Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware seems to have infected chrome/Steam [Win7]


  • Please log in to reply
12 replies to this topic

#1 Jerry Krautz

Jerry Krautz

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 03 April 2015 - 06:58 PM

Hello, I'm having trouble with some annoying adware that seems to have infected google chrome and Steam (chrome webkit). I'll try explain this to the best of my ability, but english is not my primary language, so please bear with me.

 

I first noticed the problem yesterday, on the steam client window (store) and then on google chrome, but only after disabling adblock+/scriptsafe. On steam it looks like this: http://i.imgur.com/PHB9OXe.jpg

Both Internet Explorer and Firefox seem to remain untouched (even if I disable Adblock+/NoScript on firefox).

 

I have tried doing a system restore, to no avail. I have also tried to install/run some popular anti-malware utilities out of desperation, but without any knowledge of how to properly use them and interpret their logs, it hasn't done anything to help.

 

I'm new to this forum, and any help would be immensely apreciated.

 

OS:  Windows 7 64bits

 

Installed Anti-virus/Firewall software: Comodo Firewall 8.1.0.4426; Avira (Free) 15.0.8.656
 



BC AdBot (Login to Remove)

 


#2 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 07 April 2015 - 09:35 PM

As of yesterday (april 6th), the ads misteriously disappeared. I'm afraid I might still be infected, though. I would still appreciate any help.



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 AM

Posted 14 April 2015 - 10:01 PM

Hello and sorry you got passed. Lets see how we are after these.


3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 15 April 2015 - 03:32 PM

Hello boopme, thank you for assisting me.

 

 

 

 

MiniToolBox Log

 

 

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Renato (administrator) on 15-04-2015 at 15:07:11
Running from "H:\Users\Renato\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Model: MS-7917 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Conexão local (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Senna14
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : spo.virtua.com.br

Ethernet adapter Conex�o local:

   Connection-specific DNS Suffix  . : spo.virtua.com.br
   Description . . . . . . . . . . . : Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 44-8A-5B-9D-A6-D2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ed3a:818a:3287:58c7%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : quarta-feira, 15 de abril de 2015 14:04:24
   Lease Expires . . . . . . . . . . : quinta-feira, 16 de abril de 2015 14:04:24
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 239372891
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-90-32-D6-44-8A-5B-9D-A6-D2
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       199.85.126.10
                                       199.85.127.10
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.spo.virtua.com.br:

   Connection-specific DNS Suffix  . : spo.virtua.com.br
   Description . . . . . . . . . . . : Adaptador do Microsoft ISATAP
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.100%14(Preferred)
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       199.85.126.10
                                       199.85.127.10
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:30e6:2ae1:3f57:fe9b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::30e6:2ae1:3f57:fe9b%11(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com.spo.virtua.com.br
Address:  54.200.75.96


Pinging google.com [173.194.115.14] with 32 bytes of data:
Reply from 173.194.115.14: bytes=32 time=151ms TTL=50
Reply from 173.194.115.14: bytes=32 time=151ms TTL=50

Ping statistics for 173.194.115.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 151ms, Maximum = 151ms, Average = 151ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com.spo.virtua.com.br
Address:  54.200.75.96


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=179ms TTL=47
Reply from 98.138.253.109: bytes=32 time=220ms TTL=47

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 179ms, Maximum = 220ms, Average = 199ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...44 8a 5b 9d a6 d2 ......Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:9d38:6ab8:30e6:2ae1:3f57:fe9b/128
                                    On-link
 10    276 fe80::/64                On-link
 11    306 fe80::/64                On-link
 14    281 fe80::5efe:192.168.1.100/128
                                    On-link
 11    306 fe80::30e6:2ae1:3f57:fe9b/128
                                    On-link
 10    276 fe80::ed3a:818a:3287:58c7/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/15/2015 00:59:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/14/2015 00:30:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/13/2015 03:32:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/13/2015 03:09:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/13/2015 02:07:01 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17496 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16bc

Start Time: 01d075a6cece0052

Termination Time: 512

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (04/12/2015 10:22:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: gta-sa.exe, version: 0.0.0.0, time stamp: 0x47553f1a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xccc300bf
Faulting process id: 0x1470
Faulting application start time: 0xgta-sa.exe0
Faulting application path: gta-sa.exe1
Faulting module path: gta-sa.exe2
Report Id: gta-sa.exe3

