Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-Up advertisements (also redirects) coming out of nowhere (.ru)


  • Please log in to reply
15 replies to this topic

#1 RRmah

RRmah

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 07 October 2015 - 08:59 AM

Hello guys,

 

My name is Mariana, I'm 27 and I'm from Brazil!!!

 

I posted this in a brazilian forum, but I didn't receive the necessary help, so I am hoping you guys can help me solve this problem.

 

I strongly believe that my computer got infected, a few weeks ago after I logged in the website of the school that I work for.

 

Popups and redirects started to appear out of nowhere while I was surfing on the internet.

 

I have the paid version of Kaspersky and I also use SuperAntispyware and Spybot, but none of them could block or remove these adds.

 

I also tried these programs in order to remove the ads but none of them seemed to work:

 

- SuperAntispyware;

- spybot

- adwcleaner;

- malwarebytes anti-rootkit;

- Tdss rootkit removing;

- rkill.exe

- Ultra Adware Killer

- Hitman Pro

- MalwarBytes.

 

So, I download malwarebytes pro, and used the trial version for 15 days. The malwarebytes was able to block the ads for a while but I could still see them.

 

All of the malicious websites that popped up in my internet have this ".ru" at the end. I have no idea what that means. I even try to uninstall the google chrome with REVO uninstaller and I also removed all of the registers from my computer, but this still didn't solve the problem.

 

This is what malwarebytes trial version could block:
 

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 02/10/2015 09:21, SYSTEM, HOME-PC, Protection, Malware Protection, Starting,
Protection, 02/10/2015 09:21, SYSTEM, HOME-PC, Protection, Malware Protection, Started,
Protection, 02/10/2015 09:21, SYSTEM, HOME-PC, Protection, Malicious Website Protection, Starting,
Protection, 02/10/2015 09:21, SYSTEM, HOME-PC, Protection, Malicious Website Protection, Started,
Scan, 02/10/2015 12:41, SYSTEM, HOME-PC, Scheduler, Início:02/10/2015 11:39, Duração:1 hr 2 min 40 seg, Verificação da ameaça, Concluído, 0 malware detectados, 0 Non-malware detectados,
Detection, 02/10/2015 14:09, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 60953, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:09, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 60955, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:09, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 60953, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:09, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 60958, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:09, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 60955, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:09, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 60959, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:11, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 61225, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:11, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61252, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:27, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 62662, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:27, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62665, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:28, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 62791, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:28, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62793, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 64692, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 64693, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, evseram.ru, 64694, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 64695, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 64696, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 64697, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:53, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 65264, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:53, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 65266, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 14:53, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 65266, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Protection, 02/10/2015 15:17, SYSTEM, HOME-PC, Protection, Malicious Website Protection, Stopping,
Protection, 02/10/2015 15:17, SYSTEM, HOME-PC, Protection, Malicious Website Protection, Stopped,
Protection, 02/10/2015 15:17, SYSTEM, HOME-PC, Protection, Malware Protection, Stopping,
Protection, 02/10/2015 15:19, SYSTEM, HOME-PC, Protection, Malware Protection, Stopped,
Protection, 02/10/2015 20:19, SYSTEM, HOME-PC, Protection, Malware Protection, Starting,
Protection, 02/10/2015 20:19, SYSTEM, HOME-PC, Protection, Malware Protection, Started,
Protection, 02/10/2015 20:19, SYSTEM, HOME-PC, Protection, Malicious Website Protection, Starting,
Protection, 02/10/2015 20:20, SYSTEM, HOME-PC, Protection, Malicious Website Protection, Started,
Detection, 02/10/2015 20:27, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 203.81.91.9, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 20:27, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 203.81.91.9, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 20:57, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 54674, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 20:57, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 54674, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 20:59, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.94.61, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 20:59, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.94.61, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 60940, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 60940, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 60957, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 60957, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 60958, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 60960, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61073, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61076, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61079, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61092, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:34, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61093, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61355, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61356, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61357, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61364, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61365, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61366, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 61434, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 61434, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 61485, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 61486, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ibizne.ru, 61487, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61491, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61587, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61589, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61590, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:35, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61592, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:37, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61875, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:37, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61876, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:37, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 61877, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:37, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61888, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:37, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61890, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:37, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 61891, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 62254, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 62258, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 62259, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62267, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62268, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62379, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:38, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62381, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:42, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 62648, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:42, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 62650, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:42, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 62651, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:42, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62668, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 21:42, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 62671, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:15, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 91.121.209.68, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:15, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 91.121.209.68, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:19, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.93.224, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:19, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.93.224, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:19, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.93.224, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:19, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.93.224, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:19, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 93.174.93.224, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:22, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 50479, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:22, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 50479, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:22, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 50487, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:22, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 50487, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:22, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 50491, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:23, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 50795, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:23, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 50801, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:47, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 89.248.171.133, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:47, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 89.248.171.133, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 22:55, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 55962, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:55, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 55962, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:55, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 55963, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:55, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 55977, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:55, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 55977, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 22:55, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 55978, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 23:00, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 56306, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 23:00, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, ursada.ru, 56346, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 23:00, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 88.85.80.162, orodi.ru, 56365, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe,
Detection, 02/10/2015 23:07, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 37.1.193.216, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,
Detection, 02/10/2015 23:07, SYSTEM, HOME-PC, Protection, Malicious Website Protection, IP, 37.1.193.216, 6881, Outbound, C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe,

