Sorry about the illegal programs, I assure you i wont be downloading any of it again!
These problems can occur at any time, but it is more likely that they happen while I'm playing a game.
And no, I had no difficulties following your instructions
The fix log:All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Pedro
->Temp folder emptied: 453031357 bytes
->Temporary Internet Files folder emptied: 251987778 bytes
->Java cache emptied: 401630 bytes
->Google Chrome cache emptied: 361266625 bytes
->Flash cache emptied: 1413 bytes
User: Public
User: Todos os Usuários
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 158534364 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1.168,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07172013_145547
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
OTL.txt:
OTL logfile created on: 17/07/2013 15:01:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pedro\Downloads
Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,50 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 56,15% Memory free
7,00 Gb Paging File | 5,20 Gb Available in Paging File | 74,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,39 Gb Total Space | 48,69 Gb Free Space | 46,64% Space Free | Partition Type: NTFS
Drive D: | 361,27 Gb Total Space | 14,93 Gb Free Space | 4,13% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 70,29 Mb Free Space | 70,29% Space Free | Partition Type: NTFS
Computer Name: PEDRO-PC | User Name: Pedro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/07/16 20:15:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pedro\Downloads\OTL.exe
PRC - [2013/07/12 15:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Chrome\Application\chrome.exe
PRC - [2013/07/07 23:28:50 | 003,456,080 | ---- | M] (Electronic Arts) -- D:\Arquivos de Programas\Origin\Origin.exe
PRC - [2013/07/03 18:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de Programas\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/03 18:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de Programas\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/06/28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- D:\Arquivos de Programas\Hamachi\hamachi-2-ui.exe
PRC - [2013/06/28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- D:\Arquivos de Programas\Hamachi\hamachi-2.exe
PRC - [2013/06/21 06:52:52 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de Programas\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2013/06/21 06:52:51 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de Programas\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de Programas\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/01 22:20:40 | 000,882,520 | ---- | M] (BitTorrent Inc.) -- C:\Arquivos de Programas\BitTorrent\BitTorrent.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de Programas\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de Programas\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Security Client\msseces.exe
PRC - [2012/11/22 23:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/02 11:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/04 23:49:04 | 000,077,824 | ---- | M] (Vicky's Cool Softwares) -- C:\Arquivos de Programas\ShutDown After\SA.exe
PRC - [2012/03/01 22:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Arquivos de Programas\Samsung\AllShare\AllShareAgent.exe
PRC - [2012/02/11 09:14:00 | 000,105,048 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 09:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe
PRC - [2010/07/28 16:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010/07/28 16:33:58 | 006,995,864 | ---- | M] (Affinegy, Inc.) -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/07/28 16:33:58 | 001,485,208 | ---- | M] (Affinegy, Inc.) -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2009/03/30 02:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de Programas\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2007/06/29 14:03:08 | 000,036,864 | ---- | M] (IGN Entertainment Inc.) -- C:\Arquivos de Programas\GameSpy\Comrade\Comrade.exe
========== Modules (No Company Name) ========== MOD - [2013/07/12 15:49:44 | 000,396,240 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 15:49:42 | 004,052,944 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 15:48:52 | 000,601,552 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 15:48:51 | 000,123,344 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013/07/12 15:48:49 | 001,597,392 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/07/11 22:57:14 | 013,320,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\560d004ec873fb47a3e58cd5cf65d32d\System.Web.ni.dll
MOD - [2013/07/11 16:10:33 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\94fc97289ba0902a9237cdbfc19cdcc1\System.Windows.Forms.ni.dll
MOD - [2013/07/11 16:10:26 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\e42fcb372586d8b433cc3f5e23c5ab4e\System.Runtime.Remoting.ni.dll
MOD - [2013/07/11 16:10:26 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1c2c7074f15ce2472a1dac64931cbfcc\System.ServiceProcess.ni.dll
MOD - [2013/07/11 16:10:21 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\06e9aae297c27bffef4ef184417ee6aa\PresentationCore.ni.dll
MOD - [2013/07/11 16:10:20 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\858e88af3a72319bdce4f6e1f9492f46\System.Xml.ni.dll
MOD - [2013/07/11 16:10:17 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0e5a4b9b215047e0ef087a95683e4ece\System.Core.ni.dll
MOD - [2013/07/11 16:10:16 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9cab1291edbd51be678afdaf86c643c4\System.Drawing.ni.dll
MOD - [2013/07/11 16:10:14 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\14b83241d878b9068d265feef7fda381\WindowsBase.ni.dll
