cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 04/02/2016 22:34:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HENRIQUE\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

7,95 Gb Total Physical Memory | 4,22 Gb Available Physical Memory | 53,05% Memory free
15,89 Gb Paging File | 11,24 Gb Available in Paging File | 70,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,29 Gb Total Space | 601,83 Gb Free Space | 64,62% Space Free | Partition Type: NTFS
Drive E: | 14,41 Gb Total Space | 10,41 Gb Free Space | 72,25% Space Free | Partition Type: FAT32

Computer Name: GPCDH01 | User Name: HENRIQUE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-144837502-1946082608-2162394358-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe" = C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe:*:Enabled:Puxa Rápido -- ()
"C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe" = C:\Program Files (x86)\Puxa Rápido\PuxaRapido.exe:*:Enabled:Puxa Rápido -- ()


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{148A0E16-4E84-4C26-B9D7-4AADBBF346F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16E2ECC0-314A-4900-B00A-DD0998A3B935}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{3B6F865A-2698-43D5-8937-D6FA573C098A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{400FE3EC-50B7-4166-9D16-6E33FD247373}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{430FB23C-BAAA-42B3-AA5C-43D93494A836}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44058278-3834-4496-BB10-BF0D6EF8D820}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DA79BF2-9DFF-4E93-A32E-449EBEF816D4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{538976DB-B191-4C67-8D14-FC35E69A7B35}" = lport=445 | protocol=6 | dir=in | app=system |
"{59F2DD5D-322A-4F5D-9303-E81265AEACA1}" = lport=139 | protocol=6 | dir=in | app=system |
"{5FE05D92-30D0-4D47-A3FE-B03E39EC8C74}" = rport=137 | protocol=17 | dir=out | app=system |
"{72AE27B2-A919-4D76-9DBD-DF71A44D6264}" = lport=10243 | protocol=6 | dir=in | app=system |
"{730824CD-9E5A-435C-B331-608A0EA24989}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{7CE3E55B-9545-44FD-8F43-181E1E649294}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7DE9C790-361A-4C4B-AF9C-9E25960075B5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E1D9C86-3095-46C8-9DF3-9E52E6EBD785}" = rport=445 | protocol=6 | dir=out | app=system |
"{819C2043-FEA2-444B-A012-725F84362D2D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{88DF67E6-CC11-4046-B827-3E2E36C93457}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{A4B39DF9-ABD6-4A80-AD78-1E0C7CCB9D7D}" = rport=138 | protocol=17 | dir=out | app=system |
"{A5357097-1AB8-4F71-AD8F-46535858C77B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABD32CD9-EAC8-4E1D-965F-FACAF4545D1C}" = rport=139 | protocol=6 | dir=out | app=system |
"{ADC61213-F614-49C4-8CAC-20A4E4A6D4F2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{AE44D7D1-9D47-44D9-8CE0-F0419448C0EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BFDD76A9-8FE5-44E6-B4AE-A163D25AD323}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C059007A-5193-4EA0-BFBB-891695F5A44F}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D9C10DB6-1CC1-4671-8F5D-6D17EFEDF0D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{DB19A51F-520A-422F-8758-DA9DEFA91651}" = lport=138 | protocol=17 | dir=in | app=system |
"{DB844A60-D0C4-4980-A9E9-E238BDAE6D8E}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E41EA45A-F956-4C4F-8A0A-90D2292D1DC3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F2BA46C0-DA20-4E0A-90F4-D2FD6FBD537A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F614574C-0BAB-46B3-9E8B-0C1045E5D7D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000657EC-5445-47CD-AC77-595F94AAA644}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{049FF9FF-E420-4253-8BB8-39529C142CAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04A7C175-9BFA-49DA-A547-39EC0E324FFC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{17FEF51F-53D4-4C43-BD23-37F8EA8B48E0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1BC09ECE-0CC2-4562-8ABE-74B0F675D83B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1DE45B05-40B0-49C7-91CB-ED7CA78B3E9D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1ECF3D0D-BEDF-4DCF-89AD-0C17BBF4803D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{223EDC10-B5A9-420E-BF19-991EDF9D05B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{24A7022A-B966-4805-ACA6-8C0A09D76A10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops iii\blackops3.exe |
"{32F30E0D-6F78-4889-B843-9739A130B6AA}" = protocol=6 | dir=in | app=c:\program files (x86)\hide my ip 6\hidemyip.exe |
