cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 05/07/2016 00:19:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18349)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,54 Gb Available Physical Memory | 27,99% Memory free
4,71 Gb Paging File | 1,19 Gb Available in Paging File | 25,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 431,27 Gb Free Space | 92,61% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 82,49 Mb Free Space | 82,50% Space Free | Partition Type: NTFS

Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AAD3634-FEFD-4540-916B-BA47FBFC5F30}" = lport=445 | protocol=6 | dir=in | app=system |
"{0F8D6A63-8411-4B39-995C-547C3FCC05C2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19837B48-F1AD-424A-94D0-21FA7DFC295F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CA3CF6F-1AE2-4D0F-B11D-7B969E54B4D0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2E8A5037-08A5-4F3A-8FC0-37C4B41069F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2ED1D91F-FAF3-4BA9-9645-48F5867AC166}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{416EAE2F-0180-4682-A116-6FAF2D1AA8CF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{48DCA31E-9578-4136-9D83-E0294F7A99A1}" = rport=138 | protocol=17 | dir=out | app=system |
"{51434160-10D2-4BB5-A384-25ADE1A0BAAB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{526CAB99-D5FD-47E8-8E72-3F43DD1DE43D}" = lport=137 | protocol=17 | dir=in | app=system |
"{5DC17A5B-A4E1-4197-BC19-8422A526AEDD}" = rport=137 | protocol=17 | dir=out | app=system |
"{7E91A8F7-8DFE-4E61-A022-CFB250A3DEF7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA934476-9D33-4FA7-8408-681166FB1600}" = rport=139 | protocol=6 | dir=out | app=system |
"{B16E3F46-9114-46C2-AB4F-9FBE4A6AE128}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5FC85BF-DCCB-4925-A16F-578B03BFFBBC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{BC951142-8235-4D3E-B112-C9281296E69C}" = lport=138 | protocol=17 | dir=in | app=system |
"{BE0A6B6C-2CC4-487B-9C04-A2280B3A07E1}" = rport=445 | protocol=6 | dir=out | app=system |
"{CCDEA568-133D-46D4-B534-6B32A819FF71}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D3725131-6617-43E0-A0F4-EE826E743BE2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC13A1EC-2F24-48F9-93B0-302513620233}" = lport=139 | protocol=6 | dir=in | app=system |
"{E7F0EA18-A5E0-40C8-A43F-444850A8EDCE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FD2FB7D1-3075-4B53-A1E4-C9C0B292D0F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0212FA4C-2341-419F-8AF6-E623487D23F7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0AB4DC80-D107-4304-8118-A030BB453BEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{153CDA42-EC0C-4B81-B8A3-8A9CA769E604}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16B1BBC6-BD1C-4FAD-B806-81162640B2AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17B3CCEE-FADB-439A-BC4A-DFC80513C8A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BB67489-4D26-4443-BEDA-BF3F644A50EE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{36A8CDBD-216E-4545-B072-9AF8B7D31A5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{447B309C-8F7D-4BE9-B121-6A9C1A350295}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{48E73BBD-442E-44D9-A1F6-19F610767AEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E4DA873-00C7-4649-9578-9A83722786E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{746513E3-4370-4221-9FCC-591B430961FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C24C6F38-31BA-4ED3-BF4B-9D8F5B177CFC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA3ECD1F-02D7-4293-836B-E8E410391849}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CF167C48-3C42-4AA9-B545-666956EB3194}" = protocol=6 | dir=out | app=system |
"{DD61E577-F695-43B1-BACC-5786AA07A7D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFD8C1B1-8A68-4BEB-8289-269871DF1DF7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{32DEECD5-390B-4C87-9A24-D4DDDDCE3CF7}C:\users\sandra\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\sandra\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe |
"TCP Query User{522FB2DE-2FA6-4560-A3F0-06069F0D6F52}C:\program files\java\jre1.8.0_77\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_77\bin\javaw.exe |
"UDP Query User{0B2D5D97-A102-47DF-8708-8AA88B2CD397}C:\program files\java\jre1.8.0_77\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_77\bin\javaw.exe |
"UDP Query User{16E1E971-2D31-4D3D-B2D3-2AF639245C27}C:\users\sandra\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\sandra\downloads\runtime\jre-x32\1.8.0_25\bin\javaw.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1" = gpedt.msc 1.0
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{30500C7C-2206-3DC6-9792-96E95A04669D}" = Microsoft .NET Framework 4.6.1
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34BF287B-24D9-4CFC-94A6-B1F4A92EC55D}" = Intel(R) Chipset Device Software
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{746AB259-6474-4111-8966-1C62F9A6E063}" = SlimDrivers
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98f335cd-0a32-4b3f-b74c-ef9480e834f0}" = Software de dispositivo do Chipset Intel®
"{A1A7EC67-A7E5-4C9E-8EA1-EABA7FD51A07}" = SlimCleaner Plus
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{D880D80F-C0E2-11E1-8A91-F04DA23A5C58}" = MSVCRT Redists
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F2E04A40-3EA7-42F8-B7CC-B6E7A39DC150}" = Adobe AIR
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe AIR" = Adobe AIR
"Adobe Flash Player PPAPI" = Adobe Flash Player 22 PPAPI
"Avast" = Avast Free Antivirus
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versão 2.2.1.1043
"SafeZone 1.48.2066.44" = SafeZone Stable 1.48.2066.44
"SlimCleaner Plus" = SlimCleaner Plus
"WinRAR archiver" = WinRAR 5.30 (32-bit)