(end)

 

Sorry for the grammar mistakes, I truly hope you guys can help me.

 

Thanks in advance

 

Mariana



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 07 October 2015 - 06:25 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 RRmah

RRmah
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 09 October 2015 - 08:56 AM

Hi there, here are the logs!

 

Just one observation, I had to create another user in order to reply to this topic. Even though I restore from factory my router (arris), changed the password, cleaned the chrome and mozilla, I still can't open my topic from my computer. I can open everybdy else but mine.

 

1) Security Check

 

 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Java 8 Update 60  
 Adobe Flash Player 19.0.0.185  
 Adobe Reader XI  
 Mozilla Firefox (41.0.1)
 Google Chrome (45.0.2454.101)
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 Kaspersky Lab Kaspersky Internet Security 15.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.0 avpui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````
 

 

2) FSS.txt

 

Farbar Service Scanner Version: 26-07-2015
Ran by Home (administrator) on 08-10-2015 at 23:15:05
Running from "C:\Users\Home\Desktop"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

3) MiniToolBox

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Home (administrator) on 08-10-2015 at 23:21:27
Running from "C:\Users\Home\Desktop"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Model: Inspiron N4030 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Miniplaca de WLAN de meia altura DW1501 Wireless-N = Conexão de Rede sem Fio (Connected)
Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) = Conexão local (Media disconnected)


# ----------------------------------
# Configura��o de IPv4
# ----------------------------------
pushd interface ipv4

reset


popd
# Final da configura��o IPv4



Configura��o de IP do Windows

   Nome do host. . . . . . . . . . . . . . . . : Home-PC
   Sufixo DNS prim�rio . . . . . . . . . . . . :
   Tipo de n�. . . . . . . . . . . . . . . . . : h�brido
   Roteamento de IP ativado. . . . . . . . . . : n�o
   Proxy WINS ativado. . . . . . . . . . . . . : n�o

Adaptador Ethernet Conex�o local:

   Estado da m�dia. . . . . . . . . . . . . .  : m�dia desconectada
   Sufixo DNS espec�fico de conex�o. . . . . . :
   Descri��o . . . . . . . . . . . . . . . . . : Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Endere�o F�sico . . . . . . . . . . . . . . : F0-4D-A2-D6-EA-FF
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura��o Autom�tica Habilitada. . . . . : Sim

Adaptador de Rede sem Fio Conex�o de Rede sem Fio:

   Sufixo DNS espec�fico de conex�o. . . . . . :
   Descri��o . . . . . . . . . . . . . . . . . : Miniplaca de WLAN de meia altura DW1501 Wireless-N
   Endere�o F�sico . . . . . . . . . . . . . . : C0-CB-38-79-4A-33
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura��o Autom�tica Habilitada. . . . . : Sim
   Endere�o IPv6 de link local . . . . . . . . : fe80::a437:af6c:6118:1d1c%10(Preferencial)
   Endere�o IPv4. . . . . . . .  . . . . . . . : 192.168.0.13(Preferencial)
   M�scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   Concess�o Obtida. . . . . . . . . . . . . . : quinta-feira, 8 de outubro de 2015 20:24:20
   Concess�o Expira. . . . . . . . . . . . . . : quinta-feira, 8 de outubro de 2015 23:54:20
   Gateway Padr�o. . . . . . . . . . . . . . . : 192.168.0.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.0.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 197184312
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-14-C1-0D-F9-F0-4D-A2-D6-EA-FF
   Servidores DNS. . . . . . . . . . . . . . . : 93.158.212.47
                                                 8.8.8.8
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
Servidor:  UnKnown
Address:  93.158.212.47