Error: (04/12/2015 10:02:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: gta-sa.exe, version: 0.0.0.0, time stamp: 0x47553f1a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xd9008a5d
Faulting process id: 0x738
Faulting application start time: 0xgta-sa.exe0
Faulting application path: gta-sa.exe1
Faulting module path: gta-sa.exe2
Report Id: gta-sa.exe3

Error: (04/12/2015 06:59:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: gta-sa.exe, version: 0.0.0.0, time stamp: 0x47553f1a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x066a0052
Faulting process id: 0x12d8
Faulting application start time: 0xgta-sa.exe0
Faulting application path: gta-sa.exe1
Faulting module path: gta-sa.exe2
Report Id: gta-sa.exe3

Error: (04/12/2015 03:48:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: gta-sa.exe, version: 0.0.0.0, time stamp: 0x47553f1a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x05d9cccc
Faulting process id: 0x124c
Faulting application start time: 0xgta-sa.exe0
Faulting application path: gta-sa.exe1
Faulting module path: gta-sa.exe2
Report Id: gta-sa.exe3

Error: (04/12/2015 03:30:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: gta-sa.exe, version: 0.0.0.0, time stamp: 0x47553f1a
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xcccccccc
Faulting process id: 0x1360
Faulting application start time: 0xgta-sa.exe0
Faulting application path: gta-sa.exe1
Faulting module path: gta-sa.exe2
Report Id: gta-sa.exe3


System errors:
=============
Error: (04/15/2015 02:10:02 PM) (Source: Service Control Manager) (User: )
Description: The Proteção de Software service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Reiniciar o serviço.

Error: (04/15/2015 02:10:02 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/15/2015 02:10:02 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/15/2015 02:10:01 PM) (Source: Service Control Manager) (User: )
Description: The Epson Scanner Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/15/2015 02:10:01 PM) (Source: Service Control Manager) (User: )
Description: The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/15/2015 02:10:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Reiniciar o serviço.

Error: (04/15/2015 02:10:01 PM) (Source: Service Control Manager) (User: )
Description: The Serviço do Bonjour service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/15/2015 02:10:01 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/15/2015 02:10:00 PM) (Source: Service Control Manager) (User: )
Description: The Spooler de Impressão service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Reiniciar o serviço.

Error: (04/15/2015 02:10:00 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (04/15/2015 00:59:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/14/2015 00:30:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/13/2015 03:32:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/13/2015 03:09:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/13/2015 02:07:01 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.1749616bc01d075a6cece0052512C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (04/12/2015 10:22:11 PM) (Source: Application Error)(User: )
Description: gta-sa.exe0.0.0.047553f1aunknown0.0.0.000000000c0000005ccc300bf147001d0758589e82ed3H:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exeunknown81d365c1-e17b-11e4-b517-448a5b9da6d2

Error: (04/12/2015 10:02:34 PM) (Source: Application Error)(User: )
Description: gta-sa.exe0.0.0.047553f1aunknown0.0.0.000000000c0000005d9008a5d73801d07584b4e9236bH:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exeunknownc455e5e1-e178-11e4-b517-448a5b9da6d2

Error: (04/12/2015 06:59:08 PM) (Source: Application Error)(User: )
Description: gta-sa.exe0.0.0.047553f1aunknown0.0.0.000000000c0000005066a005212d801d07563936d3cdbH:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exeunknown243dd15b-e15f-11e4-b517-448a5b9da6d2

Error: (04/12/2015 03:48:20 PM) (Source: Application Error)(User: )
Description: gta-sa.exe0.0.0.047553f1aunknown0.0.0.000000000c000000505d9cccc124c01d0754ee1d1be71H:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exeunknown7cac5a86-e144-11e4-b517-448a5b9da6d2

Error: (04/12/2015 03:30:14 PM) (Source: Application Error)(User: )
Description: gta-sa.exe0.0.0.047553f1aunknown0.0.0.000000000c0000005cccccccc136001d0754d2072d0c0H:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exeunknownf559eb53-e141-11e4-b517-448a5b9da6d2



