Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google link redirected me, did I get infected?


  • Please log in to reply
9 replies to this topic

#1 Vantezzle

Vantezzle

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 11 January 2018 - 08:07 PM

I clicked on a link in google but instead of the website I wanted, it opened http://www.freenom.link/en/index.html?lang=en
 
Did I get infected?
 


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:24 AM

Posted 12 January 2018 - 11:16 AM

Hi. looks like a browser Hi Jack.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Vantezzle

Vantezzle
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 12 January 2018 - 12:25 PM

Right...But are you sure that's necessary?It just happened on one link so I assumed that it's expired domain thing?



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:24 AM

Posted 12 January 2018 - 12:46 PM

No I am not sure where it is or what type. Is it a downloader and dropped more or a one entry adaware. So I figure to look.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Vantezzle

Vantezzle
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 12 January 2018 - 01:33 PM

Here you have all 3 logs
 
 
 
MiniToolBox by Farbar  Version: 17-06-2016
Ran by przemek (administrator) on 12-01-2018 at 18:32:14
Running from "C:\Users\przemek\Downloads"
Microsoft Windows 10 Home  (X64)
Model: GT62VR 7RE Manufacturer: Micro-Star International Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Killer Wireless-n/a/ac 1435 Wireless Network Adapter = Wi-Fi (Connected)
Killer E2500 Gigabit Ethernet Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : MSI
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Killer E2500 Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 4C-CC-6A-DE-53-E9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-B6-D0-64-E8-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Killer Wireless-n/a/ac 1435 Wireless Network Adapter
   Physical Address. . . . . . . . . : 9C-B6-D0-64-E8-13
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9c17:a3df:5263:c2b4%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.18(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 12 January 2018 12:26:46
   Lease Expires . . . . . . . . . . : 13 January 2018 12:26:46
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 161265360
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-49-97-C9-9C-B6-D0-64-E8-13
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3c58:2121:3f57:feed(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3c58:2121:3f57:feed%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-49-97-C9-9C-B6-D0-64-E8-13
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  funbox.home
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:4001:80b::200e
  216.58.214.46
 
 
Pinging google.com [216.58.214.46] with 32 bytes of data:
Reply from 216.58.214.46: bytes=32 time=52ms TTL=56
Reply from 216.58.214.46: bytes=32 time=52ms TTL=56
 
Ping statistics for 216.58.214.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 52ms, Maximum = 52ms, Average = 52ms
Server:  funbox.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::100d
  2001:4998:58:2201::73
  2001:4998:c:e33::53
  98.139.180.180
  206.190.39.42
  98.138.252.38
 
 
Pinging yahoo.com [98.138.252.38] with 32 bytes of data:
Reply from 98.138.252.38: bytes=32 time=168ms TTL=50
Reply from 98.138.252.38: bytes=32 time=168ms TTL=50
 
Ping statistics for 98.138.252.38:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 168ms, Maximum = 168ms, Average = 168ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  4...4c cc 6a de 53 e9 ......Killer E2500 Gigabit Ethernet Controller
  9...9e b6 d0 64 e8 13 ......Microsoft Wi-Fi Direct Virtual Adapter
 15...9c b6 d0 64 e8 13 ......Killer Wireless-n/a/ac 1435 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.18     35
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link      192.168.1.18    291
     192.168.1.18  255.255.255.255         On-link      192.168.1.18    291
    192.168.1.255  255.255.255.255         On-link      192.168.1.18    291
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.1.18    291
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.1.18    291
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    331 ::/0                     On-link
  1    331 ::1/128                  On-link
 12    331 2001::/32                On-link
 12    331 2001:0:9d38:90d7:3c58:2121:3f57:feed/128
                                    On-link
 15    291 fe80::/64                On-link
 12    331 fe80::/64                On-link
 12    331 fe80::3c58:2121:3f57:feed/128
                                    On-link
 15    291 fe80::9c17:a3df:5263:c2b4/128
                                    On-link
  1    331 ff00::/8                 On-link
 12    331 ff00::/8                 On-link
 15    291 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [334744] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [402992] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/12/2018 01:27:01 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib) (User: )
Description: rdyboost4
 