Disparando google.com [189.103.27.113] com 32 bytes de dados:
Resposta de 189.103.27.113: bytes=32 tempo=21ms TTL=57
Resposta de 189.103.27.113: bytes=32 tempo=43ms TTL=57

Estat�sticas do Ping para 189.103.27.113:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n�mero redondo de vezes em milissegundos:
    M�nimo = 21ms, M�ximo = 43ms, M�dia = 32ms
Servidor:  UnKnown
Address:  93.158.212.47


Disparando yahoo.com [206.190.36.45] com 32 bytes de dados:
Resposta de 206.190.36.45: bytes=32 tempo=206ms TTL=48
Resposta de 206.190.36.45: bytes=32 tempo=212ms TTL=48

Estat�sticas do Ping para 206.190.36.45:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n�mero redondo de vezes em milissegundos:
    M�nimo = 206ms, M�ximo = 212ms, M�dia = 209ms

Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128

Estat�sticas do Ping para 127.0.0.1:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n�mero redondo de vezes em milissegundos:
    M�nimo = 0ms, M�ximo = 0ms, M�dia = 0ms
===========================================================================
Lista de interfaces
 11...f0 4d a2 d6 ea ff ......Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20)
 10...c0 cb 38 79 4a 33 ......Miniplaca de WLAN de meia altura DW1501 Wireless-N
  1...........................Software Loopback Interface 1
===========================================================================

Tabela de rotas IPv4
===========================================================================
Rotas ativas:
Endere�o de rede          M�scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.13     25
        127.0.0.0        255.0.0.0      No v�nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      No v�nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      No v�nculo         127.0.0.1    306
      192.168.0.0    255.255.255.0      No v�nculo      192.168.0.13    281
     192.168.0.13  255.255.255.255      No v�nculo      192.168.0.13    281
    192.168.0.255  255.255.255.255      No v�nculo      192.168.0.13    281
        224.0.0.0        240.0.0.0      No v�nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      No v�nculo      192.168.0.13    281
  255.255.255.255  255.255.255.255      No v�nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      No v�nculo      192.168.0.13    281
===========================================================================
Rotas persistentes:
  Nenhuma

Tabela de rotas IPv6
===========================================================================
Rotas ativas:
 Se destino de rede de m�trica      Gateway
  1    306 ::1/128                  No v�nculo
 10    281 fe80::/64                No v�nculo
 10    281 fe80::a437:af6c:6118:1d1c/128
                                    No v�nculo
  1    306 ff00::/8                 No v�nculo
 10    281 ff00::/8                 No v�nculo
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/08/2015 08:44:28 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/08/2015 08:43:17 PM) (Source: PC-Doctor) (User: )
Description: (600) Asapi: (20:43:17:5880)(600) CSPinvoke - Error -- 461 Exception in C# layer (asapicsharp_wrap.cxx, line 41121; threadid = 496): License authentication result = FAIL; reasons = SIGNATURE_CHECK
Stack Trace:
!!! Stack Trace exceptions not supported in 64-bit. !!!
(end stack trace)
***** NOTE *****: Use stacktraceparser.exe to translate the instruction offsets into function names.

Error: (10/08/2015 08:22:13 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 10:52:18 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 04:08:57 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 04:00:18 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: STacSV64.exe, versão: 1.0.6267.0, carimbo de hora: 0x4b582b91
Nome do módulo de falhas: STacSV64.exe, versão: 1.0.6267.0, carimbo de hora: 0x4b582b91
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000019424
Identificação do processo com falha: 0x1e8
Hora de início do aplicativo com falha: 0xSTacSV64.exe0
Caminho do aplicativo com falha: STacSV64.exe1
FCaminho do módulo de falhas: STacSV64.exe2
Identificação do Relatório: STacSV64.exe3

Error: (10/07/2015 04:00:12 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 02:32:10 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 02:00:29 PM) (Source: PC-Doctor) (User: )
Description: (24364) Asapi: (14:00:29:8590)(24364) CSPinvoke - Error -- 461 Exception in C# layer (asapicsharp_wrap.cxx, line 41121; threadid = 21276): License authentication result = FAIL; reasons = SIGNATURE_CHECK
Stack Trace:
!!! Stack Trace exceptions not supported in 64-bit. !!!
(end stack trace)
***** NOTE *****: Use stacktraceparser.exe to translate the instruction offsets into function names.