=========================== Installed Programs ============================
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version:  - Spicy Horse Games)
Angry Video Game Nerd Adventures (HKLM-x32\...\Steam App 237740) (Version:  - FreakZone Games)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassin’s Creed Unity (HKLM-x32\...\Steam App 289650) (Version:  - Ubisoft)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Assassin's Creed Liberation (HKLM-x32\...\Steam App 260210) (Version:  - Ubisoft Sofia)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft Montreal)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bad Rats (HKLM-x32\...\Steam App 34900) (Version:  - Invent4 Entertainment)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
Blur Busters Strobe Util (HKLM-x32\...\{57BDAE81-2BE7-4ABA-8B03-1520FBF41AF9}) (Version: 1.0.0 - Blur Busters)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version:  - )
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
Brothers in Arms: Road to Hill 30 (HKLM-x32\...\Steam App 15190) (Version:  - Gearbox Software)
Call of Duty (HKLM-x32\...\Steam App 2620) (Version:  - Infinity Ward)
Call of Duty 2 (HKLM-x32\...\Steam App 2630) (Version:  - Infinity Ward)
Call of Duty: United Offensive (HKLM-x32\...\Steam App 2640) (Version:  - Gray Matter Studios)
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
Canyon Capers (HKLM-x32\...\Steam App 275490) (Version:  - Crazy Moo Games)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Castle of Illusion (HKLM-x32\...\Steam App 227600) (Version:  - SEGA Studios Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
COMODO Firewall (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.7.5339 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.2021 - CyberLink Corp.) Hidden
CyberLink Power2Go 7 (x32 Version: 7.0.0.3126b - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.5509.52 - CyberLink Corp.) Hidden
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Deadfall Adventures (HKLM-x32\...\Steam App 231330) (Version:  - The Farm 51)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version:  - Valve)
Desinstalar Impressora EPSON L355 Series (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
Desinstalar impressora EPSON TX410 Series (HKLM\...\EPSON TX410 Series) (Version:  - SEIKO EPSON Corporation)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version:  - WayForward)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version:  - 3D Realms)
Enemy Front (HKLM-x32\...\Steam App 256190) (Version:  - CI Games)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exif Tag Remover 5.01 (HKLM-x32\...\Exif Tag Remover_is1) (Version:  - RL Vision)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GOG.com Shogo (HKLM\...\{090e977a-bebc-47e5-afb2-d115164574fa}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox Software)
Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version:  - Gearbox Software)
Home (HKLM-x32\...\Steam App 215670) (Version:  - Benjamin Rivers)
I Am Alive (HKLM-x32\...\Steam App 214250) (Version:  - Ubisoft  Shanghaï)
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version:  - NetherRealm Studios)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Chipset Device Software (Version: 10.0.17 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel® Management Engine Components (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (Version: 10.0.1.1000 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 13.1.0.1058 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.35.127.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Jammit (HKLM-x32\...\{665AD2EB-BBCE-43EB-8E7D-DB0C961C423E}) (Version: 1.0.108 - Jammit Inc)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
K-Lite Mega Codec Pack 7.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version:  - TT Games)
LEGO Harry Potter: Years 5-7 (HKLM-x32\...\Steam App 204120) (Version:  - Traveller's Tales )
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Max Payne (HKLM-x32\...\Steam App 12140) (Version:  - Remedy Entertainment)
Medal of Honor - Allied Assault War Chest (HKLM-x32\...\GOGPACKMEDALOFHONORPACK_is1) (Version: 2.0.0.21 - GOG.com)
Medal of Honor: Airborne (HKLM-x32\...\Steam App 24840) (Version:  - EA Los Angeles)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (PTB) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version:  - NetherRealm Studios)
Mozilla Firefox 37.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 pt-BR)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
NVIDIA Driver de áudio HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Driver de gráficos 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version:  - Young Horses)
Painel de controle da NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
pdfforge PDFArchitect 0.5.6.675 (HKLM\...\{00070886-D6C6-423C-B5A7-3298ABF20E11}) (Version: 0.5.6.675 - pdfforge GbR)
Pool Nation (HKLM-x32\...\Steam App 254440) (Version:  - Cherry Pop Games)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Quake II (HKLM-x32\...\Steam App 2320) (Version:  - id Software)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.)
ReClock (HKLM-x32\...\ReClock) (Version:  - SlySoft, Inc.)
Resident Evil / biohazard HD REMASTER (HKLM-x32\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Ricochet (HKLM-x32\...\Steam App 60) (Version:  - Valve)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire Interactive)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Shogo - Mobile Armor Division (HKLM-x32\...\GOGPACKSHOGO_is1) (Version: 2.0.0.6 - GOG.com)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Software de dispositivo do Chipset Intel® (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Stubbs the Zombie in Rebel Without a Pulse (HKLM-x32\...\Steam App 7800) (Version:  - Wideload Games)
Subliminal Blaster 2.0 (HKLM-x32\...\Subliminal Blaster 2.0) (Version:  - )
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
SWAT 3 - Tactical Game of The Year Edition (HKLM-x32\...\GOGPACKSWAT3_is1) (Version: 2.0.0.32 - GOG.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Toki Tori (HKLM-x32\...\Steam App 38700) (Version:  - Two Tribes)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Steam App 207210) (Version:  - Robomodo)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
UDPixel.exe (HKLM-x32\...\UDPixel) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version:  - Ubisoft Montpellier)
Verdun (HKLM-x32\...\Steam App 242860) (Version:  - M2H)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Wings of Prey (HKLM-x32\...\Steam App 45300) (Version:  - Gaijin Entertainment)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 12%
Total physical RAM: 16332.7 MB
Available physical RAM: 14362.38 MB
Total Pagefile: 32663.59 MB
Available Pagefile: 30588.42 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.09 MB