Error: (01/12/2018 01:27:01 PM) (Source: PerfNet) (User: )
Description: 
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
Error: (01/11/2018 11:59:08 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (01/11/2018 11:59:08 PM) (Source: Perflib) (User: )
Description: rdyboost4
 
Error: (01/11/2018 11:59:08 PM) (Source: PerfNet) (User: )
Description: 
 
 
System errors:
=============
Error: (01/12/2018 06:20:05 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 04:14:12 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 02:55:58 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 02:20:59 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 02:20:26 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 02:17:58 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 12:40:06 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 12:37:30 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 12:28:53 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/12/2018 12:26:59 PM) (Source: DCOM) (User: MSI)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}MSIprzemekS-1-5-21-2938787356-1826945826-1226891489-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (01/12/2018 01:27:01 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib)(User: )
Description: rdyboost4
 
Error: (01/12/2018 01:27:01 PM) (Source: PerfNet)(User: )
Description: 
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib)(User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib)(User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (01/12/2018 01:27:01 PM) (Source: Perflib)(User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll4
 
Error: (01/11/2018 11:59:08 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (01/11/2018 11:59:08 PM) (Source: Perflib)(User: )
Description: rdyboost4
 
Error: (01/11/2018 11:59:08 PM) (Source: PerfNet)(User: )
Description: 
 
 
CodeIntegrity Errors:
===================================
  Date: 2018-01-12 18:30:23.742
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 18:25:23.744
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 18:20:23.742
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 18:15:23.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 18:10:23.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 18:05:23.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 18:00:23.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 17:55:23.743
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 17:50:23.745
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2018-01-12 17:45:23.743
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ComfortKeyboard\CKeyboardH64.dll that did not meet the Microsoft signing level requirements.
 