Error: (10/07/2015 11:06:34 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: STacSV64.exe, versão: 1.0.6267.0, carimbo de hora: 0x4b582b91
Nome do módulo de falhas: STacSV64.exe, versão: 1.0.6267.0, carimbo de hora: 0x4b582b91
Código de exceção: 0xc0000005
Deslocamento com falha: 0x0000000000019424
Identificação do processo com falha: 0x1e8
Hora de início do aplicativo com falha: 0xSTacSV64.exe0
Caminho do aplicativo com falha: STacSV64.exe1
FCaminho do módulo de falhas: STacSV64.exe2
Identificação do Relatório: STacSV64.exe3


System errors:
=============
Error: (10/08/2015 12:30:46 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/07/2015 02:10:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.

Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/07/2015 02:10:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.

Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/07/2015 12:14:00 PM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys foi impedido de carregar devido a uma incompatibilidade com este sistema. Contate o fornecedor do software para obter uma versão compatível do driver.

Error: (10/07/2015 11:17:26 AM) (Source: Service Control Manager) (User: )
Description: O serviço Intel® Management & Security Application User Notification Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (10/07/2015 11:17:25 AM) (Source: Service Control Manager) (User: )
Description: O serviço iPod Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (10/07/2015 11:17:25 AM) (Source: Service Control Manager) (User: )
Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.

Error: (10/07/2015 11:17:24 AM) (Source: Service Control Manager) (User: )
Description: O serviço Spybot-S&D 2 Security Center Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (10/07/2015 11:17:24 AM) (Source: Service Control Manager) (User: )
Description: O serviço Spybot-S&D 2 Updating Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (10/07/2015 11:17:23 AM) (Source: Service Control Manager) (User: )
Description: O serviço Windows Live ID Sign-in Assistant foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.


Microsoft Office Sessions:
=========================
Error: (10/08/2015 08:44:28 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/08/2015 08:43:17 PM) (Source: PC-Doctor)(User: )
Description: (600) Asapi: (20:43:17:5880)(600) CSPinvoke - Error -- 461 Exception in C# layer (asapicsharp_wrap.cxx, line 41121; threadid = 496): License authentication result = FAIL; reasons = SIGNATURE_CHECK
Stack Trace:
!!! Stack Trace exceptions not supported in 64-bit. !!!
(end stack trace)
***** NOTE *****: Use stacktraceparser.exe to translate the instruction offsets into function names.

Error: (10/08/2015 08:22:13 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 10:52:18 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 04:08:57 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 04:00:18 PM) (Source: Application Error)(User: )
Description: STacSV64.exe1.0.6267.04b582b91STacSV64.exe1.0.6267.04b582b91c000000500000000000194241e801d101325f522cb7C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exeC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exea63574bf-6d25-11e5-a3fa-f04da2d6eaff

Error: (10/07/2015 04:00:12 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 02:32:10 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Falha na configuração da arquitetura de comunicação remota com a exceção 'System.Reflection.TargetInvocationException: Uma exceção foi acionada pelo destino de uma chamada. ---> System.Security.Principal.IdentityNotMappedException: Não foi possível converter algumas ou todas as referências de identidade.
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   em System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   em System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Fim do rastreamento de pilha de exceções internas ---
   em System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   em System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   em System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   em System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)'.   em System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   em System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   em RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (10/07/2015 02:00:29 PM) (Source: PC-Doctor)(User: )
Description: (24364) Asapi: (14:00:29:8590)(24364) CSPinvoke - Error -- 461 Exception in C# layer (asapicsharp_wrap.cxx, line 41121; threadid = 21276): License authentication result = FAIL; reasons = SIGNATURE_CHECK
Stack Trace:
!!! Stack Trace exceptions not supported in 64-bit. !!!
(end stack trace)
***** NOTE *****: Use stacktraceparser.exe to translate the instruction offsets into function names.