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 23/06/2016 14:28:21 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 23/06/2016 14:53:49 | Computer Name = Sandra-PC | Source = Software Protection Platform Service | ID = 8200
Description = Detalhes da falha na aquisição de licença. hr=0xC004C533

Error - 23/06/2016 14:53:49 | Computer Name = Sandra-PC | Source = Software Protection Platform Service | ID = 8208
Description = Falha ao adquirir tíquete original (hr=0xC004C533) para a identificação
de modelo 66c92734-d682-4d71-983e-d6ec3f16059f

Error - 25/06/2016 14:00:37 | Computer Name = Sandra-PC | Source = Application Hang | ID = 1002
Description = O programa CCleaner.exe versão 5.0.0.5050 parou de interagir com o
Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
verifique o histórico de problemas no painel de controle da Central de Ações. ID
de Processo: 16fc Hora de Início: 01d1cf04957b2d00 Hora de Término: 0 Caminho do Aplicativo:
C:\Program Files\CCleaner\CCleaner.exe Id do Relatório: b4e49b53-3afe-11e6-b8d0-6466b3023dcd


Error - 25/06/2016 15:04:49 | Computer Name = Sandra-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: chrome.exe, versão: 51.0.2704.103, carimbo
de hora: 0x57610a1f Nome do módulo de falhas: chrome.dll, versão: 51.0.2704.103,
carimbo de hora: 0x576109f2 Código de exceção: 0x80000003 Deslocamento com falha:
0x0056713e Identificação do processo com falha: 0x17ec Hora de início do aplicativo
com falha: 0x01d1cf0e1992db58 Caminho do aplicativo com falha: C:\Program Files\Google\Chrome\Application\chrome.exe
FCaminho
do módulo de falhas: C:\Program Files\Google\Chrome\Application\51.0.2704.103\chrome.dll
Identificação
do Relatório: b00151bf-3b07-11e6-8a9e-6466b3023dcd

Error - 03/07/2016 15:59:31 | Computer Name = Sandra-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: chrome.exe, versão: 51.0.2704.106, carimbo
de hora: 0x576b4aa3 Nome do módulo de falhas: unknown, versão: 0.0.0.0, carimbo
de hora: 0x00000000 Código de exceção: 0xc0000005 Deslocamento com falha: 0x3a3a6563
Identificação
do processo com falha: 0x15c8 Hora de início do aplicativo com falha: 0x01d1d56500622568
Caminho
do aplicativo com falha: C:\Program Files\Google\Chrome\Application\chrome.exe FCaminho
do módulo de falhas: unknown Identificação do Relatório: a7bfb000-4158-11e6-b644-6466b3023dcd

Error - 03/07/2016 19:52:22 | Computer Name = Sandra-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: taskeng.exe, versão: 6.1.7601.17514,
carimbo de hora: 0x4ce79261 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.23418,
carimbo de hora: 0x5708a7a8 Código de exceção: 0xc0000005 Deslocamento com falha:
0x0005280f Identificação do processo com falha: 0xafc Hora de início do aplicativo
com falha: 0x01d1d585edac8ced Caminho do aplicativo com falha: C:\Windows\system32\taskeng.exe
FCaminho
do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: 2eafa5cf-4179-11e6-b06f-6466b3023dcd

Error - 03/07/2016 23:31:55 | Computer Name = Sandra-PC | Source = Application Hang | ID = 1002
Description = O programa mmc.exe versão 6.1.7600.16385 parou de interagir com o
Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
verifique o histórico de problemas no painel de controle da Central de Ações. ID
de Processo: 1b9c Hora de Início: 01d1d5a450e71538 Hora de Término: 9 Caminho do Aplicativo:
C:\Windows\system32\mmc.exe Id do Relatório: ce8b389b-4197-11e6-b06f-6466b3023dcd


Error - 03/07/2016 23:33:14 | Computer Name = Sandra-PC | Source = Application Error | ID = 1000
Error - 04/07/2016 10:57:09 | Computer Name = Sandra-PC | Source = Application Hang
| ID = 1002

Description = O programa OTL.exe versão 3.2.69.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 23a8

Hora de Início: 01d1d601734345cf

Hora de Término: 0

Caminho do Aplicativo: C:\Users\Sandra\Downloads\OTL.exe

Id do Relatório: 92e79b35-41f7-11e6-b06f-6466b3023dcd

Error - 04/07/2016 11:18:03 | Computer Name = Sandra-PC | Source = Application Hang
| ID = 1002

Description = O programa OTL.exe versão 3.2.69.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 5fc

Hora de Início: 01d1d605568454d2

Hora de Término: 0

Caminho do Aplicativo: C:\Users\Sandra\Downloads\OTL.exe

Id do Relatório: 7c5471d4-41fa-11e6-af9a-6466b3023dcd


Error encountered while reading event logs.

< End of report >

Publicité


Signaler le contenu de ce document

Publicité