OK. Then we have to point Windows at the folder when it tries to install the driver. If you delete the atheros under Network adapters and reboot it should find it and it should ask you where to find the files since it doesn't have them. Point it at the folder you extracted.
Internet problems and bluescreen
#16
Posted 07 January 2015 - 11:34 AM
#17
Posted 07 January 2015 - 12:13 PM
Wow, i cleaned the vent and suddenly, after deleting atheros again and rebooting, my internet started working again! It's a miracle. If the bluescreen doesn't appear the problem is almost solved. The only problem left is the com surrogate one. Also, before the surrogate problem there's another error that appears just 1 time saying: "Host process for windows services stopped working and was closed" when i open Skype. The surrogate problem appears with many things but the host problem appears just with skype ( or maybe it's because skype is the first thing i open and the problem just appears 1 time only)
#18
Posted 07 January 2015 - 01:08 PM
A cool PC is a happier PC!
I expect Windows found the drivers we just downloaded. Sometimes you get lucky.
Since the problem appears to be related to Skype, I would uninstall Skype, download a brand new version and reinstall. (watch out for the adware/optional programs they have started throwing in)
#19
Posted 07 January 2015 - 02:18 PM
But the COM Surrogate problem happens with everything and appears multiple times, just that "Host process for windows services stopped working and was closed" happens with skype. I will try the reinstall though.
Edit: Ok, the host problem is gone, but the com surrogate one happens everytime everywhere (with skype it appears 5 or 6 times).
Edited by Vicdd, 07 January 2015 - 02:28 PM.
#20
Posted 09 January 2015 - 08:22 AM
So... no solution?
I guess it's related to pictures or thumbnails.
#21
Posted 09 January 2015 - 09:00 AM
Let's look at the files in question and see what version they are:
/md5start DllHost.exe ESENT.dll /md5stop
#22
Posted 10 January 2015 - 04:38 PM
Here:
OTL logfile created on: 2015/01/10 20:01:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Victor\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: yyyy/MM/dd
3,93 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 36,97% Memory free
4,97 Gb Paging File | 1,79 Gb Available in Paging File | 36,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,40 Gb Total Space | 5,78 Gb Free Space | 1,94% Space Free | Partition Type: NTFS
Drive D: | 287,67 Gb Total Space | 2,38 Gb Free Space | 0,83% Space Free | Partition Type: NTFS
Computer Name: WIN7-PC | User Name: Victor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Victor\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe (Adobe Systems, Inc.)
PRC - C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.124\deploy\LolClient.exe ()
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski)
PRC - C:\Users\Victor\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Users\Victor\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Users\Victor\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
========== Modules (No Company Name) ==========
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe ()
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\RiotLauncher.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_ac3\foo_ac3.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_input_dvda\foo_input_dvda.dll ()
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.124\deploy\LolClient.exe ()
MOD - C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.124\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_input_sacd\foo_input_sacd.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\aswProperty.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_input_vio2sf\foo_input_vio2sf.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_abx\foo_abx.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_gep\foo_gep.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_input_monkey\foo_input_monkey.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_input_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\shared.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_converter.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_cdda.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_fileops.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_unpack.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_convolve\foo_convolve.dll ()
MOD - C:\Users\Victor\AppData\Roaming\foobar2000\user-components\foo_out_wasapi\foo_out_wasapi.dll ()
MOD - C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_tags.dll ()