 
=========================== Installed Programs ============================
 
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
A Game of Thrones version 1.6 (HKCU\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 1.6 - AGOT TEAM)
Airport CEO (HKLM\...\Steam App 673610) (Version:  - Apoapsis Studios)
Alt Controller (HKLM-x32\...\{CA6FD10F-8E88-4167-B9B4-BC093546CA02}) (Version: 1.31 - Tim Brogden)
American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
ApoDispatchConfigurator (HKLM\...\{064FCD7F-935D-4A3C-BDA5-8B272AA5A698}) (Version: 2.3.1401 - Nahimic) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.38.1 - Asmedia Technology)
AudioLaunchpadConfigurator (HKLM\...\{E49685B2-DE80-4609-9B01-A993282D563B}) (Version: 2.3.1401 - Nahimic) Hidden
AutoHotkey 1.1.26.01 (HKLM\...\AutoHotkey) (Version: 1.1.26.01 - Lexikos)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.15.189 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.15.189 - Bitdefender)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blood-Ice (HKLM-x32\...\1313912128_is1) (Version: 1.0.7.1 - GOG.com)
Bomber Crew (HKLM\...\Steam App 537800) (Version:  - Runner Duck)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 9.4.9 - Andrew Sampson)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application)
Capitalism Lab Post-Release Beta 5.0.09 (HKCU\...\Capitalism Lab Post-Release Beta) (Version: 5.0.09 - Enlight Software Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
CheckDevicesConfigurator (HKLM\...\{F17C92A4-9E41-43A2-B0C1-6BFAFD4B0354}) (Version: 2.3.1401 - Nahimic) Hidden
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Comfort On-Screen Keyboard Pro (HKLM\...\{6EB17721-6249-417B-99B9-DAF3FD532955}_is1) (Version: 7.5.0.0 - Comfort Software Group)
Cook, Serve, Delicious! (HKLM\...\Steam App 247020) (Version:  - Vertigo Gaming Inc.)
Cook, Serve, Delicious! 2!! (HKLM\...\Steam App 386620) (Version:  - Vertigo Gaming Inc.)
CPUID CPU-Z 1.82 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82 - )
CPUID HWMonitor 1.33 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.33 - )
Creeper World 3 DEMO (HKLM\...\{CE1D04F8-D0BE-468E-BBC1-5367B5D832F0}_is1) (Version:  - Knuckle Cracker, LLC)
Creeper World 3: Arc Eternal (HKLM\...\Steam App 280220) (Version:  - Knuckle Cracker)
Crusader Kings II (HKLM\...\Steam App 203770) (Version:  - Paradox Development Studio)
Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKCU\...\Discord) (Version: 0.0.300 - Discord Inc.)
Divinity: Original Sin 2 (HKLM\...\Steam App 435150) (Version:  - Larian Studios)
Divinity: Original Sin Enhanced Edition (HKLM\...\Steam App 373420) (Version:  - Larian Studios)
Dragon Age™: Inkwizycja (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1711.2101 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1711.2101 - Micro-Star International Co., Ltd.)
Dungeon of the Endless (HKLM\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Dungeons 3 (HKLM\...\Steam App 493900) (Version:  - Realmforge Studios)
Emergency 2017 (HKLM\...\Steam App 524110) (Version:  - Sixteen Tons Entertainment)
Endless Space 2 (HKLM\...\Steam App 392110) (Version:  - AMPLITUDE Studios)
Epic Games Launcher (HKLM-x32\...\{6F15D7C1-3079-4135-B8E9-8D3EA033EE3A}) (Version: 1.1.129.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
EVE Online (HKLM\...\Steam App 8500) (Version:  - CCP)
Evil Genius (HKLM\...\Steam App 3720) (Version:  - Elixir Studios)
Expeditions: Viking (HKLM-x32\...\1450363937_is1) (Version: 1.0.7.1 - GOG.com)
Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.50.12617 - Electronic Arts)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Football Manager 2018 (HKLM\...\Steam App 624090) (Version:  - Sports Interactive)
Football Tactics (HKLM\...\Steam App 375530) (Version:  - Creoteam)
Futuremark SystemInfo (HKLM-x32\...\{71BFECB2-2CFD-4E6A-A8AF-4EE600A816B7}) (Version: 5.3.629.0 - Futuremark)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Golf It! (HKLM\...\Steam App 571740) (Version:  - Perfuse Entertainment)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 63.0.3239.132 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hardware Engineers (HKLM\...\Steam App 485900) (Version:  - Green127)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heat Signature (HKLM\...\Steam App 268130) (Version:  - Suspicious Developments)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hotel Giant 2 (HKLM\...\Steam App 38230) (Version:  - Enlight Software Limited, PerspectX)
Industry Giant 2 (HKLM\...\Steam App 271360) (Version:  - Fancy Bytes, Reactor)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
KB4023057 (HKLM\...\{ED06689A-33B7-4D35-8F76-36A82CD03406}) (Version: 2.3.0.0 - Microsoft Corporation)
KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.)
Killer Drivers (HKLM\...\{02E86843-ABD6-43CA-803C-46B2071E98BB}) (Version: 1.4.1492 - Rivet Networks)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup (HKLM\...\{EAF34292-88ED-4E8A-8DD2-39F9E0DD4DC7}) (Version: 2.3.1401 - Nahimic) Hidden
Layers of Fear (HKLM-x32\...\345b53a8-5464-427e-9e59-82280938934b) (Version:  - Aspyr)
Life is Feudal: Forest Village (HKLM\...\Steam App 496460) (Version:  - Mindillusion)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Silver (HKLM\...\{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Silver (HKLM-x32\...\MX.{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH)