Error: (10/07/2015 11:06:34 AM) (Source: Application Error)(User: )
Description: STacSV64.exe1.0.6267.04b582b91STacSV64.exe1.0.6267.04b582b91c000000500000000000194241e801d101095057defaC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exeC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4df47d9dbfb58b44\STacSV64.exe9dceee6b-6cfc-11e5-9f55-f04da2d6eaff


CodeIntegrity Errors:
===================================
  Date: 2015-10-05 13:52:07.619
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-10-05 13:52:07.556
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-10 21:07:19.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-10 21:07:19.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-10 21:07:19.300
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-10 21:07:19.264
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-10 21:07:19.261
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-10 21:07:19.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-09 16:47:12.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-09 16:47:12.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Assistente de Instalação OAB (HKLM-x32\...\{6FBA74BD-149F-4521-B921-FFCC84876864}) (Version: 3.13.0.1 - OAB)
BitLord 1.2 (HKLM-x32\...\BitLord) (Version:  - House of Life)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Dock (HKLM\...\{C73A3942-84C8-4597-9F9B-EE227DCBA758}) (Version: 2.0 - Stardock Corporation) Hidden
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.1.5830.14 - PC-Doctor, Inc.) Hidden
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5830.14 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.202 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.18 - Dell Inc.)
EF Englishtown Advanced Speech Recognition version 4.6.449.1 (HKLM-x32\...\EF Englishtown Advanced Speech Recognition_is1) (Version: 4.6.449.1 - Shanghai Kingtas Technology Co., Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84217}) (Version: 1.7.17.0 - Giesecke & Devrient GmbH) Hidden
Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\SZCCID) (Version: 1.7.17.0 - Giesecke & Devrient GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Malwarebytes Anti-Malware versão 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.70.0.7970 - Memeo Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{3889988F-762B-4B85-AB17-71C9CC3AE445}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Moo0 Voice Recorder 1.43 (HKLM-x32\...\Moo0 VoiceRecorder) (Version:  - )
Mozilla Firefox 41.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 pt-BR)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
oDesk Team (HKCU\...\oDVT) (Version:  - oDesk Corporation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.6.0 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeSign 64-bits (HKLM\...\{66913111-2F8A-4950-AA93-51C26182FC35}) (Version: 3.0.45 - A.E.T. Europe B.V.)
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1554 - Memeo Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0416-1000-0000000FF1CE}_Office14.PROPLUS_{3FE5480B-28E8-44EF-BC2C-BEDC366EBF31}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{05916788-991E-417B-A8F3-77F90A2B8271}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0416-1000-0000000FF1CE}_Office14.PROPLUS_{9E762773-4821-48D2-96E6-D14F9A86DBF9}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0416-1000-0000000FF1CE}_Office14.PROPLUS_{12148C47-62D8-49E4-8CD9-AF7EFB16B199}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0044-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0416-1000-0000000FF1CE}_Office14.PROPLUS_{FB36B2AE-6584-4E83-B63F-B53E908F52D3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00BA-0416-1000-0000000FF1CE}_Office14.PROPLUS_{87C9B14A-5111-4373-90B1-68852305D241}) (Version:  - Microsoft) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de Túnel Teredo da Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 78%
Total physical RAM: 2934.69 MB
Available physical RAM: 620.46 MB
Total Virtual: 5867.58 MB
Available Virtual: 3149.06 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:286.72 GB) (Free:185.21 GB) NTFS

========================= Users: ========================================

Contas de usu rio para \\HOME-PC

Administrador            Convidado                Home                     
teste                    
Comando conclu¡do com ˆxito.

========================= Restore Points ==================================

05-10-2015 16:34:51 ComboFix created restore point
06-10-2015 12:49:06 Windows Update
06-10-2015 14:07:19 C
06-10-2015 14:39:52 Revo Uninstaller's restore point - PC Tools Spyware Doctor 9.1
06-10-2015 14:54:55 Revo Uninstaller's restore point - Spyware Terminator 2015
06-10-2015 15:02:38 Revo Uninstaller's restore point - Browser Guard 4.0
06-10-2015 15:09:37 JRT Pre-Junkware Removal
07-10-2015 14:15:39 JRT Pre-Junkware Removal
07-10-2015 18:04:03 Revo Uninstaller's restore point - Mozilla Firefox 41.0 (x86 pt-BR)
07-10-2015 18:08:49 Revo Uninstaller's restore point - Google Chrome
07-10-2015 18:25:39 Instalador de Módulos do Windows
07-10-2015 18:27:56 Instalador de Módulos do Windows
07-10-2015 18:57:46 Instalador de Módulos do Windows
07-10-2015 19:05:03 Instalador de Módulos do Windows
08-10-2015 03:31:08 Windows Update