MOD - [2013/07/11 16:10:14 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d87de4bbcefb0a67eaae225f35964a4f\System.Configuration.ni.dll
MOD - [2013/07/11 16:10:12 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c7c3cd390aa067130df3a89c0d3b6e4\System.ni.dll
MOD - [2013/07/11 16:10:07 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013/07/07 23:28:52 | 000,062,976 | ---- | M] () -- D:\Arquivos de Programas\Origin\tufao.dll
MOD - [2013/01/24 08:58:04 | 001,046,528 | ---- | M] () -- c:\Arquivos de Programas\MagniPic\sprotector.dll
MOD - [2013/01/15 23:24:03 | 002,076,672 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_3130c77f\system.xml.dll
MOD - [2013/01/15 23:24:01 | 002,994,176 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_d2bcc6ed\system.windows.forms.dll
MOD - [2013/01/15 23:23:59 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_23166473\system.drawing.dll
MOD - [2013/01/15 23:23:58 | 001,929,216 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b34c0413\system.dll
MOD - [2013/01/15 23:23:57 | 001,462,272 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.design\1.0.5000.0__b03f5f7f11d50a3a_80013c6a\system.design.dll
MOD - [2013/01/15 23:23:56 | 003,289,088 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_cf3d0ed1\mscorlib.dll
MOD - [2013/01/15 23:23:32 | 002,039,808 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2013/01/15 23:23:32 | 001,335,296 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2013/01/15 23:23:32 | 000,569,344 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll
MOD - [2013/01/15 23:23:31 | 001,245,184 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2013/01/15 23:23:31 | 001,216,512 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013/01/15 23:23:31 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013/01/15 23:23:31 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2013/01/15 23:23:30 | 001,699,840 | ---- | M] () -- c:\windows\assembly\gac\system.design\1.0.5000.0__b03f5f7f11d50a3a\system.design.dll
MOD - [2013/01/15 23:23:30 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Arquivos de Programas\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Arquivos de Programas\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/28 16:34:04 | 000,022,424 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2010/07/28 16:02:58 | 000,658,432 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/06/23 17:12:28 | 007,187,456 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/06/23 17:11:52 | 000,325,632 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/06/23 17:11:48 | 001,954,304 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/06/23 17:11:48 | 000,847,360 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/06/23 16:38:18 | 000,119,808 | ---- | M] () -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2009/07/13 22:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2007/06/29 14:03:30 | 000,221,184 | ---- | M] () -- c:\Arquivos de Programas\GameSpy\Comrade\156\GPNET.dll
MOD - [2007/06/29 14:03:30 | 000,021,504 | ---- | M] () -- c:\Arquivos de Programas\GameSpy\Comrade\156\NetDetect.dll
MOD - [2007/06/29 14:03:28 | 000,434,176 | ---- | M] () -- c:\Arquivos de Programas\GameSpy\Comrade\156\GameSpy.VEngine.dll
MOD - [2007/06/29 14:02:42 | 000,057,344 | ---- | M] () -- c:\Arquivos de Programas\GameSpy\Comrade\156\DetectLib.dll
========== Services (SafeList) ========== SRV - [2013/07/09 22:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/08 01:59:26 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/07/03 18:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/06/28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Arquivos de Programas\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/06/15 18:24:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de Programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 01:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Arquivos de Programas\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de Programas\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/10/02 11:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/03/02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Arquivos de Programas\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012/03/02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012/02/11 09:14:00 | 000,105,048 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010/11/20 09:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/07/28 16:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Arquivos de Programas\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Arquivos de Programas\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/23 00:08:48 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Arquivos de Programas\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/03/30 02:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Arquivos de Programas\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV - [2009/03/30 02:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2009/03/30 02:23:24 | 000,366,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Arquivos de Programas\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{06B4C656-3ADE-46CA-B30A-16392086B6BC}\MpKslae3b1baa.sys -- (MpKslae3b1baa)
