365670) (Version:  - Blender Foundation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM\...\Steam App 261640) (Version:  - 2K Australia)
Broforce (HKLM\...\Steam App 274190) (Version:  - Free Lives)
Catlateral Damage (HKLM\...\Steam App 329860) (Version:  - Chris Chung)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Discord (HKCU\...\Discord) (Version: 0.0.298 - Discord Inc.)
DOOM (HKLM\...\Steam App 379720) (Version:  - id Software)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
DRAGON BALL XENOVERSE (HKLM\...\Steam App 323470) (Version:  - DIMPS)
Dreamfall Chapters The Final Cut (HKLM-x32\...\Dreamfall Chapters The Final Cut_is1) (Version:  - )
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FINAL FANTASY IX (HKLM\...\Steam App 377840) (Version:  - SQUARE ENIX)
FINAL FANTASY XIV: A Realm Reborn (HKLM\...\Steam App 39210) (Version:  - SQUARE ENIX)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.7.52912 - The Phoenix Firestorm Project, Inc.)
Fistful of Frags (HKLM\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.1.0 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HITMAN™ (HKLM\...\Steam App 236870) (Version:  - Io-Interactive)
Homeworld Remastered Collection (HKLM\...\Steam App 244160) (Version:  - Gearbox Software)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Jotun (HKLM\...\Steam App 323580) (Version:  - Thunder Lotus Games)
Killing Floor 2 (HKLM\...\Steam App 232090) (Version:  - Tripwire Interactive)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.6 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Neverwinter (HKLM\...\Steam App 109600) (Version:  - Cryptic Studios)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Oddworld: Munch's Oddysee (HKLM\...\Steam App 15740) (Version:  - Oddworld Inhabitants)
Oh...Sir! The Insult Simulator (HKLM\...\Steam App 512250) (Version:  - Vile Monarch)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.17.36908 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.4.1 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.712 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
Sculptris Alpha 6 (HKLM-x32\...\Sculptris Alpha 6 Alpha 6) (Version: Alpha 6 - Pixologic)
Secret World Legends (HKLM\...\Steam App 215280) (Version:  - Funcom)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Sonic Adventure™ 2  (HKLM\...\Steam App 213610) (Version:  - SEGA)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
State of Decay (HKLM\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.1.4.2 - TeamSpeak Systems GmbH)
The Chronicles of Riddick: Assault on Dark Athena (HKLM\...\Steam App 9860) (Version:  - Starbreeze Studios AB)
The Elder Scrolls III: Morrowind (HKLM\...\Steam App 22320) (Version:  - Bethesda Game Studios)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Into the Future (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Into the Future) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Titan Quest Anniversary Edition (HKLM\...\Steam App 475150) (Version:  - Iron Lore Entertainment)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version:  - Massive Entertainment)
Tropico 4 (HKLM\...\Steam App 57690) (Version:  - Haemimont Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 23.0 - Ubisoft)
Viscera Cleanup Detail (HKLM\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: alpha v0.25
VitalSource Bookshelf (HKLM-x32\...\{d25e882e-ebb7-4f14-b756-5fb52fe1d833}) (Version: 7.2.0003 - Ingram Content Group)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM\...\Steam App 4570) (Version:  - Relic Entertainment)
Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 16283.49 MB
Available physical RAM: 10593.32 MB
Total Virtual: 32667.49 MB
Available Virtual: 26381.57 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.22 GB) (Free:177.41 GB) NTFS
2 Drive d: (Games) (Fixed) (Total:1863.01 GB) (Free:267.04 GB) NTFS
3 Drive e: (hentai flcl) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\GUMBO-PC

Administrator            Cephy                    DefaultAccount           
Guest                    


**** End of log ****
----

----
Adwcleaner

 

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 14 16:52:13 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-11-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.Legacy, C:\END


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.ByteFence, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bytefence.com
PUP.Optional.ByteFence, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\en.bytefence.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

 

-----

-----
Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Cephy (Administrator) on Mon 08/14/2017 at 11:00:39.52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Users\Cephy\AppData\Roaming\3909 (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/14/2017 at 11:03:37.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-----

 

 

-----

ESET Scan

C:\$Recycle.Bin\S-1-5-21-1774912521-967724092-3806421489-1000\$RQ3XYBH.iso    a variant of Win32/Adware.YoBrowser.AF application    
C:\Program Files\The Sims 4\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Program Files\The Sims 4\Game_\Bin\rld.dll    Win32/HackTool.Crack.CY potentially unsafe application    
C:\Program Files\The Sims 4\Game_\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Program Files (x86)\Common Files\wincy\syncversion.exe    a variant of Win32/DealPly.JW.gen potentially unwanted application    
C:\Users\Cephy\AppData\Local\Mozilla\Firefox\Profiles\fhwnzn0i.default-1495311277245\cache2\entries\0F4C2D4E6C280B628F31D96A48A5B36D6EFAACB8    Win32/InstallCore.Gen.A potentially unwanted application    
C:\Users\Cephy\AppData\Local\Mozilla\Firefox\Profiles\fhwnzn0i.default-1495311277245\cache2\entries\910E7C9151F7221577AF616A50676255036F8D41    JS/ProxyChanger.EJ trojan    
C:\Users\Cephy\AppData\Local\Temp\is-N8J6O.tmp\Loot0xkRlXqakcT.dll    a variant of Win32/Adware.YoBrowser.S application    
C:\Users\Cephy\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe    Win32/FusionCore.L potentially unwanted application    
C:\Users\Cephy\Downloads\The Sims 4\City Living\The Sims 4 - City Living.rar    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\City Living\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Fitness Stuff\The Sims 4 - Fitness Stuff.rar    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Fitness Stuff\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Get Together\The Sims 4 - Get Together.rar    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Get Together\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Parenthood\The Sims 4 - Parenthood.rar    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Parenthood\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Sims 4 Base\setup5.cab    Win32/HackTool.Crack.CY potentially unsafe application,a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Sims 4 Base\The Sims 4.rar    Win32/HackTool.Crack.CY potentially unsafe application,a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Sims 4 Get To Work\The Sims 4 - Get to Work.rar    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Sims 4 Get To Work\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Toddlers, Vampires, and Bowling\The Sims 4 Update v1.29.69.1020.zip    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
C:\Users\Cephy\Downloads\The Sims 4\Toddlers, Vampires, and Bowling\The Sims 4 Update v1.29.69.1020\Game\Bin\RldOrigin.dll    a variant of Win32/HackTool.Crack.DK potentially unsafe application    
 


Edited by Cepheron, 14 August 2017 - 06:56 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:49 PM

Posted 15 August 2017 - 10:05 AM

Ok, then it must be being protected and we need a deeper look. Please follow this Preparation Guide&#160;and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users