Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Minimizing problems


  • Please log in to reply
18 replies to this topic

#1 GiovanniSantos

GiovanniSantos

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 10 April 2016 - 09:32 AM

Hi, I'm having some problems on my computer and I don't know what to do anymore. My computer is minimizing fullscreen windows( like games) at ramdow times, and unselecting others windows thta are not on fullscreen( like internet browsers), I already tryed using diferent anti-virus, but none found anything, I use malwarebytes both anti-malware and anti-exploit, none found the problem, also using superantispyware but it found nothing too. I don't know if it is a virus or an application runing on background. My OS is Windows 8.1. Also sometimes I see that a headset is being used on my computer when those problems happens, but I using none.


Edited by GiovanniSantos, 10 April 2016 - 10:26 AM.


BC AdBot (Login to Remove)

 


#2 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 18 April 2016 - 09:14 PM

Anyone can help me? I'm don't get any reply and when I replied on "Please post in this topic if you have not received help after three days"  I received the following message:  "Hi Giovanni,

 

You should not have posted on my topic as it needs to have 0 replies for someone to see it and help.  You need to go into the forum find security and am i infected? what do i do to get the help you need.

 

Kind Regards

 

John Barr"



#3 Struppigel

Struppigel

    Karsten Hahn, G DATA Malware Analyst


  • Malware Response Team
  • 231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 22 April 2016 - 01:58 AM

Hello GiovanniSantos

 

I am Marie Curie and will gladly help you with any malware-related problems. I cannot promise that I will be able to fix non-malware related issues, because that is not my field of expertise. You already used lots of tools that came up clean, which makes it unlikely that malware is the culprit. But after excluding malware as a cause, you will be able to move on.

Please familiarize yourself with the following ground rules before you start.
 

  • Read my instructions thoroughly, carry out each step in the given order.
  • Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
  • If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
  • Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
  • Back up important files before we start.

-----------------------------------------------------------------

 

STEP 1

rzqZvBe.png MiniToolBox

  • Please download MiniToolBox and save the file to your Desktop.
  • Close any open windows.
  • Right-click MiniToolBox.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Check the following items:
    • Flush DNS
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices & Only Problems
    • List Users, Partitions and Memory size.
    • List Minidump Files
    • List Restore Points
  • Click 9Z8u2SR.png.
  • A log (MTB.txt) will be created on your Desktop. Copy the contents of the log and paste in your next reply.

 

STEP 2
GzlsbnV.pngESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme.
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points.
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Re-enable your anti-virus software.
  • Attach the log in your next reply.

 

======================================================
 
STEP 3
pfNZP4A.pngLogs
In your next reply please include the following logs.

  • MTB.txt
  • ESET scan log

 

 

 



#4 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 24 April 2016 - 06:38 PM

Sorry about not replied sooner, internet connection problems, but here the logs:

 

MTB.txt:

 

MiniToolBox by Farbar  Version: 07-02-2016 01

Ran by Giovanni Baladão (administrator) on 24-04-2016 at 16:16:07
Running from "C:\Users\Giovanni Baladão\Downloads"
Microsoft Windows 8.1 Single Language  (X64)
Model: Inspiron 5421 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configura��o de IP do Windows
 
Libera��o do Cache do DNS Resolver bem-sucedida.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
0.0.0.1 mssplus.mcafee.com
========================= IP Configuration: ================================
 
Dell Wireless 1703 802.11b/g/n (2.4GHz) = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
Dispositivo Bluetooth (Rede Pessoal) = Conexão de Rede Bluetooth (Media disconnected)
TAP-Windows Adapter V9 = Conexão Local (Media disconnected)
 
 
# ----------------------------------
# Configura‡Æo de IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="ConexÆo Local* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 23" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo Local* 24" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ConexÆo de Rede Bluetooth" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="ConexÆo Local" address=10.3.0.1 mask=255.255.255.252
add address name="ConexÆo Local* 23" address=192.168.137.1 mask=255.255.255.0
 
 
popd
# Final da configura‡Æo IPv4
 
 
 