DRV - [2013/06/21 09:02:43 | 009,069,344 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/02/25 02:27:46 | 000,154,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/05/12 11:31:00 | 000,099,400 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2010/11/20 07:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/04 16:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- D:\Arquivos de Programas\unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/03/30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{B589D909-8A4C-4687-9669-2F0E02DE3BDB}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://br.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 4D 5F A5 5D B1 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {29acf17c-1713-4286-8f40-bfd05f1e70c8} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://searchab.com/...q={searchTerms}IE - HKCU\..\SearchScopes\{480B6AF9-9C3E-477E-98B8-4739C313275E}: "URL" =
http://websearch.ask...30-DD1644BF7DE2IE - HKCU\..\SearchScopes\{B589D909-8A4C-4687-9669-2F0E02DE3BDB}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Arquivos de Programas\Itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pedro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
[2012/10/23 18:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Firefox\extensions
[2012/10/23 18:31:13 | 000,000,000 | ---D | M] (BittorrentBar_PT) -- C:\Users\Pedro\AppData\Roaming\mozilla\Firefox\extensions\{29acf17c-1713-4286-8f40-bfd05f1e70c8}
========== Chrome ========== CHR - homepage:
CHR - Extension: No name found = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bommelfnddjcbmbcfhmhjikpfphlebjh\1.0.0.1_0\
CHR - Extension: No name found = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: No name found = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejpcolehiecjkanilhmblkbndaomhpc\2.3.19.11_0\
CHR - Extension: No name found = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: No name found = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\
O1 HOSTS File: ([2009/06/10 18:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AllShareAgent] C:\Arquivos de Programas\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Arquivos de Programas\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe (OOO Industry)
O4 - HKLM..\Run: [SwitchBoard] C:\Arquivos de Programas\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Comrade.exe] C:\Arquivos de Programas\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
O4 - HKCU..\Run: [EADM] D:\Arquivos de Programas\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShutDown After.lnk = C:\Arquivos de Programas\ShutDown After\SA.exe (Vicky's Cool Softwares)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Arquivos de Programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B515056-FD66-40FF-AFF2-7AEF127B7746}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de Programas\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\magnipic\sprote~1.dll) - c:\Arquivos de Programas\MagniPic\sprotector.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/05 01:14:14 | 000,003,072 | -H-- | M] () - C:\Auto.dll -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/07/17 14:55:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/16 19:46:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\ParetoLogic
[2013/07/16 19:46:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\DriverCure
[2013/07/16 19:46:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2013/07/16 00:39:02 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\Malwarebytes
[2013/07/16 00:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/16 00:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/16 00:37:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/07/16 00:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/07/16 00:37:32 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\Programs
[2013/07/11 22:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2013/07/11 22:42:15 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Guild Wars 2
[2013/07/11 16:09:23 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/07/11 16:09:22 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/07/11 16:09:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/07/11 16:09:22 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/07/11 16:09:21 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/07/11 16:09:21 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/07/11 16:09:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/07/11 16:09:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/07/11 16:09:21 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/07/11 16:09:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/07/11 14:51:18 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/07/11 14:51:17 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/07/11 14:51:16 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013/07/11 14:51:15 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/07/08 01:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BattlEye
[2013/07/08 01:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
[2013/07/08 01:27:37 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\DayZCommander
[2013/07/08 01:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
[2013/07/08 01:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\Dotjosh Studios
[2013/07/06 15:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/07/06 02:52:07 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\NVIDIA
[2013/07/06 02:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013/07/06 01:58:38 | 000,154,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2013/07/06 01:58:38 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2013/07/06 01:58:36 | 021,102,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013/07/06 01:58:36 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/07/06 01:58:35 | 009,069,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/07/06 01:58:35 | 007,687,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/07/06 01:58:35 | 002,777,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/07/06 01:58:35 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/07/06 01:58:35 | 001,024,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3232049.dll