"{33198A0F-5950-4711-B9CE-58B35EB920E2}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{35971B3E-754C-4024-9FD0-9121D45F43BC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3C0DCB69-0235-4212-B8AC-1181A1659193}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3DBAA739-DF8F-41FC-A56D-73EC18DB9510}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{43FF04B0-5133-4A2B-9746-D1621F7A267D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44477BED-388F-4245-A806-99BC1F3DEF70}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{44DA4F53-C664-475C-AA24-F204F54C9346}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{4540EF56-ECD9-4339-8A2F-4D34E5ADCBE6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47F7658B-E151-42B4-A1B2-53F972A0B067}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metal war online retribution\mwolauncher.exe |
"{482F2F86-691B-4418-AB8E-644F900A96DA}" = protocol=6 | dir=out | app=system |
"{4DEF7BE2-7714-4AB9-BE3E-5C0747924CB4}" = protocol=6 | dir=in | app=c:\program files (x86)\kinoni\remote desktop\windowsserver.exe |
"{4FD57BC4-CCD4-4353-85AF-52BB5EC7B2E0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{50279ACB-3C4A-49FE-BCA9-E241F3EC1C76}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4x86webhelper.exe |
"{52D8A840-FC5D-4614-931B-E212330B81C5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{571CC487-660A-446F-A84C-76266DE96128}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4webhelper.exe |
"{573806C3-6C2E-43A0-BDA5-42E765502CE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{58723FEE-1057-4E1F-BBC3-39B9C2A67069}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{5C2D2D2D-4413-444E-8EB6-57A285590E83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{5CDCB244-6160-41B0-874A-B3DE9712BC57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5EB1BD5C-B4C5-4D4C-9830-7EB1826DE18F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4x86webhelper.exe |
"{5F02F0D1-DB33-4580-82BF-5CAB2568FF46}" = protocol=6 | dir=in | app=c:\program files (x86)\hide my ip 6\hidemyipsrv.exe |
"{628109CF-E7CC-45C1-A6A0-C4AFD4926F40}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{630467BA-2E26-4AFA-BBCD-D287C8EBEE70}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\fractured space.exe |
"{6FCDF12E-3172-42C0-8177-2465DF1E09C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{706E0679-27C5-4550-B16A-145B46476A60}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{71A24573-576B-4287-A5BC-4F69C300F00F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{75B7E014-BE2A-4E85-BEED-4B8112C9E78C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{781542E3-90F6-41BC-943F-3C0891E8BE32}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{7AD87D52-B7AF-4916-90FF-E85740837D3A}" = protocol=17 | dir=out | app=c:\program files (x86)\kinoni\remote desktop\windowsserver.exe |
"{7C3BA336-6471-490D-8F63-1C55B105EB54}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{7C647C07-A51C-42ED-B6A6-8B6CDC990D12}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{81673E78-9D35-457F-9913-50DBE3D3C066}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81987F7D-57BF-44C5-B34F-ED398E2A3533}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{85A7B615-F5E1-462D-81F1-9ABEE7310162}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{881C9BCB-B562-47F8-89F7-F42AA055C23F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BD6AA4B-A00A-407A-BA35-6EF7A737B678}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8C86E03F-C995-4600-B895-5AED06096F4F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{93B76956-85D9-4948-9C17-C297EF0A3F55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{97F12609-6843-47DD-BFAB-39A9482D19BD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9AEB5258-FDF2-49D1-AEC3-7FF5DED61DC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metal war online retribution\mwolauncher.exe |
"{A201C9A8-0740-4BAC-A191-0FDFCFB00DB1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{C17EE14B-A8AC-4BCB-AC2C-FA9EBE8D1D45}" = protocol=17 | dir=in | app=c:\program files (x86)\link-one\common\ramediaserver.exe |
"{C6FE25AC-FE8C-45FE-8F92-B1A0A2AF10ED}" = protocol=6 | dir=out | app=c:\program files (x86)\kinoni\remote desktop\windowsserver.exe |
"{C7FCA784-5345-4E56-8D5E-65DDD464FE00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\fractured space.exe |
"{C8BB7699-5E5C-47DC-A7CD-00AE64632D57}" = protocol=17 | dir=in | app=c:\program files (x86)\kinoni\remote desktop\windowsserver.exe |
"{D49818F7-0305-44F9-BA4E-BC69C0054C55}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D5F0D838-77AE-4927-B873-E8173A5042AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{D8A8DBAC-2FE3-4C37-B65F-CEDBBF546A99}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D9A05556-B803-408B-B9C6-725AD04B7A62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCC8EDF8-D8D0-4B5C-949F-8810859A34AB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4webhelper.exe |
"{DCCAC43D-BC7C-4C53-83A7-D0408CB3B64E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFB4CA43-BF3C-4DF4-982C-446A45AE572F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E2F675FC-452E-448B-9909-2040C7FDFD80}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E496789F-72BB-4F52-A216-4E914F0B86B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E59C5F54-DB89-40E4-B653-77B5318A4895}" = protocol=6 | dir=in | app=c:\program files (x86)\link-one\common\ramediaserver.exe |