MAGIX Music Maker Silver Soundpools (HKLM\...\{CC8B6E22-F579-46A1-A9F3-985F114590F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 16 (HKLM\...\{B33D219F-2504-45A7-863B-999ED3E38B01}) (Version: 12.0.0.26 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 16 (HKLM-x32\...\MX.{B33D219F-2504-45A7-863B-999ED3E38B01}) (Version: 12.0.0.26 - MAGIX Software GmbH)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI Remind Manager (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 2.0.0.034 - Portrait Displays, Inc.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nahimic 2 (HKLM-x32\...\{05c7b70a-5d25-419a-9b71-76900393b641}) (Version: 2.3.14 - Nahimic)
Nahimic2UISetup (HKLM\...\{FD585866-680F-4FE0-8082-731D715F90CE}) (Version: 2.3.1401 - Nahimic) Hidden
NEO Scavenger Demo (HKLM\...\Steam App 270680) (Version:  - Blue Bottle Games)
Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.2.7 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.6.0.12 - Symantec Corporation) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA 3D Vision Driver 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.59 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.1 - OBS Project)
Oh...Sir! The Insult Simulator (HKLM\...\Steam App 512250) (Version:  - Vile Monarch)
Omerta - City of Gangsters (HKLM-x32\...\1207659157_is1) (Version: 1.07 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
ORLLO IP 1.3.0.96 (HKLM-x32\...\{DE24BB52-3A46-4ED1-8E57-41E724F6BC74}_is1) (Version:  - *)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Oxygen Not Included (HKLM\...\Steam App 457140) (Version:  - Klei Entertainment)
Papers, Please (HKLM\...\Steam App 239030) (Version:  - 3909)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Prehistoric Kingdom Demo (HKLM\...\Steam App 666180) (Version:  - Shadow Raven Studios)
ProductDaemonSetup (HKLM\...\{E5C605BF-FEF0-460C-9927-BC86E0647AD3}) (Version: 2.3.1401 - Nahimic) Hidden
ProductNSConfigurator (HKLM\...\{1B4DB619-21BD-4006-A8BA-394B70C2F761}) (Version: 2.3.1401 - Nahimic) Hidden
Project AURA (HKLM\...\Steam App 305940) (Version:  - Pixel Quality Games)
Project Highrise (HKLM\...\Steam App 423580) (Version:  - SomaSim)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
Renowned Explorers: International Society (HKLM\...\Steam App 296970) (Version:  - Abbey Games)
RimWorld (HKLM\...\Steam App 294100) (Version:  - Ludeon Studios)
SCM (HKLM\...\{C532FCEC-75CD-477D-94E1-61B50BC679F0}) (Version: 13.016.10073 - Application)
ShellShock Live (HKLM\...\Steam App 326460) (Version:  - kChamp Games)
Sheltered (HKLM\...\Steam App 356040) (Version:  - Unicube)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
Sizer 4.0 (HKLM-x32\...\{D210D721-6559-48E2-A36A-9280F6CB798D}) (Version: 4.0.0.562 - Brian Apps)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
SlimDX Runtime .NET 4.0 x64 (January 2012) (HKLM\...\{A2199A06-89C4-4187-AA4A-3A9676FB799D}) (Version: 2.0.13.43 - SlimDX Group)
Software Inc. (HKLM\...\Steam App 362620) (Version:  - Coredumping)
SonicMapperConfigurator (HKLM\...\{BC0A78EE-7CA5-4262-9F8C-2B6F7AF6EA63}) (Version: 2.3.1401 - Nahimic) Hidden
South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKCU\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 13.0.0.13 - Bioware/EA)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Starbound (HKLM\...\Steam App 211820) (Version:  - Chucklefish)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Division: Normandy 44 (HKLM\...\Steam App 572410) (Version:  - Eugen Systems)
SteelSeries Engine 3.8.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.8.1 - SteelSeries ApS)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
SUPERHOT (HKLM-x32\...\{62F505D5-9210-4784-9094-17CDC868F6DA}) (Version:  - SUPERHOT Sp. z o.o.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.184 - Synaptics Incorporated)
Tabletop Simulator (HKLM\...\Steam App 286160) (Version:  - Berserk Games)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
The Escapists (HKLM\...\Steam App 298630) (Version:  - Mouldy Toof Studios)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.37.35.1010 - Electronic Arts Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
Thea: The Awakening Demo (HKLM\...\Steam App 501130) (Version:  - MuHa Games)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Total War: WARHAMMER II (HKLM\...\Steam App 594570) (Version:  - Creative Assembly)
Towns Demo (HKLM\...\Steam App 221030) (Version:  - Xavi Canal, Ben Palgi)
Tropico 4 (HKLM\...\Steam App 57690) (Version:  - Haemimont Games)
Twitch (HKCU\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
UIInstallUpgrade (HKLM\...\{34755904-0831-4F83-BDDB-4395A581930D}) (Version: 2.3.1401 - Nahimic) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
War for the Overworld (HKLM\...\Steam App 230190) (Version:  - Brightrock Games)
Wayward (HKLM\...\Steam App 379210) (Version:  - Unlok)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
Wolfenstein II: The New Colossus Demo (HKLM\...\Steam App 754730) (Version:  - Machine Games)
World in Conflict (HKLM-x32\...\Uplay Install 90) (Version:  - Ubisoft)
WTFast 4.0 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.0.7.692 - Initex & AAA Internet Publishing)
XCOM 2 (HKLM\...\Steam App 268500) (Version:  - Firaxis)
XSplit Gamecaster (HKLM-x32\...\{D89E82A2-BEB3-4AEE-B0DF-2A482EED6715}) (Version: 3.0.1705.3131 - SplitmediaLabs)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 45%
Total physical RAM: 16341.41 MB
Available physical RAM: 8971.58 MB
Total Virtual: 18773.41 MB
Available Virtual: 10723.16 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:237.18 GB) (Free:98.62 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:915.12 GB) (Free:121.02 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MSI
 