[2013/07/06 01:58:35 | 000,893,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3232049.dll
[2013/07/06 01:58:35 | 000,467,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2013/07/06 01:58:35 | 000,465,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2013/07/06 01:58:35 | 000,214,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2013/07/06 01:58:35 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2013/07/06 01:58:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/06/21 05:16:02 | 000,566,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
========== Files - Modified Within 30 Days ========== [2013/07/17 14:58:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/17 14:57:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/17 14:57:36 | 2818,023,424 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/17 14:45:06 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/17 14:45:06 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/17 04:24:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/17 04:05:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/16 19:40:06 | 312,069,829 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/07/16 00:37:54 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/15 18:29:09 | 000,001,305 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/07/13 20:44:48 | 000,139,032 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013/07/13 20:44:37 | 000,290,184 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2013/07/13 20:44:08 | 000,280,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2013/07/11 22:42:46 | 000,000,645 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2013/07/11 21:23:38 | 003,661,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/08 01:26:42 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2013/06/21 09:02:43 | 021,102,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013/06/21 09:02:43 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/06/21 09:02:43 | 013,411,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2013/06/21 09:02:43 | 012,427,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2013/06/21 09:02:43 | 009,069,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/06/21 09:02:43 | 007,687,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/06/21 09:02:43 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/06/21 09:02:43 | 002,777,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/06/21 09:02:43 | 002,597,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2013/06/21 09:02:43 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/06/21 09:02:43 | 001,024,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3232049.dll
[2013/06/21 09:02:43 | 000,925,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2013/06/21 09:02:43 | 000,893,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3232049.dll
[2013/06/21 09:02:43 | 000,467,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2013/06/21 09:02:43 | 000,465,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2013/06/21 09:02:43 | 000,214,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2013/06/21 09:02:43 | 000,181,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2013/06/21 09:02:43 | 000,016,437 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2013/06/21 06:52:51 | 004,192,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2013/06/21 06:52:51 | 003,045,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2013/06/21 06:52:48 | 002,555,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2013/06/21 06:52:48 | 000,062,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2013/06/21 06:52:47 | 000,223,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2013/06/21 05:16:02 | 000,566,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2013/06/19 13:14:17 | 003,253,909 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin
========== Files Created - No Company Name ========== [2013/07/16 00:37:54 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/11 22:42:46 | 000,000,645 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2013/07/08 01:26:42 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\DayZ Commander.lnk
[2013/07/06 02:51:23 | 000,001,305 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/03/08 15:28:20 | 000,009,216 | ---- | C] () -- C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/15 23:25:14 | 000,000,093 | ---- | C] () -- C:\Users\Pedro\AppData\Local\fusioncache.dat
[2013/01/15 22:15:19 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2013/01/15 22:07:37 | 003,253,909 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012/10/24 04:30:10 | 000,139,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/10/24 04:30:10 | 000,022,328 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\PnkBstrK.sys
[2012/10/24 04:29:43 | 000,290,184 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/10/24 04:29:42 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
========== ZeroAccess Check ========== [2009/07/14 01:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 09:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 22:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Extras.txtOTL Extras logfile created on: 17/07/2013 15:01:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pedro\Downloads
Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,50 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 56,15% Memory free
7,00 Gb Paging File | 5,20 Gb Available in Paging File | 74,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,39 Gb Total Space | 48,69 Gb Free Space | 46,64% Space Free | Partition Type: NTFS