Configura‡Æo de IP do Windows
 
   Nome do host. . . . . . . . . . . . . . . . : Giovanni
   Sufixo DNS prim rio . . . . . . . . . . . . : 
   Tipo de n¢. . . . . . . . . . . . . . . . . : h¡brido
   Roteamento de IP ativado. . . . . . . . . . : nÆo
   Proxy WINS ativado. . . . . . . . . . . . . : nÆo
 
Adaptador Ethernet ConexÆo de Rede Bluetooth:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Dispositivo Bluetooth (Rede Pessoal)
   Endere‡o F¡sico . . . . . . . . . . . . . . : 80-56-F2-CB-8A-7C
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de Rede sem Fio ConexÆo Local* 23:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador Virtual de Rede Hospedada da Microsoft
   Endere‡o F¡sico . . . . . . . . . . . . . . : 52-56-F2-CB-8A-7B
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador Ethernet ConexÆo Local:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : TAP-Windows Adapter V9
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-FF-D2-BF-C9-0C
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de Rede sem Fio ConexÆo Local* 3:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador Virtual Direto Wi-Fi da Microsoft
   Endere‡o F¡sico . . . . . . . . . . . . . . : 12-56-F2-CB-8A-7B
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador Ethernet Ethernet:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Endere‡o F¡sico . . . . . . . . . . . . . . : A4-1F-72-F4-41-1C
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
 
Adaptador de Rede sem Fio Wi-Fi:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Dell Wireless 1703 802.11b/g/n (2.4GHz)
   Endere‡o F¡sico . . . . . . . . . . . . . . : 80-56-F2-CB-8A-7B
   DHCP Habilitado . . . . . . . . . . . . . . : Sim
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 de link local . . . . . . . . : fe80::55e8:cdbf:fadb:1f08%3(Preferencial) 
   Endere‡o IPv4. . . . . . . .  . . . . . . . : 192.168.0.105(Preferencial) 
   M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
   ConcessÆo Obtida. . . . . . . . . . . . . . : domingo, 24 de abril de 2016 16:01:11
   ConcessÆo Expira. . . . . . . . . . . . . . : domingo, 1 de maio de 2016 16:01:07
   Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.0.1
   Servidor DHCP . . . . . . . . . . . . . . . : 192.168.0.1
   IAID de DHCPv6. . . . . . . . . . . . . . . : 327177970
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-1A-17-73-52-A4-1F-72-F4-41-1C
   Servidores DNS. . . . . . . . . . . . . . . : 192.168.0.1
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Habilitado
 
Adaptador de t£nel ConexÆo Local* 8:
 
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
   Endere‡o IPv6 . . . . . . . . . . : 2001:0:5ef5:79fb:285f:7a6:3f57:ff96(Preferencial) 
   Endere‡o IPv6 de link local . . . . . . . . : fe80::285f:7a6:3f57:ff96%5(Preferencial) 
   Gateway PadrÆo. . . . . . . . . . . . . . . : ::
   IAID de DHCPv6. . . . . . . . . . . . . . . : 134217728
   DUID de Cliente DHCPv6. . . . . . . . . . . : 00-01-00-01-1A-17-73-52-A4-1F-72-F4-41-1C
   NetBIOS em Tcpip. . . . . . . . . . . . . . : Desabilitado
 
Adaptador de t£nel isatap.{9536F18A-6BAF-49D6-BF83-074495BB855F}:
 
   Estado da m¡dia. . . . . . . . . . . . . .  : m¡dia desconectada
   Sufixo DNS espec¡fico de conexÆo. . . . . . : 
   Descri‡Æo . . . . . . . . . . . . . . . . . : Adaptador do Microsoft ISATAP #3
   Endere‡o F¡sico . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Habilitado . . . . . . . . . . . . . . : NÆo
   Configura‡Æo Autom tica Habilitada. . . . . : Sim
Servidor:  dlinkrouter
Address:  192.168.0.1
 
Nome:    google.com
Addresses:  2800:3f0:4001:810::200e
 216.58.222.14
 
 
Disparando google.com [216.58.222.14] com 32 bytes de dados:
Resposta de 216.58.222.14: bytes=32 tempo=62ms TTL=54
Resposta de 216.58.222.14: bytes=32 tempo=62ms TTL=54
 