========================= Partitions: =====================================

1 Drive c: (SSD) (Fixed) (Total:223.47 GB) (Free:107.61 GB) NTFS
2 Drive d: (ASSASSINS_CREED) (CDROM) (Total:6.38 GB) (Free:0 GB) UDF
4 Drive g: (HD Externo) (Fixed) (Total:931.51 GB) (Free:553.15 GB) NTFS
5 Drive h: (HD) (Fixed) (Total:931.51 GB) (Free:159.5 GB) NTFS

========================= Users: ========================================

User accounts for \\SENNA14

Administrador            Convidado                Renato                   
Silvia                   


**** End of log ****
 



#5 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 15 April 2015 - 03:34 PM

AdwCleaner log

 

 

 

# AdwCleaner v4.201 - Logfile created 15/04/2015 at 15:14:37
# Updated 08/04/2015 by Xplode
# Database : 2015-04-15.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Renato - SENNA14
# Running from : H:\Users\Renato\Desktop\adwcleaner_4.201.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v37.0.1 (x86 pt-BR)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R4].txt - [658 bytes] - [15/04/2015 15:14:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [716 bytes] ##########
 



#6 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 15 April 2015 - 03:35 PM

Junkware Removal Tool log

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.4 (04.13.2015:1)
OS: Windows 7 Ultimate x64
Ran by Renato on 15/04/2015 at 15:16:36,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\wininit.ini



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Renato\AppData\Roaming\mozilla\firefox\profiles\6r1fkugn.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/04/2015 at 15:22:59,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 15 April 2015 - 03:37 PM

ESET Online Scanner log

 

 

 

C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
G:\backup\drivers\ccsetup417.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
G:\backup\Usuários\Renato\Downloads\Downloads\avira_free_antivirus_en.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
G:\backup\Usuários\Renato\Downloads\Downloads\ccsetup412.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
G:\backup\Usuários\Renato\Downloads\Downloads\cpu-z_1.55-setup-en.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
G:\backup\Usuários\Silvia\Downloads\4shared_Desktop_4.0.3.1 moldes eva natal.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
G:\PICSSSS\absu828wico\Ableton Suite 8.2.8 with Content\patch\ableton.suite.8.2.8-patch.exe    a variant of Win32/HackTool.Patcher.T potentially unsafe application    deleted - quarantined
H:\Users\Renato\Desktop\ccsetup417.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\avira_free_antivirus_en.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\ccsetup412.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\ccsetup501.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\ccsetup504.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\cpu-z_1.55-setup-en.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\pdfforge_PDFArchitect-0_5_6_675-setup.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
H:\Users\Renato\Downloads\spsetup126.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
H:\Users\Silvia\Downloads\4shared_Desktop_4.0.3.1 moldes eva natal.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
 



#8 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 15 April 2015 - 03:39 PM

Awaiting further instructions.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 AM

Posted 16 April 2015 - 12:27 PM

OK , reset Chrome to default now and see how it is?
 
Reset your Chrome browser settings
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 16 April 2015 - 03:22 PM

OK , reset Chrome to default now and see how it is?
 
Reset your Chrome browser settings

 

Done.
It is clean, apparently.  http://i.imgur.com/BRfLicn.jpg



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 AM

Posted 16 April 2015 - 03:39 PM

I think so..

Finally..Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 Jerry Krautz

Jerry Krautz
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 AM

Posted 17 April 2015 - 05:24 PM

Done. Thank you!

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 AM

Posted 20 April 2015 - 01:48 PM

You're welcome!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users