Drive D: | 361,27 Gb Total Space | 14,93 Gb Free Space | 4,13% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 70,29 Mb Free Space | 70,29% Space Free | Partition Type: NTFS
Computer Name: PEDRO-PC | User Name: Pedro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- D:\Arquivos de Programas\photoshop\Adobe Photoshop CS6 Extended\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00736D67-3BD1-4810-9590-4692959726F6}" = lport=3702 | protocol=17 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0063CED2-AB05-4498-B38E-03CDB68EC313}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{03C4EC75-566C-4FA0-9C4E-FC6CE728D688}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{076608D9-50BD-410E-A47A-14B85132ED79}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\danirox95\source sdk base 2007\hl2.exe |
"{08A1E7C2-F506-4588-A361-111938EF193D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{08C5A692-0281-47EB-BB53-9D682FB79636}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{0A616F2D-E9DB-4258-BD0D-ED469826C8B9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{0F1E8697-D34C-465B-A24B-D351FCDA5694}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{109DD450-029F-40E3-81EC-D76EE6A58BF3}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{127EFC46-53A8-4406-BF7C-B9D1EA0FF389}" = dir=in | app=c:\program files\samsung\allshare\allshareagent.exe |
"{172E1661-9B0F-4C9F-9E40-065F3525A3B6}" = protocol=6 | dir=in | app=d:\arquivos de programas\cracked games\half-life\hl.exe |
"{1865EAF8-527B-43A3-959B-5EDC54125A44}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{18E109E6-CD2D-463F-9A1B-2C54333ADCBE}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{1AC86832-4EA0-4B67-A46A-990DC9E2DFC7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{1E4E5006-C2B4-4EAC-9119-24B234B9D6CD}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2\arma2.exe |
"{1EEEEFC4-4F8F-45F8-A3A9-B342FE7E20BF}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{214E522E-5EC5-45FA-8C52-24DE53587396}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{222E2455-CAD8-4C45-A874-B95B3447AE2E}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{225FA0C6-53E5-48E8-98B1-64A1AD293B32}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{28605FBA-0C24-40D1-A4E2-4C7184349AE6}" = protocol=6 | dir=in | app=d:\arquivos de programas\guild wars 2\gw2.exe |
"{293D1089-32D1-497C-BCF9-1DFB9C5927F2}" = protocol=17 | dir=in | app=c:\users\pedro\appdata\local\temp\gw2.exe |
"{2A72C73D-8B08-4AA2-8035-E7823AE4841C}" = protocol=6 | dir=in | app=d:\arquivos de programas\cracked games\torchlight.ii-reloaded\torchlight ii\torchlight2.exe |
"{2DABDC62-CB51-4FED-BD4B-96027E0518F8}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{355C44D4-0CE9-4CD9-8FF3-35C687C0C39D}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\crysis\bin32\crysis.exe |
"{36F666E0-C785-4D90-AFB7-2971A13CCA63}" = protocol=17 | dir=in | app=d:\arquivos de programas\origin games\battlefield 3\bf3.exe |
"{37B1D453-374F-44DA-8425-CCB1F81D7B90}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{41527A2E-8218-4DEC-B6AD-2A35AF2B51DD}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{41907F2E-3AE1-4A38-AABF-0374D956E1C9}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{456DF198-AD63-4827-8A09-F68ECCCE6DD7}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{49AC433D-3AB3-4296-9181-E8F1583A8C0F}" = dir=in | app=d:\arquivos de programas\itunes\itunes.exe |
"{4E342053-3B1B-44C7-AF42-B9EA1A4A5D5F}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\the witcher 2\launcher.exe |
"{4EFDB2A1-EB4B-4B7B-8C79-CF8A15E60403}" = protocol=6 | dir=in | app=c:\users\pedro\appdata\local\temp\gw2.exe |
"{50A568CA-9064-4D7A-BA0E-C83807441966}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{55732554-4684-471F-AA67-7B722B490D74}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\danirox95\counter-strike source\hl2.exe |
"{5CA19292-52CA-4575-9BB2-21B5580C497E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D56442E-9255-4C10-B80B-F3FE514EE6A7}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{60454189-F950-4CB3-86E6-11C2DD8BB0F3}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steam.exe |
"{615ED410-8D87-4769-AFE2-12F709EE58C1}" = dir=in | app=c:\program files\samsung\allshare\allsharedms\allsharedms.exe |
"{62637DD1-3629-4A7B-A423-2A2085BA9675}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{62656B81-F218-4C39-B2D9-6D7EDE1A24DE}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\magicka\magicka.exe |
"{642E0E87-5C18-4003-AFAB-BFDFC1FCE2DC}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{64664AEB-559E-41D5-A7DA-01FB2C45F581}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{652AA84C-3DDF-45F1-918D-C82AA4090D5F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{664F07F8-9E67-4314-B019-3E96B4C7AAD9}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{6697CC43-F92A-4136-A744-DC73448CCE40}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{673298F7-9A21-46F8-93CD-8F68F5309327}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{6778FD4C-8D08-4AEC-AB63-293CDA0FAEBD}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6A563CFF-049D-4FF9-A6C6-052A6F398834}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{6FE59EF8-D9A4-4C86-8CD9-56AC08DAFAD5}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\the witcher 2\launcher.exe |
"{71975E73-E4EA-47D3-874F-7FC0820C22B7}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{75132AAD-8313-4198-8643-37470FE58CD4}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{7CCB5835-AF77-4FD7-8785-BE17BE6D0441}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\magicka\magicka.exe |