Estat¡sticas do Ping para 216.58.222.14:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 62ms, M ximo = 62ms, M‚dia = 62ms
Servidor:  dlinkrouter
Address:  192.168.0.1
 
Nome:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Disparando yahoo.com [206.190.36.45] com 32 bytes de dados:
Resposta de 206.190.36.45: bytes=32 tempo=266ms TTL=47
Resposta de 206.190.36.45: bytes=32 tempo=267ms TTL=47
 
Estat¡sticas do Ping para 206.190.36.45:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 266ms, M ximo = 267ms, M‚dia = 266ms
 
Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
 
Estat¡sticas do Ping para 127.0.0.1:
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de
             perda),
Aproximar um n£mero redondo de vezes em milissegundos:
    M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
===========================================================================
Lista de interfaces
 32...80 56 f2 cb 8a 7c ......Dispositivo Bluetooth (Rede Pessoal)
 27...52 56 f2 cb 8a 7b ......Adaptador Virtual de Rede Hospedada da Microsoft
  7...00 ff d2 bf c9 0c ......TAP-Windows Adapter V9
  6...12 56 f2 cb 8a 7b ......Adaptador Virtual Direto Wi-Fi da Microsoft
  4...a4 1f 72 f4 41 1c ......Realtek PCIe FE Family Controller
  3...80 56 f2 cb 8a 7b ......Dell Wireless 1703 802.11b/g/n (2.4GHz)
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Adaptador do Microsoft ISATAP #3
===========================================================================
 
Tabela de rotas IPv4
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.105     25
        127.0.0.0        255.0.0.0      No v¡nculo         127.0.0.1    306
        127.0.0.1  255.255.255.255      No v¡nculo         127.0.0.1    306
  127.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
      192.168.0.0    255.255.255.0      No v¡nculo     192.168.0.105    281
    192.168.0.105  255.255.255.255      No v¡nculo     192.168.0.105    281
    192.168.0.255  255.255.255.255      No v¡nculo     192.168.0.105    281
        224.0.0.0        240.0.0.0      No v¡nculo         127.0.0.1    306
        224.0.0.0        240.0.0.0      No v¡nculo     192.168.0.105    281
  255.255.255.255  255.255.255.255      No v¡nculo         127.0.0.1    306
  255.255.255.255  255.255.255.255      No v¡nculo     192.168.0.105    281
===========================================================================
Rotas persistentes:
  Nenhuma
 
Tabela de rotas IPv6
===========================================================================
Rotas ativas:
 Se destino de rede de m‚trica      Gateway
  5    306 ::/0                     No v¡nculo
  1    306 ::1/128                  No v¡nculo
  5    306 2001::/32                No v¡nculo
  5    306 2001:0:5ef5:79fb:285f:7a6:3f57:ff96/128
                                    No v¡nculo
  3    281 fe80::/64                No v¡nculo
  5    306 fe80::/64                No v¡nculo
  5    306 fe80::285f:7a6:3f57:ff96/128
                                    No v¡nculo
  3    281 fe80::55e8:cdbf:fadb:1f08/128
                                    No v¡nculo
  1    306 ff00::/8                 No v¡nculo
  3    281 ff00::/8                 No v¡nculo
  5    306 ff00::/8                 No v¡nculo
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/24/2016 04:06:17 PM) (Source: MsiInstaller) (User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.
 
Error: (04/24/2016 04:04:47 PM) (Source: MsiInstaller) (User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.
 
Error: (04/18/2016 06:52:29 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: sftservice.exe, versão: 3.0.0.70, carimbo de data/hora: 0x56582a6f
Nome do módulo com falha: sftservice.exe, versão: 3.0.0.70, carimbo de data/hora: 0x56582a6f
Código de exceção: 0xc0000417
Deslocamento da falha: 0x001328ce
ID do processo com falha: 0x1490
Hora de início do aplicativo com falha: 0xsftservice.exe0
Caminho do aplicativo com falha: sftservice.exe1
Caminho do módulo com falha: sftservice.exe2
ID do Relatório: sftservice.exe3
Nome completo do pacote com falha: sftservice.exe4
ID do aplicativo relativo ao pacote com falha: sftservice.exe5
 
Error: (04/18/2016 06:46:53 PM) (Source: MsiInstaller) (User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.
 