Administrator            DefaultAccount           defaultuser0             
Guest                    przemek                  WDAGUtilityAccount       
 
 
**** End of log ****
 
 
# AdwCleaner 7.0.6.0 - Logfile created on Fri Jan 12 17:33:47 2018
# Updated on 2017/21/12 by Malwarebytes 
# Database: 01-11-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries.
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/10/21 23:28:32]
C:/AdwCleaner/AdwCleaner[S10].txt - [1629 B] - [2018/1/10 12:45:20]
C:/AdwCleaner/AdwCleaner[S11].txt - [1694 B] - [2018/1/10 20:51:45]
C:/AdwCleaner/AdwCleaner[S12].txt - [1763 B] - [2018/1/12 0:48:53]
C:/AdwCleaner/AdwCleaner[S13].txt - [1831 B] - [2018/1/12 11:35:45]
C:/AdwCleaner/AdwCleaner[S1].txt - [1013 B] - [2017/11/2 0:4:9]
C:/AdwCleaner/AdwCleaner[S2].txt - [1078 B] - [2017/11/11 14:43:15]
C:/AdwCleaner/AdwCleaner[S3].txt - [1147 B] - [2017/11/11 14:44:56]
C:/AdwCleaner/AdwCleaner[S4].txt - [1216 B] - [2017/11/14 17:14:34]
C:/AdwCleaner/AdwCleaner[S5].txt - [1285 B] - [2017/11/24 2:11:17]
C:/AdwCleaner/AdwCleaner[S6].txt - [1353 B] - [2017/12/6 14:42:37]
C:/AdwCleaner/AdwCleaner[S7].txt - [1421 B] - [2017/12/12 22:54:1]
C:/AdwCleaner/AdwCleaner[S8].txt - [1489 B] - [2017/12/13 11:34:22]
C:/AdwCleaner/AdwCleaner[S9].txt - [1558 B] - [2018/1/1 12:34:1]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt ##########
 
 
C:\Users\przemek\Downloads\ccsetup536.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\Installer\402d4.msi a variant of Win32/Systweak.L potentially unwanted application,a variant of Win32/Systweak.N potentially unwanted application
 
 
 
 
 
Could you also tell me what that MTB was?Was everything you told me to run safe?And how to fully remove your tools now?And of course what to do about the threats that ESET found?
 
Should also mention that earlier today I did scans with Bitdefender Total Security and Malwarebytes and they found nothing.

Edited by Vantezzle, 12 January 2018 - 01:50 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:24 AM

Posted 12 January 2018 - 02:01 PM

MTB is a small multi scanner.. checks all those items for flaws,errors and some hijacks, like in the HOSts and Winsock file and network connections. You are good there.

Rerun ESET now And this time
When the scan completes a list of found threats will open automatically (if any malicious files are found).
Check REMOVE all ...found items.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Vantezzle

Vantezzle
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 12 January 2018 - 02:08 PM

Seems to me like it's just CCleaner and Win-Zip setup files that ESET found, should I really remove that?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:24 AM

Posted 12 January 2018 - 02:23 PM

Your choice my friend.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Vantezzle

Vantezzle
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 12 January 2018 - 04:48 PM

Right thank you for the help...So all in all I guess I'm clean?



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:24 AM

Posted 13 January 2018 - 09:46 AM

Yes
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users