MOD - C:\Program Files (x86)\foobar2000\zlib1.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_quicksearch.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_simplaylist.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_channel_mixer.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_vst.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_input_tta.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_quicktag.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_dolbyhp.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_mm.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Corel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E2 E8 75 FC B2 C4 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Victor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/01/04 11:33:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/01/26 11:42:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\Extensions
[2015/01/07 18:24:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\Firefox\Profiles\mknxlisv.default\extensions
[2014/12/22 18:42:47 | 000,433,727 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\[email protected]
[2014/12/23 12:55:51 | 004,178,155 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\[email protected]
[2014/10/21 20:40:47 | 000,537,656 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2014/06/07 21:30:00 | 000,013,460 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\{1fc895a6-2042-46ec-a61b-233165b4c218}.xpi
[2014/12/08 21:54:54 | 000,202,127 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2014/11/12 21:29:02 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/10/30 13:24:55 | 000,304,000 | ---- | M] () (No name found) -- C:\Users\Victor\AppData\Roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/12/09 16:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/12/09 16:32:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/12/09 16:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\[email protected]
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eecoahjklhopckkiefihjloeidikepdh\0.4.2_0\
CHR - Extension: No name found = C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2009/06/10 19:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [f.lux] C:\Users\Victor\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Victor\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\Victor\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06E8340F-951A-42D3-8D4E-E6D66F40258E}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE9E0649-6612-489D-9CD2-EAF341CC01D4}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/01/09 09:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2015/01/07 18:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/01/07 18:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/01/07 18:25:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015/01/07 12:37:52 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/07 12:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/01/07 12:37:10 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/01/07 12:37:10 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/01/07 12:37:10 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/01/07 12:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/01/07 12:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/01/06 22:30:10 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
[2015/01/06 22:13:19 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2015/01/06 22:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2015/01/06 22:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2015/01/05 23:08:45 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2015/01/05 22:50:49 | 000,000,000 | ---D | C] -- C:\FRST
[2015/01/05 18:19:08 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015/01/02 18:39:07 | 000,000,000 | ---D | C] -- C:\Users\Victor\Documents\Klei
[2015/01/02 12:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by Decepticon
[2015/01/02 12:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\by Decepticon
[2014/12/19 13:26:27 | 000,000,000 | ---D | C] -- C:\Users\Victor\AppData\Roaming\Siggy Holiday - Freebird Games
[2014/12/15 12:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FTL
[2014/12/11 22:23:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/05/15 15:24:48 | 000,607,664 | ---- | C] (Neople inc) -- C:\Users\Victor\AppData\Local\DFOIns.exe
[2014/05/15 15:24:21 | 000,477,104 | ---- | C] (Neople inc) -- C:\Users\Victor\AppData\Local\NeopleCustomURLStarter.exe