Error: (04/18/2016 06:46:26 PM) (Source: MsiInstaller) (User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.
 
Error: (04/18/2016 06:41:43 PM) (Source: Desktop Window Manager) (User: )
Description: O Gerenciador de Janelas da Área de Trabalho encontrou um erro fatal (0x8898008d)
 
Error: (04/18/2016 02:42:44 PM) (Source: MsiInstaller) (User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.
 
Error: (04/18/2016 02:42:19 PM) (Source: MsiInstaller) (User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.
 
Error: (04/18/2016 12:56:29 PM) (Source: Application Error) (User: )
Description: Nome do aplicativo com falha: sftservice.exe, versão: 3.0.0.70, carimbo de data/hora: 0x56582a6f
Nome do módulo com falha: sftservice.exe, versão: 3.0.0.70, carimbo de data/hora: 0x56582a6f
Código de exceção: 0xc0000417
Deslocamento da falha: 0x001328ce
ID do processo com falha: 0x288
Hora de início do aplicativo com falha: 0xsftservice.exe0
Caminho do aplicativo com falha: sftservice.exe1
Caminho do módulo com falha: sftservice.exe2
ID do Relatório: sftservice.exe3
Nome completo do pacote com falha: sftservice.exe4
ID do aplicativo relativo ao pacote com falha: sftservice.exe5
 
Error: (04/18/2016 12:51:02 PM) (Source: Microsoft-Windows-RestartManager) (User: Giovanni)
Description: O aplicativo ou serviço 'SlimWare Utility Service Launcher' não pôde ser reiniciado.
 
 
System errors:
=============
Error: (04/24/2016 04:01:07 PM) (Source: Tcpip) (User: )
Description: O sistema detectou um conflito de endereço entre o endereço IP 192.168.0.103 e o sistema
que possui o endereço de hardware de rede 82-9B-6A-BA-E8-EB. Como resultado desse conflito, as operações de rede nesse sistema podem ser
interrompidas.
 
Error: (04/18/2016 06:52:54 PM) (Source: Service Control Manager) (User: )
Description: O serviço SoftThinks Agent Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 06:44:34 PM) (Source: Service Control Manager) (User: )
Description: O serviço HWDeviceService64.exe foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 12:56:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço SoftThinks Agent Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 12:48:19 PM) (Source: DCOM) (User: AUTORIDADE NT)
Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
 
Error: (04/18/2016 12:48:01 PM) (Source: Service Control Manager) (User: )
Description: O serviço HWDeviceService64.exe foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 11:30:45 AM) (Source: Service Control Manager) (User: )
Description: O serviço SoftThinks Agent Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 11:22:18 AM) (Source: Service Control Manager) (User: )
Description: O serviço HWDeviceService64.exe foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 11:12:39 AM) (Source: Service Control Manager) (User: )
Description: O serviço SoftThinks Agent Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (04/18/2016 11:11:29 AM) (Source: Service Control Manager) (User: )
Description: O serviço NVIDIA Streamer Network Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
 
Microsoft Office Sessions:
=========================
Error: (04/24/2016 04:06:17 PM) (Source: MsiInstaller)(User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/24/2016 04:04:47 PM) (Source: MsiInstaller)(User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/18/2016 06:52:29 PM) (Source: Application Error)(User: )
Description: sftservice.exe3.0.0.7056582a6fsftservice.exe3.0.0.7056582a6fc0000417001328ce149001d199bbd1211fe6C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exeC:\Program Files (x86)\Dell Backup and Recovery\sftservice.exed8156946-05af-11e6-bef7-8056f2cb8a7c
 
Error: (04/18/2016 06:46:53 PM) (Source: MsiInstaller)(User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/18/2016 06:46:26 PM) (Source: MsiInstaller)(User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/18/2016 06:41:43 PM) (Source: Desktop Window Manager)(User: )
Description: 0x8898008d
 