**** End of log ****
 

 

4) MBAM

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 07/10/2015
Hora da verificação: 09:15
Arquivo de registro: Malwarebytes.txt
Administrador: Sim

Versão: 2.1.8.1057
Banco de dados de malware: v2015.10.07.03
Banco de dados de rootkit: v2015.10.06.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 7 Service Pack 1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Home

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 419960
Tempo decorrido: 1 hr, 11 min, 38 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 0
(Nenhum item malicioso detectado)

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

 

 

 

5) mbar-log-2015-10-09 (08-39-33)

 

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.10.09.02
  rootkit: v2015.10.06.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
Home :: HOME-PC [administrator]

09/10/2015 08:39:33
mbar-log-2015-10-09 (08-39-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 467779
Time elapsed: 1 hour(s), 24 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

6) RKill

 

Rkill 2.8.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/09/2015 10:41:20 AM in x64 mode.
Windows Version: Windows 7 Home Basic Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\System32\aetcrss1.exe (PID: 1144) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 10/09/2015 10:41:57 AM
Execution time: 0 hours(s), 0 minute(s), and 36 seconds(s)
 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 09 October 2015 - 06:25 PM

Clean so far...

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 RRmah

RRmah
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 11 October 2015 - 12:25 AM

Hello!!

 

The TFC and the Sophos found nothing. Here are the logs od adwcleaner and JRT.

 

 

# AdwCleaner v4.112 - Logfile created 09/10/2015 at 17:12:58
# Updated 09/03/2015 by Xplode
# Database : 2015-10-09.3 [Server]
# Operating system : Windows 7 Home Basic Service Pack 1 (x64)
# Username : Home - HOME-PC
# Running from : C:\Users\Home\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3rsohjep.default\user.js
File Deleted : C:\Users\teste\AppData\Roaming\Mozilla\Firefox\Profiles\pax432rw.default\user.js
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.18015
 
 
-\\ Mozilla Firefox v41.0.1 (x86 pt-BR)
 