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/01/10 20:02:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/10 19:47:33 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/01/10 09:33:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/01/08 11:35:01 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/08 11:35:01 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/08 11:29:30 | 000,437,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/01/08 11:29:04 | 3162,918,912 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/08 11:12:01 | 001,609,232 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/01/08 11:12:01 | 000,708,998 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2015/01/08 11:12:01 | 000,657,414 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/01/08 11:12:01 | 000,148,738 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2015/01/08 11:12:01 | 000,123,226 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/01/08 11:11:42 | 001,609,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/01/07 13:32:30 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/06 22:13:18 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2015/01/02 12:54:59 | 000,001,070 | ---- | M] () -- C:\Users\Victor\Desktop\Dont Starve.lnk
[2014/12/16 21:06:42 | 000,048,582 | ---- | M] () -- C:\Users\Victor\Documents\xin1.jpg
[2014/12/16 21:06:34 | 000,038,402 | ---- | M] () -- C:\Users\Victor\Documents\xin2.jpg
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/01/06 22:13:17 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2015/01/03 21:52:58 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\This War of Mine.lnk
[2015/01/02 12:54:59 | 000,001,070 | ---- | C] () -- C:\Users\Victor\Desktop\Dont Starve.lnk
[2014/12/16 21:06:41 | 000,048,582 | ---- | C] () -- C:\Users\Victor\Documents\xin1.jpg
[2014/12/16 21:06:33 | 000,038,402 | ---- | C] () -- C:\Users\Victor\Documents\xin2.jpg
[2014/12/11 22:23:10 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/08 21:34:07 | 000,000,761 | ---- | C] () -- C:\Users\Victor\AppData\Local\recently-used.xbel
[2014/08/17 21:45:15 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/07/07 17:12:38 | 000,000,057 | ---- | C] () -- C:\Windows\sierra.ini
[2014/06/04 21:48:47 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\IN_SPC.DLL
[2014/06/04 21:48:47 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\SPC700EMU.DLL
[2014/06/04 21:48:47 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\MCISPCDLG.DLL
[2014/06/04 21:48:47 | 000,013,824 | ---- | C] () -- C:\Windows\SysWow64\OUT_WAVE.DLL
[2014/04/08 15:42:56 | 000,021,764 | ---- | C] () -- C:\Windows\SysWow64\CoreAAC-uninstall.exe
[2014/01/29 21:53:44 | 000,007,680 | ---- | C] () -- C:\Users\Victor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/23 16:40:36 | 000,191,860 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/06/16 20:08:05 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/16 20:07:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/03/10 23:41:35 | 000,000,266 | ---- | C] () -- C:\Windows\n02.ini
[2013/01/10 22:02:05 | 001,609,232 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009/07/14 02:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 00:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 23:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 23:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 10:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 23:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ==========
< MD5 for: DLLHOST.EXE >
[2009/07/13 23:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=A63DC5C2EA944E6657203E0C8EDEAF61 -- C:\Windows\SysWOW64\dllhost.exe
[2009/07/13 23:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) MD5=A63DC5C2EA944E6657203E0C8EDEAF61 -- C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe
[2009/07/13 23:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A8EDB86FC2A4D6D1285E4C70384AC35A -- C:\Windows\SysNative\dllhost.exe
[2009/07/13 23:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A8EDB86FC2A4D6D1285E4C70384AC35A -- C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe
< MD5 for: ESENT.DLL >
[2010/11/20 10:19:01 | 001,698,816 | ---- | M] (Microsoft Corporation) MD5=256503028879103E9741A276FA24D65D -- C:\Windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.17514_none_f3ebb0cc8a4dd814\esent.dll
[2011/03/11 04:33:29 | 002,565,632 | ---- | M] (Microsoft Corporation) MD5=522B0466ED967A0762E9AF5B37D8F40A -- C:\Windows\SysNative\esent.dll
[2011/03/11 04:33:29 | 002,565,632 | ---- | M] (Microsoft Corporation) MD5=522B0466ED967A0762E9AF5B37D8F40A -- C:\Windows\winsxs\amd64_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.17577_none_4fcc6da642d93cf5\esent.dll
[2011/03/11 03:33:09 | 001,699,328 | ---- | M] (Microsoft Corporation) MD5=5C3F9DBA818CD93379D1A0F215270374 -- C:\Windows\SysWOW64\esent.dll
[2011/03/11 03:33:09 | 001,699,328 | ---- | M] (Microsoft Corporation) MD5=5C3F9DBA818CD93379D1A0F215270374 -- C:\Windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.17577_none_f3add2228a7bcbbf\esent.dll
[2011/03/11 03:20:09 | 001,699,328 | ---- | M] (Microsoft Corporation) MD5=91F40C9147D0459DAB3432ACF62A7CD8 -- C:\Windows\winsxs\x86_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.21680_none_f4259cfba3a7d619\esent.dll