"{7D7C7526-2C59-4A6F-9604-A9ECC82F0E4C}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{84704BED-1612-46E1-B35D-468FBDBB8D33}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8BA6B697-D516-47D4-8FE1-AB31C6D150D9}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2\arma2.exe |
"{8D7915C0-146B-47D2-8764-37273E90689D}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{93C86B7B-908C-4A43-9DB4-859BD47416FC}" = protocol=17 | dir=in | app=d:\arquivos de programas\cracked games\torchlight.ii-reloaded\torchlight ii\torchlight2.exe |
"{97923394-648B-4201-88F5-6E2B53FC7574}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{97D6ADBE-B5ED-44B6-94C5-F4A3126C0023}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{9C1CBFA3-0D54-4A66-A949-AAA876A5F06F}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\counter-strike source\hl2.exe |
"{A0D427EE-A8A0-43EB-B612-CA2DF04CD7E7}" = dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{A1047E3D-C0BB-4772-A0A4-E70EFF047492}" = dir=in | app=c:\program files\samsung\allshare\allshare.exe |
"{A716B7E8-99A7-4227-9826-54FDB1018D6D}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{A73434B4-E9D3-4319-A131-CB9DD4CC8D51}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{AE046DAD-D070-4CD1-912C-153F866EB393}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{B0731089-6CBE-4A9E-A5FB-43BA7215EF70}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\danirox95\source sdk base 2007\hl2.exe |
"{B8B831AB-B8B1-4AE7-BA8E-C83F16A34B73}" = protocol=17 | dir=in | app=d:\arquivos de programas\cracked games\half-life\hl.exe |
"{B97AACE7-F324-4330-B60E-F92BE60B668A}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\danirox95\counter-strike source\hl2.exe |
"{B99A01CD-CF5B-4090-9EA0-87FC84C0CDCD}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{BC641A20-7643-4329-90EB-395D9D5B0F20}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{BE0A1A57-A7CD-4352-91ED-47BFF7BBD441}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2\arma2.exe |
"{BE457E44-D4D5-41BB-9EE1-D6759D3BF886}" = protocol=58 | dir=in | app=system |
"{BEA69882-2022-4E9D-9C05-54E6B2701FF0}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{C3F16F21-E600-4195-8F4F-F0AA5D2851D7}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{C56157B9-95E0-49A8-8B98-F09CD5E85ECA}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steam.exe |
"{CAF0EFD9-1580-4409-B19D-F61DDF8DCCE9}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2\arma2.exe |
"{CC2F3F7D-25C9-4C3E-B6D2-C391F0CDE276}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{D0BC0809-D4C3-4423-A306-92D7CD0A049D}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{D77920BB-FB61-425A-B4B4-15FFFF03D4CE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DBCDA1C4-F842-48C4-A808-518979B65885}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\counter-strike source\hl2.exe |
"{DED61E49-4748-413C-AE20-34B2E470843B}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{E370388B-A9B7-4741-A3C7-80792564C151}" = protocol=6 | dir=in | app=d:\arquivos de programas\origin games\battlefield 3\bf3.exe |
"{E5765AC6-30FC-4A53-9928-C30011168C64}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{E6701C6D-3F05-4674-8320-979098F47889}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EA7BB3FC-0F95-4DBB-A6BF-E88FC64E22B7}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\crysis\bin32\crysis.exe |
"{F90C0DE6-0878-4D3A-8F38-20F71DE520AA}" = protocol=17 | dir=in | app=d:\arquivos de programas\guild wars 2\gw2.exe |
"{FBF6EE9C-B786-4A3A-B463-9511611C1643}" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{FC907EA0-9AB4-4851-ABAE-05744964299C}" = protocol=58 | dir=out |
[email protected],-503 |
"{FD9DBA9B-5E19-45DD-A402-22D243031818}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{FE5BCBAF-C58C-496E-BB92-026DC9416E27}" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"TCP Query User{4064670F-7667-4D71-AC3D-09F6BC2612B5}C:\users\pedro\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\pedro\appdata\local\temp\gw2.exe |
"TCP Query User{44D4DB6B-2CD4-4598-B78F-A87D222ABA53}D:\arquivos de programas\steam\steamapps\danirox95\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\danirox95\counter-strike source\hl2.exe |
"TCP Query User{47428205-11EF-481B-BEA1-C481036887BF}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{49904E86-0565-4FC4-95DA-09A23D931DB5}D:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{A716A9D9-3FFF-4DA7-B611-6A64323F913E}D:\arquivos de programas\cracked games\half-life\hl.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\cracked games\half-life\hl.exe |
"TCP Query User{CA5A4683-AB40-4D50-9CD6-68DD99E2C030}D:\arquivos de programas\cracked games\slender - survival\survivers_beta_3.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\cracked games\slender - survival\survivers_beta_3.exe |
"TCP Query User{D23030ED-0A49-4FC1-A2AA-E5DE7644CFEB}D:\arquivos de programas\cracked games\torchlight.ii-reloaded\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\cracked games\torchlight.ii-reloaded\torchlight ii\torchlight2.exe |
"TCP Query User{EEAC89A9-0F0D-433E-B5CC-9D5245507CC2}D:\arquivos de programas\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\guild wars 2\gw2.exe |
"TCP Query User{F2D3833D-AF96-4B2B-8765-92B798AF1D8B}D:\arquivos de programas\dayz updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=d:\arquivos de programas\dayz updater\tools\bin\rsync.exe |
"UDP Query User{0FE4E565-9276-4F19-AC70-87109C76027E}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{15FED930-A367-479B-A9F9-0C9D83A1D4CE}D:\arquivos de programas\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\guild wars 2\gw2.exe |
"UDP Query User{459929F1-2F2F-40B2-B4BF-1748C9A7B9D4}D:\arquivos de programas\dayz updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\dayz updater\tools\bin\rsync.exe |