 
-\\ Google Chrome v45.0.2454.101
 
[C:\Users\teste\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://br.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [947 bytes] - [11/03/2015 12:32:11]
AdwCleaner[R10].txt - [1621 bytes] - [03/05/2015 23:58:36]
AdwCleaner[R11].txt - [1671 bytes] - [20/05/2015 17:17:31]
AdwCleaner[R12].txt - [1789 bytes] - [25/05/2015 12:14:50]
AdwCleaner[R13].txt - [2020 bytes] - [27/05/2015 17:10:58]
AdwCleaner[R14].txt - [1968 bytes] - [01/06/2015 16:53:52]
AdwCleaner[R15].txt - [2029 bytes] - [04/06/2015 20:10:02]
AdwCleaner[R16].txt - [2090 bytes] - [15/06/2015 14:44:21]
AdwCleaner[R17].txt - [2150 bytes] - [25/06/2015 11:25:38]
AdwCleaner[R18].txt - [2210 bytes] - [09/07/2015 23:44:16]
AdwCleaner[R19].txt - [2492 bytes] - [07/08/2015 23:26:15]
AdwCleaner[R1].txt - [1155 bytes] - [11/03/2015 13:18:59]
AdwCleaner[R20].txt - [2389 bytes] - [10/08/2015 21:51:18]
AdwCleaner[R21].txt - [2780 bytes] - [08/09/2015 08:46:34]
AdwCleaner[R22].txt - [2705 bytes] - [10/09/2015 09:52:29]
AdwCleaner[R23].txt - [3120 bytes] - [18/09/2015 22:40:25]
AdwCleaner[R24].txt - [2805 bytes] - [20/09/2015 01:37:22]
AdwCleaner[R25].txt - [2865 bytes] - [20/09/2015 01:43:27]
AdwCleaner[R26].txt - [3063 bytes] - [23/09/2015 14:27:52]
AdwCleaner[R27].txt - [3442 bytes] - [26/09/2015 17:20:19]
AdwCleaner[R28].txt - [3360 bytes] - [01/10/2015 10:02:49]
AdwCleaner[R29].txt - [3423 bytes] - [06/10/2015 11:43:20]
AdwCleaner[R2].txt - [968 bytes] - [17/03/2015 05:00:42]
AdwCleaner[R30].txt - [3848 bytes] - [09/10/2015 17:10:01]
AdwCleaner[R3].txt - [1206 bytes] - [25/03/2015 16:13:27]
AdwCleaner[R4].txt - [1147 bytes] - [30/03/2015 13:27:59]
AdwCleaner[R5].txt - [2153 bytes] - [30/03/2015 23:40:55]
AdwCleaner[R6].txt - [1325 bytes] - [30/03/2015 23:51:59]
AdwCleaner[R7].txt - [1384 bytes] - [04/04/2015 00:14:43]
AdwCleaner[R8].txt - [1702 bytes] - [11/04/2015 12:13:27]
AdwCleaner[R9].txt - [1561 bytes] - [13/04/2015 22:51:29]
AdwCleaner[S0].txt - [1184 bytes] - [11/03/2015 13:21:45]
AdwCleaner[S10].txt - [3132 bytes] - [23/09/2015 14:36:40]
AdwCleaner[S11].txt - [3515 bytes] - [26/09/2015 17:41:14]
AdwCleaner[S12].txt - [3433 bytes] - [01/10/2015 10:05:27]
AdwCleaner[S13].txt - [3494 bytes] - [06/10/2015 11:46:58]
AdwCleaner[S14].txt - [3251 bytes] - [09/10/2015 17:12:58]
AdwCleaner[S1].txt - [1276 bytes] - [25/03/2015 16:26:59]
AdwCleaner[S2].txt - [2195 bytes] - [30/03/2015 23:44:59]
AdwCleaner[S3].txt - [1772 bytes] - [11/04/2015 14:52:17]
AdwCleaner[S4].txt - [1884 bytes] - [20/05/2015 17:35:34]
AdwCleaner[S5].txt - [2089 bytes] - [27/05/2015 17:15:18]
AdwCleaner[S6].txt - [2561 bytes] - [07/08/2015 23:30:09]
AdwCleaner[S7].txt - [2853 bytes] - [08/09/2015 10:44:53]
AdwCleaner[S8].txt - [2772 bytes] - [10/09/2015 09:58:06]
AdwCleaner[S9].txt - [3220 bytes] - [18/09/2015 22:48:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [3842  bytes] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Basic x64
Ran by Home on 10/10/2015 at  0:29:54,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\Home\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Home\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Home\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Home\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/10/2015 at  0:35:20,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 11 October 2015 - 10:44 AM

Your computer is clean p3879546.jpg

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download 51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 RRmah

RRmah
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 14 October 2015 - 09:57 AM

Hello!!

 

Thanks for all the support.

 

The ads and the pop-ups are gone. The computer is working fine.

 

The only thing, is that I still can't open my post from my computer user. I have to use another computer to be able to write in my post. When I open the webpage with my post from my computer the screen is blank. But besides that, everything is working fine.

 

Thanks a lot for the help.

 

 



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 14 October 2015 - 05:30 PM

On this forum only?

What browser?

Did you try different browser?


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 RRmah

RRmah
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 16 October 2015 - 12:24 PM

Yes. I tried mozzila, chrome and internet explorer!

Only my post on this forum. I can open all posts but mine.

When I click on my the page gets all blank and nothing shows.

But other than that, my computer is running perfectly.



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 16 October 2015 - 06:13 PM

Try to create test topic here: http://www.bleepingcomputer.com/forums/f/35/tests-and-scribbles/ and see if same thing happens.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 RRmah

RRmah
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 17 October 2015 - 09:16 PM

hello,

 

I created the topic and it worked just fine.

 

http://www.bleepingcomputer.com/forums/t/593672/teste-123/

 

I can create topics and check other topics and posts, I have no idea why I can't open mine.

 

I created another user in my computer, and with the other user it works just fine.

 

 



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 17 October 2015 - 09:24 PM

If it affects only this topic we won't worry about it since we're done here.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 RRmah

RRmah
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:37 AM

Posted 18 October 2015 - 03:20 PM

Great!

Thanks once again for the help!!!

Case solved.



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:37 AM

Posted 18 October 2015 - 03:21 PM

You're very welcome p22002759.gif


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 XEND

XEND

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 11 November 2015 - 11:24 AM

Hello, i think i have the same problem should i follow the same steps?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users