[2011/03/11 04:10:16 | 002,565,632 | ---- | M] (Microsoft Corporation) MD5=AAA781D30652B714CEDFDF15A1968DA2 -- C:\Windows\winsxs\amd64_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.21680_none_5044387f5c05474f\esent.dll
[2010/11/20 11:26:20 | 002,565,632 | ---- | M] (Microsoft Corporation) MD5=D63F0353F632FB1EDE724173BE6DB5B5 -- C:\Windows\winsxs\amd64_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.17514_none_500a4c5042ab494a\esent.dll
========== Files - Unicode (All) ==========
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\黄昏フロンティア
< End of report >
OTL Extras logfile created on: 2015/01/10 20:01:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Victor\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: yyyy/MM/dd
3,93 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 36,97% Memory free
4,97 Gb Paging File | 1,79 Gb Available in Paging File | 36,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,40 Gb Total Space | 5,78 Gb Free Space | 1,94% Space Free | Partition Type: NTFS
Drive D: | 287,67 Gb Total Space | 2,38 Gb Free Space | 0,83% Space Free | Partition Type: NTFS
Computer Name: WIN7-PC | User Name: Victor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01215449-F479-4ACF-B03E-CFC51EC7E342}" = rport=139 | protocol=6 | dir=out | app=system |
"{0247C4F5-58F0-4A0A-9877-483EECFEE5A9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1480CBB5-6EA1-4960-BF4F-9FD7D8A11512}" = rport=138 | protocol=17 | dir=out | app=system |
"{2A94B82F-1366-415E-9722-80D275112AA1}" = lport=445 | protocol=6 | dir=in | app=system |
"{429BCD57-1EDE-4CCA-8A8E-ED21AC073F33}" = rport=137 | protocol=17 | dir=out | app=system |
"{55A0BA5E-331A-4F8E-8F2B-DD15ACC86B4D}" = lport=137 | protocol=17 | dir=in | app=system |
"{62ED8897-F39F-49CA-966E-B0E95AA4479D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{93747EC0-5399-4E56-BC09-386B78614F04}" = lport=139 | protocol=6 | dir=in | app=system |
"{A4482FB0-2892-486C-BA98-C6641E6095AA}" = rport=445 | protocol=6 | dir=out | app=system |
"{B98CED58-0D4F-4BFD-BCA3-E7FEA93BFC11}" = lport=138 | protocol=17 | dir=in | app=system |
"{C68B5BC8-0F19-4E91-935D-F2BDDB35C267}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{CD71F159-B95A-4CE5-8CB9-9AFD1C6F48D5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CFE813C8-5FAA-4D46-AB71-E095FAE3A35D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E28E8934-F35B-49BB-BF50-20AACAEA95C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E65961E0-424B-4E17-82C6-DAEE246D4EAB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06C1AE43-7BFB-445F-8EE2-16FA61FF84F6}" = protocol=58 | dir=out | [email protected],-28546 |
"{08986382-1AB7-4581-8885-BB8DC6E05BC5}" = protocol=17 | dir=in | app=c:\users\victor\appdata\roaming\utorrent\utorrent.exe |
"{23A7C016-3568-47E0-809C-4D635942C8BF}" = protocol=6 | dir=in | app=d:\steam2\steamapps\common\trine\_enchanted_edition_\trine1_launcher.exe |
"{246CBF1D-6B41-4044-84F9-10D3E4887865}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brotherslauncher.exe |
"{29594BE5-A88E-47BE-BC0F-670224B68342}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A78ED2E-6DFC-4AE3-B7C3-7D80F099A3DF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CD34242-7F5A-47F9-8D3C-6B5A07FD4869}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35324E55-CE7A-42E4-A30E-A83B58E3C7A7}" = protocol=17 | dir=in | app=c:\users\victor\appdata\local\hola\firefox\app\hola_plugin.exe |
"{38812B8C-1377-4AA6-B6B6-C06AA672EA8C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashers\castle.exe |
"{45AC6BAE-89BE-454A-AC52-628557DD3432}" = protocol=1 | dir=out | [email protected],-28544 |
"{475AD719-5DFF-4B19-A979-AEE36D62970A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{529C6B4E-9292-442D-8BED-62AB88699C3B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spelunky\spelunky.exe |
"{5A1366E3-B8CD-472B-9928-611FC7964DC1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{6518D019-8A86-4452-8DD8-C5A324175121}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6712717A-A7E3-4C37-9401-C6614C0BBE03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{716A9B3E-93DC-4533-B9C6-E550A3A445CE}" = protocol=1 | dir=in | [email protected],-28543 |
"{7531932A-D5B8-42A9-ACC9-A8C65F9790B4}" = dir=in | app=c:\users\victor\appdata\local\hola\firefox\app\hola_plugin.exe |
"{80815DF8-BC6B-43BB-A83B-16241E2FCA22}" = protocol=17 | dir=in | app=d:\steam2\steamapps\common\trine\_enchanted_edition_\trine1_launcher.exe |
"{852AF816-F755-481D-893B-25E8D7E56FA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{911A68EC-63DD-42C0-B28E-3CB0B79754BD}" = protocol=6 | dir=in | app=d:\steam2\steamapps\common\portal 2\portal2.exe |