"UDP Query User{76FE396B-B6D5-4079-8ADB-B7EEA025D9D8}D:\arquivos de programas\cracked games\half-life\hl.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\cracked games\half-life\hl.exe |
"UDP Query User{9CA795D0-D95F-4223-B05A-3C065426BFAE}D:\arquivos de programas\steam\steamapps\danirox95\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\danirox95\counter-strike source\hl2.exe |
"UDP Query User{BDB35906-507A-431B-80CE-6F326E6C02A2}D:\arquivos de programas\cracked games\torchlight.ii-reloaded\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\cracked games\torchlight.ii-reloaded\torchlight ii\torchlight2.exe |
"UDP Query User{E82E67BB-052D-41FD-B21D-F494CDEFE608}D:\arquivos de programas\cracked games\slender - survival\survivers_beta_3.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\cracked games\slender - survival\survivers_beta_3.exe |
"UDP Query User{E8CF7406-3D64-454B-A4B3-B6714FF62BDD}C:\users\pedro\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\pedro\appdata\local\temp\gw2.exe |
"UDP Query User{F0653CED-75A4-4BF7-A481-6E34ED0837F0}D:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\arquivos de programas\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0ACC2993-2058-4BE7-9A92-9DCDAA9B3412}" = LogMeIn Hamachi
"{0B74EC0B-2A85-4542-A167-3DE2132E7DAA}" = DayZ Commander
"{1410622D-CB02-412C-B55A-735CB77D40A3}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{30C27CAE-9266-3B47-837D-193C16EDB811}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.1001
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{413DEAF3-BDDA-4BFF-AFFF-8CDF52B40316}" = Play withSIX
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}" = Microsoft SQL Server 2012 Command Line Utilities
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49402ED1-A795-4435-A745-1B781BE621A6}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{526b1417-92c1-3737-8247-4abc49ccc8e4}" = Python 3.3.0
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Suporte para Aplicativos Apple
"{5E591A43-4424-417D-946D-C0A7559989A1}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76D41CE5-95B9-47E4-A50F-DD9BAD373E13}" = MagniPic
"{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}" = Microsoft SQL Server Compact 4.0 SP1 ENU
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{83C7F964-AC58-4104-B613-B4D0F61DA8CD}" = Microsoft SQL Server 2012 Native Client
"{84F3F00F-CCA9-43B3-A493-1E2757649848}_is1" = Lucius 1.01.3173
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{942E5137-7517-3B37-9FC0-CC7519125446}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.3
"{AFA4B0BF-3289-495A-B949-BA91F39B1A44}" = Entity Framework Designer for Visual Studio 2012 - enu
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver do 3D Vision 320.49
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver de controle do 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver de áudio HD 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D29C7866-E142-3557-95F3-B76F8E655481}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D9DA2981-3298-4F1A-9192-F2CF5BD91145}" = Microsoft SQL Server 2012 Express LocalDB
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E1C13D5C-2907-454D-A7A6-61253A221FAA}" =
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E6F012B0-E930-11E0-A67A-F04DA23A5C58}" = Vegas Pro 11.0
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"BitTorrent" = BitTorrent
"ESN Sonar-0.70.4" = ESN Sonar
"Free iPod Video Converter_is1" = Free iPod Video Converter V 3.0
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"LogMeIn Hamachi" = LogMeIn Hamachi
"MagniPic" =
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Minecraft 1.4.5" = Minecraft 1.4.5
"Minecraft1.4.7" = Minecraft1.4.7
"No Time To Explain1.0" = No Time To Explain
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PrivitizeVPN" = PrivitizeVPN
"PunkBusterSvc" = PunkBuster Services
"ShutDown After_is1" = ShutDown After 3.0
"Sniper Elite V2_is1" = Sniper Elite V2
"SP_d8283021" =
"SPlayer" = SPlayer
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 218" = Source SDK Base 2007
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Torchlight II © Runic Games_is1" = Torchlight II © Runic Games version 1
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 16/07/2013 20:07:30 | Computer Name = Pedro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15086
Error - 16/07/2013 20:07:30 | Computer Name = Pedro-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15086
Error - 16/07/2013 22:08:45 | Computer Name = Pedro-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: Gw2.exe, versão: 1.0.0.1, carimbo de
hora: 0x51e4921e Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725, carimbo
de hora: 0x4ec49b60 Código de exceção: 0xc0000374 Deslocamento com falha: 0x000c380b
Identificação
do processo com falha: 0x3d0 Hora de início do aplicativo com falha: 0x01ce828e5179d511
Caminho
do aplicativo com falha: D:\Arquivos de Programas\Guild Wars 2\Gw2.exe FCaminho
do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: cf240a70-ee85-11e2-8858-0025111e0747
Error - 17/07/2013 00:05:11 | Computer Name = Pedro-PC | Source = Application Hang | ID = 1002
Description = O programa Gw2.exe versão 1.0.0.1 parou de interagir com o Windows
e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique
o histórico de problemas no painel de controle da Central de Ações. ID de Processo:
758 Hora de Início: 01ce829c7152b83f Hora de Término: 154 Caminho do Aplicativo: D:\Arquivos
de Programas\Guild Wars 2\Gw2.exe Id do Relatório:
Error - 17/07/2013 01:55:03 | Computer Name = Pedro-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: Gw2.exe, versão: 1.0.0.1, carimbo de