"{E9D34179-2228-46E7-9FEE-A48282D06960}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops iii\blackops3.exe |
"{FCB64CB6-95E7-4496-8556-BF10A910B56A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{6AEE969B-1224-4594-95FB-2BEC24B6523A}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe |
"TCP Query User{D5C8954F-6D45-4EB0-9059-1F8EB4A51B23}C:\users\henrique\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\henrique\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{2A5FA8DF-01DE-4056-AA7C-A2E80817E071}C:\users\henrique\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\henrique\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{C7DE28C3-585F-4F80-A74A-7D17D83CB59B}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0DE0A178-AC7B-4650-806C-CF226DE03766}" = Suporte para Aplicativos Apple Apple (64-bit)
"{1099E1EF-2B57-3A55-A7AE-19F0FC1427CD}" = Microsoft .NET Framework 4.5.2 (PTB)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417079FF}" = Java 7 Update 79 (64-bit)
"{3540181E-340A-4E7A-B409-31663472B2F7}" = Apple Mobile Device Support
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170790}" = Java SE Development Kit 7 Update 79 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0416-1000-0000000FF1CE}" = Microsoft Office com Clique para Executar 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046" = Microsoft .NET Framework 4.5.2 (Português do Brasil)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver do 3D Vision 361.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 361.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 361.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.9.1.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver de controle do 3D Vision 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 2.9.1.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver de áudio HD 1.3.34.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.9.1.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.34
"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E690A491-702F-4DEC-9977-C015D1DBB57C}" = iTunes
"McAfee Security Scan" = McAfee Security Scan Plus
"Screen+_is1" = Screen+ version Screen+ 1.4.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{26A24AE4-039D-4CA4-87B4-2F03217079FF}" = Java 7 Update 79
"{26A24AE4-039D-4CA4-87B4-2F83218066F0}" = Java 8 Update 66
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Link-One Wireless LAN Card
"{32A3A4F4-B792-11D6-A78A-00B0D0170790}" = Java SE Development Kit 7 Update 79
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}" = Suporte para Aplicativos Apple (32-bit)
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140011-0066-0416-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Português (Brasil)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a2199617-3609-410f-a8e8-e8806c73545b}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4"!
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1046-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Português
"{AF0E5839-0449-4F21-B8B8-3F57E3080C96}_is1" = e-Saver 1.0
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BCCDE721-9F4D-4396-9592-92DD865D965E}" = League of Legends
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}" = Google Drive
"{f0080ca2-80ae-4958-b6eb-e8fa916d744a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype"! 7.17
"{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}" = Apple Software Update
"Afterburner" = MSI Afterburner 4.2.0
"Avast" = Avast Premier
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"Fallout 4_R.G. Mechanics_is1" = Fallout 4
"Google Chrome" = Google Chrome
"HIDEMYIP_is1" = Hide My IP 6
"Kinoni Remote Desktop" = Kinoni Remote Desktop 1.41
"League of Legends 3.0.1" = League of Legends
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office com Clique para Executar 2010
"Office14.SingleImage" = Microsoft Office Professional 2010
"Origin" = Origin
"PrecisionX" = EVGA Precision X 4.2.0
"PunkBusterSvc" = PunkBuster Services
"Puxa Rápido" = Puxa Rápido
"Rockstar Games Social Club" = Rockstar Games Social Club
"RTSS" = RivaTuner Statistics Server 6.4.1
"SafeZone 1.48.2066.44" = SafeZone Stable 1.48.2066.44
"Steam" = Steam
"Steam App 271590" = Grand Theft Auto V
"Steam App 301520" = Robocraft
"Steam App 310380" = Fractured Space
"Steam App 311210" = Call of Duty: Black Ops III
"Steam App 412470" = Metal War Online: Retribution
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"WampServer 2_is1" = WampServer 2.0
"WinRAR archiver" = WinRAR 5.30 (32-bit)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-144837502-1946082608-2162394358-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 02/02/2016 22:29:28 | Computer Name = GPCDH01 | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.0.104:5353 17 E.2.1.3.C.A.4.5.A.D.E.3.E.3.4.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa.
PTR GPCDH01-2.local.