"{921FD01E-756D-424A-B342-B3FF44EB7093}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashers\castle.exe |
"{9435C583-EF5F-4D7C-8EF4-1B469EDAC45C}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{9A9404C1-9F8E-4BFB-B2E7-0F8B7F7CE211}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mark_of_the_ninja\bin\game.exe |
"{9BD265EB-8056-4F5A-9D5A-BD60683FE565}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9D5CEEF5-6F2A-48CD-BA3E-995F957D2DD5}" = protocol=6 | dir=in | app=c:\users\victor\appdata\local\hola\firefox\app\hola_plugin.exe |
"{A0B75DCD-FD46-4D7E-984F-46EDD54AE23B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{A2364B05-8DDE-4CC8-968A-9716061778E4}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{AFE83A7A-1238-49D9-B72C-424799AA0357}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{B1C49452-8C07-4B4B-B5E2-B569C2BCDEDC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dustforce\dustforce.exe |
"{B4DC2AD7-016C-43D4-A347-A5DF897DF356}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brothers.exe |
"{B9EAC1F4-3B64-4BC5-A6F9-235F5C7813A4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brotherslauncher.exe |
"{BE643581-63BF-4FA5-B7F5-860E71B9D96F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spelunky\spelunky.exe |
"{C3B4946A-B588-4A0C-94A1-F940C0C2C54E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skullgirls\skullgirls.exe |
"{CB93B324-5120-444F-9C01-FCA593628522}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brothers - a tale of two sons\binaries\win32\brothers.exe |
"{CE6319B5-6788-45F3-9929-969B3A757C8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D5030A5F-2A24-465D-A591-8096A7569CAA}" = protocol=6 | dir=in | app=c:\users\victor\appdata\roaming\utorrent\utorrent.exe |
"{E1F1870E-4CB5-4FA1-9F7B-53FF9E279E0B}" = dir=in | app=c:\users\victor\appdata\roaming\mozilla\firefox\profiles\mknxlisv.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe |
"{E789FB51-D45A-4EB1-8390-F2042DEF2193}" = protocol=17 | dir=in | app=d:\steam2\steamapps\common\portal 2\portal2.exe |
"{E9A4DD1F-40CF-41B0-88F1-FF7B65CA89B5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{E9C0513C-3B63-432B-85AB-48B37AC60E6D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F18C5365-3AC5-438C-B14C-F70A311BE07E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dustforce\dustforce.exe |
"{F50BCBE8-F01B-460A-8693-B373E72722C1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6BE9A67-2FE9-4E8B-96BB-30390B04BCA8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skullgirls\skullgirls.exe |
"{FB0580A1-70D2-42FA-9EED-74B4986EC2B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{FF400F63-45BF-48D0-926A-A2F3EE63CF5E}" = protocol=58 | dir=in | [email protected],-28545 |
"TCP Query User{8ABEFCEB-744F-4B34-99C1-704D3476FDE9}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{F3B2D4A9-3666-4A80-A895-8696A7316306}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2A05A52B-BDD8-4FD5-A65A-687CB10D98DF}_is1" = Steins;Gate version 1.0
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5A68A656-979F-4168-8795-E2E368AA4DC2}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046" = Microsoft .NET Framework 4.5.1 (Português do Brasil)
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver de áudio HD 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B9EA6F38-1EDE-3375-B447-220186DE6CF8}" = Microsoft .NET Framework 4.5.1 (PTB)
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"AutoHotkey" = AutoHotkey 1.1.14.04
"CDisplayEx_is1" = CDisplayEx 1.10.29
"HexChat_is1" = HexChat
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{085957E0-56FD-4640-9B2B-A560CB52526C}_is1" = Valdis Sory - Abyssal City v1.0.0.22
"{1744E95A-53A5-9D5F-9935-A1CF739879A4}_is1" = «Dark Souls - Prepare to Die» 1.0.0.1
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.5.6366
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51adbf11-493f-431c-a862-967a0fae2944}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0416-1000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}" = Curse
"{a2199617-3609-410f-a8e8-e8806c73545b}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1046-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Português
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B641E348-377C-4819-B92F-03F1D35A7EE3}_is1" = 東方心綺楼 Ver1.20
"{BCCDE721-9F4D-4396-9592-92DD865D965E}" = League of Legends
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C3592426-531E-4110-911D-BFECE2CE284B}" = puush
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Suporte para Aplicativos Apple
"{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}" = Adobe Audition CC
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{f0080ca2-80ae-4958-b6eb-e8fa916d744a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"1207664823_is1" = Shovel Knight