hora: 0x51e4921e Nome do módulo de falhas: ntdll.dll, versão: 6.1.7601.17725, carimbo
de hora: 0x4ec49b60 Código de exceção: 0xc0000374 Deslocamento com falha: 0x000c380b
Identificação
do processo com falha: 0x3f4 Hora de início do aplicativo com falha: 0x01ce82a72a3276b1
Caminho
do aplicativo com falha: D:\Arquivos de Programas\Guild Wars 2\Gw2.exe FCaminho
do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll Identificação do Relatório: 6c199e33-eea5-11e2-8858-0025111e0747
Error - 17/07/2013 02:51:56 | Computer Name = Pedro-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17/07/2013 13:40:05 | Computer Name = Pedro-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 17/07/2013 13:40:08 | Computer Name = Pedro-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: AllShareDMS.exe, versão: 2.1.1.0, carimbo
de hora: 0x4f507dcf Nome do módulo de falhas: ContentDirectoryPresenter.dll, versão:
0.0.0.0, carimbo de hora: 0x4f44965d Código de exceção: 0xc0000005 Deslocamento com
falha: 0x0006c7ef Identificação do processo com falha: 0x150c Hora de início do aplicativo
com falha: 0x01ce8314a617bcde Caminho do aplicativo com falha: C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FCaminho
do módulo de falhas: C:\Program Files\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
Identificação
do Relatório: ebae0fc1-ef07-11e2-af48-0025111e0747
Error - 17/07/2013 14:00:12 | Computer Name = Pedro-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 17/07/2013 14:00:14 | Computer Name = Pedro-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: AllShareDMS.exe, versão: 2.1.1.0, carimbo
de hora: 0x4f507dcf Nome do módulo de falhas: ContentDirectoryPresenter.dll, versão:
0.0.0.0, carimbo de hora: 0x4f44965d Código de exceção: 0xc0000005 Deslocamento com
falha: 0x0006c7ef Identificação do processo com falha: 0x6e0 Hora de início do aplicativo
com falha: 0x01ce831775403553 Caminho do aplicativo com falha: C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FCaminho
do módulo de falhas: C:\Program Files\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
Identificação
do Relatório: ba9fe709-ef0a-11e2-861b-0025111e0747
[ System Events ]
Error - 15/07/2013 22:52:45 | Computer Name = Pedro-PC | Source = Disk | ID = 262151
Description = O dispositivo, \Device\Harddisk0\DR0, possui um bloco defeituoso.
Error - 16/07/2013 00:04:13 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço Samsung AllShare PC foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).
Error - 16/07/2013 16:25:32 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço Samsung AllShare PC foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).
Error - 16/07/2013 18:13:16 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço Samsung AllShare PC foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).
Error - 16/07/2013 18:40:13 | Computer Name = Pedro-PC | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 19:38:33 às ?16/?07/?2013 não
era esperado.
Error - 16/07/2013 18:40:18 | Computer Name = PEDRO-PC | Source = BugCheck | ID = 1001
Description =
Error - 16/07/2013 18:43:24 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço Samsung AllShare PC foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).
Error - 17/07/2013 13:40:13 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço Samsung AllShare PC foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).
Error - 17/07/2013 13:55:47 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço NVIDIA Display Driver Service foi encerrado inesperadamente.
Isso aconteceu 1 vez(es).
Error - 17/07/2013 14:00:20 | Computer Name = Pedro-PC | Source = Service Control Manager | ID = 7034
Description = O serviço Samsung AllShare PC foi encerrado inesperadamente. Isso
aconteceu 1 vez(es).
< End of report >
aswMBR log:aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-17 15:10:33
-----------------------------
15:10:33.487 OS Version: Windows 6.1.7601 Service Pack 1
15:10:33.487 Number of processors: 3 586 0x402
15:10:33.488 ComputerName: PEDRO-PC UserName: Pedro
15:10:36.983 Initialize success
15:27:54.073 AVAST engine defs: 13071701
15:29:41.524 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:29:41.530 Disk 0 Vendor: ST3500418AS CC34 Size: 476940MB BusType: 3
15:29:41.612 Disk 0 MBR read successfully
15:29:41.619 Disk 0 MBR scan
15:29:41.709 Disk 0 Windows 7 default MBR code
15:29:41.726 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:29:41.766 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 106900 MB offset 206848
15:29:41.809 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 369938 MB offset 219138048
15:29:41.844 Disk 0 scanning sectors +976771072
15:29:41.973 Disk 0 scanning C:\Windows\system32\drivers
15:29:58.407 Service scanning
15:30:09.774 Service MpKsl92eaef50 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ADE2BAD2-0233-4EAD-B17A-6469612E317B}\MpKsl92eaef50.sys **LOCKED** 32
15:30:32.032 Modules scanning
15:30:40.955 Disk 0 trace - called modules:
15:30:40.981 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:30:40.985 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86529030]
15:30:40.990 3 CLASSPNP.SYS[8c98c59e] -> nt!IofCallDriver -> [0x8603d918]
15:30:40.995 5 ACPI.sys[8c4463d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85734908]
15:30:41.856 AVAST engine scan C:\Windows
15:30:43.871 AVAST engine scan C:\Windows\system32
15:35:41.924 AVAST engine scan C:\Windows\system32\drivers
15:36:00.262 AVAST engine scan C:\Users\Pedro
15:37:49.030 Disk 0 MBR has been saved successfully to "C:\Users\Pedro\Downloads\MBR.dat"
15:37:49.097 The log file has been saved successfully to "C:\Users\Pedro\Downloads\aswMBR.txt"
Edited by vermelho3, 17 July 2013 - 02:22 PM.