Error - 02/02/2016 22:29:28 | Computer Name = GPCDH01 | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 E.2.1.3.C.A.4.5.A.D.E.3.E.3.4.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa.
PTR GPCDH01.local.

Error - 03/02/2016 12:44:08 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = As cadeias de caracteres de desempenho no valor do Registro de desempenho
foram corrompidas durante o processamento do provedor do contador de extensões
Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção
de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp
é o terceiro DWORD na seção de dados.

Error - 03/02/2016 12:44:08 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = As cadeias de caracteres de desempenho no valor do Registro de desempenho
foram corrompidas durante o processamento do provedor do contador de extensões
Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção
de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp
é o terceiro DWORD na seção de dados.

Error - 03/02/2016 12:44:08 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Falha ao descarregar as cadeias de caracteres do contador de desempenho
do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código
de erro.

Error - 03/02/2016 23:25:24 | Computer Name = GPCDH01 | Source = Application Hang | ID = 1002
Description = O programa Fractured Space.exe versão 4.8.1.0 parou de interagir com
o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
verifique o histórico de problemas no painel de controle da Central de Ações. ID
de Processo: 1344 Hora de Início: 01d15efb614b9921 Hora de Término: 83 Caminho do
Aplicativo: C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured
Space.exe Id do Relatório:

Error - 04/02/2016 13:22:18 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = As cadeias de caracteres de desempenho no valor do Registro de desempenho
foram corrompidas durante o processamento do provedor do contador de extensões
Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção
de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp
é o terceiro DWORD na seção de dados.

Error - 04/02/2016 13:22:18 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = As cadeias de caracteres de desempenho no valor do Registro de desempenho
foram corrompidas durante o processamento do provedor do contador de extensões
Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção
de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp
é o terceiro DWORD na seção de dados.

Error - 04/02/2016 13:22:18 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Falha ao descarregar as cadeias de caracteres do contador de desempenho
do serviço WmiApRpl (WmiApRpl). O primeiro DWORD da seção de dados contém o código
de erro.

Error - 04/02/2016 13:31:37 | Computer Name = GPCDH01 | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = As cadeias de caracteres de desempenho no valor do Registro de desempenho
foram corrompidas durante o processamento do provedor do contador de extensões
Performance. O valor BaseIndex do Registro de desempenho é o primeiro DWORD na seção
de dados, o valor LastCounter é o segundo DWORD na seção de dados e o valor LastHelp
é o terceiro DWORD na seção de dados.

[ System Events ]
Error - 04/02/2016 10:20:02 | Computer Name = GPCDH01 | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Warsaw File Access svc devido ao
seguinte erro: %%2

Error - 04/02/2016 10:26:13 | Computer Name = GPCDH01 | Source = Disk | ID = 262155
Description = O driver detectou um erro de controlador em \Device\Harddisk1\DR1.

Error - 04/02/2016 10:26:14 | Computer Name = GPCDH01 | Source = Disk | ID = 262155
Description = O driver detectou um erro de controlador em \Device\Harddisk1\DR1.

Error - 04/02/2016 10:26:15 | Computer Name = GPCDH01 | Source = Disk | ID = 262155
Description = O driver detectou um erro de controlador em \Device\Harddisk1\DR1.

Error - 04/02/2016 10:26:15 | Computer Name = GPCDH01 | Source = Disk | ID = 262155
Description = O driver detectou um erro de controlador em \Device\Harddisk1\DR1.

Error - 04/02/2016 10:31:13 | Computer Name = GPCDH01 | Source = Schannel | ID = 36887
Description = O seguinte alerta fatal foi recebido: 46.

Error - 04/02/2016 10:51:53 | Computer Name = GPCDH01 | Source = Schannel | ID = 36887
Description = O seguinte alerta fatal foi recebido: 46.

Error - 04/02/2016 11:54:33 | Computer Name = GPCDH01 | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 13:05:45 às ?04/?02/?2016 não
era esperado.

Error - 04/02/2016 11:55:19 | Computer Name = GPCDH01 | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Ralink UPnP Media Server.

Error - 04/02/2016 11:55:29 | Computer Name = GPCDH01 | Source = Service Control Manager | ID = 7026
Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
ou de inicialização: aswNetSec


< End of report >

Publicité


Signaler le contenu de ce document

Publicité