Error: (04/18/2016 02:42:44 PM) (Source: MsiInstaller)(User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/18/2016 02:42:19 PM) (Source: MsiInstaller)(User: Giovanni)
Description: Produto: Akamai NetSession Interface -- Erro 1310. Erro ao se gravar no arquivo: C:\Users\Giovanni Baladão\AppData\Local\Akamai\admintool.exe.  Erro do sistema 0. Verifique se você tem acesso a essa pasta.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/18/2016 12:56:29 PM) (Source: Application Error)(User: )
Description: sftservice.exe3.0.0.7056582a6fsftservice.exe3.0.0.7056582a6fc0000417001328ce28801d1998a05eff5c3C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exeC:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe1c6dbac4-057e-11e6-bef6-8056f2cb8a7c
 
Error: (04/18/2016 12:51:02 PM) (Source: Microsoft-Windows-RestartManager)(User: Giovanni)
Description: 0SlimServiceFactory.exeSlimWare Utility Service Launcher03026217836360
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-03-11 13:35:26.481
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:51.655
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:40.448
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:31.196
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:30.888
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:30.573
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:29.857
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:29.210
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:28.462
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-03-11 13:28:26.946
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\{5CD2884E-CAD6-472A-9F7B-C56D4F978182}) (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Atualizações da NVIDIA 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{34CE35A5-BC22-4045-9F05-6C411D3A74DB}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CrystalDiskInfo 6.1.8 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.8 - Crystal Dew World)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{B57A8AFE-6735-4497-BD52-BD2F838F5CF0}) (Version: 1.2.1.31 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.13 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{66F942CD-BCA2-4D4C-84B8-8B6B09F9CE5D}) (Version: 1.2.1004.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Digimon Masters (HKLM-x32\...\Digimon Masters) (Version:  - )
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.10 - Electronic Arts)
Epic Games Launcher (HKLM\...\{8727C279-A122-40B8-8ACA-271E1809DAA5}) (Version: 1.1.23.0 - Epic Games, Inc.)
Galeria de Fotos (HKLM-x32\...\{F5248B7E-779A-4FA4-8134-D1933D8680FA}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jade Empire (HKLM-x32\...\{EEAA7AC3-F651-4842-86E0-4C755181388B}) (Version: 1.0.1.1 - Electronic Arts)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 10.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - )
KMSpico v9.0.5.20131112 (HKLM\...\KMSpico_is1) (Version: 9.0.5.20131112 - )
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Monitor da tecnologia Intel® Turbo Boost 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Movie Maker (HKLM-x32\...\{C32D87E1-6310-4CD5-8D6D-865AFE0E9B4E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0.2 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 pt-BR)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
NVIDIA Driver de gráficos 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Painel de controle da NVIDIA 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 364.72 - NVIDIA Corporation) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.10.0 - Prolific Technology INC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.340 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.005 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Resident Evil / biohazard HD REMASTER (HKLM\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Resident Evil 0 / biohazard 0 HD REMASTER (HKLM\...\Steam App 339340) (Version:  - CAPCOM Co., Ltd.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
SPORE™ Aventuras Galácticas (HKLM-x32\...\{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}) (Version: 1.01.0001 - Electronic Arts)
SPORE™ Coleção de Partes Medonhas & Fofinhas (HKLM-x32\...\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls Online: Tamriel Unlimited (HKLM\...\Steam App 306130) (Version:  - Zenimax Online Studios)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Ambições (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Caindo na Noite (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Estações (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Gerações (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 No Futuro (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Sobrenatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Volta ao Mundo (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.15.55.1020 - Electronic Arts Inc.)
The Talos Principle (HKLM-x32\...\Steam App 257510) (Version:  - Croteam)
Unity (HKLM-x32\...\Unity) (Version: 4.5.5f1 - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0416-0000-0000000FF1CE}_Office15.PROPLUSR_{7BDD179E-C954-438B-937D-EB411B701EAB}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIVO INTERNET (HKLM-x32\...\VIVO INTERNET) (Version: 16.002.10.19.149 - Huawei Technologies Co.,Ltd)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 40%
Total physical RAM: 8089.09 MB
Available physical RAM: 4806.2 MB
Total Virtual: 9945.09 MB
Available Virtual: 5542.07 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:919.83 GB) (Free:508.81 GB) NTFS
3 Drive y: (PBR Image) (Fixed) (Total:10.11 GB) (Free:0.71 GB) NTFS
 
========================= Users: ========================================
 
Contas de usu rio para \\GIOVANNI
 
Administrador            Convidado                Giovanni BaladÆo         
Comando conclu¡do com ˆxito.
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
 
**** End of log ****
 
 
ESET scan:
 
C:\Program Files\KMSpico\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.B potentially unsafe application
C:\Windows\System32\trz8489.tmp Win32/HackKMS.N potentially unsafe application
 
 
 
I also noticed when I was playing offline, the problem happened more frequently, about every 15 minutes the game kept minimizing.


#5 Struppigel

Struppigel

    Karsten Hahn, G DATA Malware Analyst


  • Malware Response Team
  • 231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 25 April 2016 - 02:41 AM

Hi Giovanni.

 

Please read the following warning.

 

 

goGMWSt.gifCracked Software
------------------------------

One or more of the identified issues may be a result of downloading cracked/pirated/illegal software. Participating in the use of such software is a security risk. Were you aware your machine has cracked software installed? We do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread malware. I strongly recommend you refrain from participating in this activity; your computer will be re-exposed to malware otherwise. Simply visiting a cracked software site often result in exposure to malware. In some instances malware may cause so much damage to your system that removal is not possible and the only option is to reformat your hard drive and reinstall your Operating System. Please refer to the following articles for more information.

I am prepared to continue providing assistance as long as you agree to remove all cracked software immediately.

 

 

If you decide to proceed, please remove the cracked software and continue with the step below.

 

STEP 1
XrDFflh.pngCKScanner

  • Please download CKScanner and save the file to your Desktop.
  • Right-Click CKScanner.exe and select AVOiBNU.jpgRun as administrator to run the programme.
  • Click Search For Files.
  • When the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Please run this programme only once.
  • A log (CKFiles.txt) will be created on your Desktop. Copy the contents of the log and paste in your next reply.
     

 

 



#6 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 25 April 2016 - 10:19 AM

Removed both the problems when I saw the ESET scan log, don't know if the minmizing problem is fixed, I need more time to see about this.
And about the cracked software, someone that used my computer must have dowloaded without my knowlage, I will talk to the last person who used my computer about this.
But talking about the problem here the results of CKScanner:
 
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\blender foundation\blender\2.73\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\program files\epic games\4.7\engine\shaders\particlesortkeygen.usf
c:\program files\gimp 2\share\gimp\2.0\patterns\cracked.pat
c:\program files (x86)\origin games\jade empire\sound\vo\j04\j04_lot_crack_xsb.txt
c:\program files (x86)\origin games\jade empire\sound\vo\j04\j04_lot_crack_xwb.txt
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\coreblueprints\emitters\eggcrackemitter.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\effects\textures\generic\crackmask.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock5_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock6_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock7_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock9_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock_lavacrack_basemic.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\sound\sfx\temp\eggcrack.uasset
scanner sequence 3.DI.11.NGAPQZ
 ----- EOF ----- 


#7 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 25 April 2016 - 06:35 PM

The problem isn't over, the minimizing continues to happen.



#8 Struppigel

Struppigel

    Karsten Hahn, G DATA Malware Analyst


  • Malware Response Team
  • 231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 26 April 2016 - 01:40 AM

Hi GiovanniSantos.

 

We did not fix anything yet (at least I did not instruct you to). It would have been a random occurrence if the problem stopped.

 

I noticed a problem in your logs:

 

Error: (04/24/2016 04:01:07 PM) (Source: Tcpip) (User: )
Description: O sistema detectou um conflito de endereço entre o endereço IP 192.168.0.103 e o sistema
que possui o endereço de hardware de rede 82-9B-6A-BA-E8-EB. Como resultado desse conflito, as operações de rede nesse sistema podem ser
interrompidas.

 

 

According to Google Translate it means that two devices on your network use the same IP.

I don't know if it can be related to the minimizing problem. You also wrote it happens while being offline, so it may be unrelated.

 

STEP 1
F0hoanr.png Change IP Address

You can fix this IP conflict by following these steps:

  1. In Control Panel, double-click Network.
  2. Click the TCP/IP protocol, and then click Properties.
  3. On the IP Address tab, configure the protocol to use a different IP address that is not already in use on the network.
  4. Click OK.

You may find a list of the already used IP addresses in the admin panel of your router (if you have one).

 

STEP 2
F0hoanr.png Clean Boot

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type msconfig and click OK.
  • If prompted for an administrator password or for confirmation, type the password, or provide confirmation.
  • In the General tab, click Selective Startup.
  • Remove the checkmark next to Load startup items.
  • Click the Services tab.
  • Place a checkmark next to Hide all Microsoft services.
  • Click Disable all, followed by OK.
  • When prompted, click Restart and boot normally into Windows.

Please tell me if the minimizing problem is still there after a clean boot.


Edited by Curie, 26 April 2016 - 01:42 AM.


#9 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 26 April 2016 - 11:13 AM

Ok I have done a clean boot, but now I can't acess steam without dowloading the steam service again to start a game and see if the problem happens again, what do I do now?



#10 Struppigel

Struppigel

    Karsten Hahn, G DATA Malware Analyst


  • Malware Response Team
  • 231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 26 April 2016 - 01:08 PM

Go back into msconfig and only check the items that belong to Steam (SteamService.exe probably). Reboot and see if you can start Steam.



#11 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 29 April 2016 - 10:17 AM

Ok, I'm going to do some tests, but I noticed that the selective startup was already marked. Is it normal to the option be already marked even after selecting the normal startup?



#12 Struppigel

Struppigel

    Karsten Hahn, G DATA Malware Analyst


  • Malware Response Team
  • 231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 29 April 2016 - 03:45 PM

As soon as you disable any items in msconfig, it becomes a selective startup.



#13 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 29 April 2016 - 04:06 PM

I made a few tests and the problem did not happened, but it is better to make a few more tests to be sure, because the problem shows at ramdom times and I can't be sure it is fixed, even more today because my internet was not working well and I could not test a online game.

And the selective startup was already marked before I disabled any item.


Edited by GiovanniSantos, 29 April 2016 - 04:09 PM.


#14 Struppigel

Struppigel

    Karsten Hahn, G DATA Malware Analyst


  • Malware Response Team
  • 231 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:03 AM

Posted 30 April 2016 - 02:50 AM

Take your time to test it. Note that this clean boot is just for troubleshooting. If the problem does not occur anymore then it is one of the now disabled processed that caused the problem. We will have to track down which one it is, so you can enable the other startup items again.



#15 GiovanniSantos

GiovanniSantos
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  

Posted 30 April 2016 - 09:19 AM

Here are the services on my computer that isn't Microsoft, maybe this help find the problem a little faster:

SAS Core Service

Adobe Acrobat Update Service

Adobe Flash Player Update Service

Andrea RT Filters Service

Adobe Genuine Software Integrity Service

Avira Mail Protection

Avira Agendamento

Avira Real Time Protection

Avira Web Protection

AtheroSvc

Avira Service Host

BattlEye Service

Intel® Content Protection HECI Service

Dell Data Vault

Dell Data Vault Wizard

Dell Digital Delivery Service

NVIDIA Geforce Experience Service

Serviço do Google Update (gupdate)

Serviço do Google Update (gupdatem)

HWDeviceService64.exe

Tecnologia de Armagenamento Intel® Rapid

Intel® Integated Clock Controller Service - Intle® ICCS

IconMan_R

Intel® HD Graphics Control Panel Service

Intel® Capability Licencing Service TCP IP Service

Intel® Security Assist

Intel® Security Assist Helper

Intel® Dynamic Application Loader Host Interface Service

Intel® Management and Security Application Local Management Service

Malwarebytes Anti-Exploit Service

Mozzila Maintenance Service

NVIDIA Network Service

NVIDIA Streamer Network Service

NVIDIA Streamer Service

NVIDIA Display Driver Service

Origin Client Service

Cyberlink RichVideo Service (CRVS)

SoftThinks Agent Service

Skype Updater

Steam Client Service

Dell SupportAssist Agent

Intel® Turbo Boost Technology Monitor 2.6






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users