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ASIOProxy" = ASIO Proxy for foobar2000
"Avast" = avast! Free Antivirus
"Battle.net" = Battle.net
"Bioshock Infinite_R.G. Mechanics_is1" = Bioshock Infinite
"CDisplay_is1" = CDisplay 1.8
"CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark Souls 2_is1" = Dark Souls 2
"Dead Space_is1" = Dead Space version 1.0.0.222
"DFO" = Dungeon Fighter Online
"Dont Starve_is1" = Dont Starve
"Dust: An Elysian Tail_is1" = Dust: An Elysian Tail
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"FEZ_is1" = FEZ
"ffdshow_is1" = ffdshow v1.3.4532 [2014-07-17]
"FileZilla Client" = FileZilla Client 3.6.0.2
"FLAC" = FLAC 1.2.1b (remove only)
"foobar2000" = foobar2000 v1.3.2
"GOGPACKKENTUCKYROUTEZERO_is1" = Kentucky Route Zero
"GOGPACKLONESURVIVORDC_is1" = Lone Survivor - The Director's Cut
"Google Chrome" = Google Chrome
"G-Senjou_no_Maou_Aegis" = G-Senjou no Maou English
"HaaliMkx" = Haali Media Splitter
"Half Minute Hero Super Mega Neo Climax Ultimate Boy_is1" = Half Minute Hero Super Mega Neo Climax Ultimate Boy
"Half-Life" = Half-Life
"Hearthstone" = Hearthstone
"ImgBurn" = ImgBurn
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"IrfanView" = IrfanView (remove only)
"lavfilters_is1" = LAV Filters 0.59.1
"League of Legends 3.0.1" = League of Legends
"LOLReplay" = LOLReplay
"Luftrausers 1.0.0.1" = Luftrausers 1.0.0.1
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"Mark of the Ninja Special Edition_is1" = Mark of the Ninja Special Edition
"Melty Blood Actress Again Current Code English" = Melty Blood Actress Again Current Code English v0.52
"Monaco What's Yours Is Mine_is1" = Monaco What's Yours Is Mine
"Mozilla Firefox 34.0.5 (x86 pt-BR)" = Mozilla Firefox 34.0.5 (x86 pt-BR)
"Mp3tag" = Mp3tag v2.65a
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"PFPortChecker" = PFPortChecker 1.0.39
"Port Forward Network Utilities" = Port Forward Network Utilities 2.0.1
"Q2hpbGRvZkxpZ2h0_is1" = Child of Light
"qBittorrent" = qBittorrent 3.1.11
"QW5vdGhlciBXb3JsZA==_is1" = Another World 20th Anniversary Edition © Focus Home Interactive version 1
"Simple Port Tester2.1.5" = Simple Port Tester
"Sonic Generations_is1" = Sonic Generations
"SpeedFan" = SpeedFan (remove only)
"Steam App 107100" = Bastion
"Steam App 204360" = Castle Crashers
"Steam App 214560" = Mark of the Ninja
"Steam App 225080" = Brothers - A Tale of Two Sons
"Steam App 239350" = Spelunky
"Steam App 241600" = Rogue Legacy
"Steam App 245170" = Skullgirls
"Steam App 35700" = Trine
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"Steam App 65300" = Dustforce
"Steam App 8850" = BioShock 2
"StepMania 5" = StepMania v5.0 beta 1a (remove only)
"Super Jukebox" = Super Jukebox (Remove Only)
"The Binding of Isaac Rebirth 1.0" = The Binding of Isaac Rebirth 1.0
"The Swapper_is1" = The Swapper
"The Walking Dead Season 2 EP 2_is1" = The Walking Dead Season 2 EP 2
"The Wolf Among Us Episode 2_is1" = The Wolf Among Us Episode 2
"The Wolf Among Us Episode 3_is1" = The Wolf Among Us Episode 3
"Thief Gold_is1" = Thief Gold
"This War of Mine_is1" = This War of Mine
"Transistor_R.G. Mechanics_is1" = Transistor
"Trine 2_is1" = «Trine 2» 2.0
"UmF5bWFuTGVnZW5kcw==_is1" = Rayman Legends
"Uplay" = Uplay
"uTorrent" = µTorrent
"VGhlV29sZkFtb25nVXM=_is1" = The Wolf Among Us
"VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1" = The Walking Dead: Season 2
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Flux" = f.lux
"Sansa Updater" = Sansa Updater
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2015/01/10 17:58:26 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x1640 Hora de início do
aplicativo com falha: 0x01d02d208edd6d65 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: ccfe284f-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:27 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x5d8 Hora de início do aplicativo
com falha: 0x01d02d208fe9d861 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: cdc34ff2-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:29 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x15f4 Hora de início do
aplicativo com falha: 0x01d02d2090e5c841 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: ceee18b2-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:31 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x143c Hora de início do
aplicativo com falha: 0x01d02d20920f316c Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: d0169779-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:33 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x1130 Hora de início do
aplicativo com falha: 0x01d02d209345e138 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: d1424aab-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:35 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x1688 Hora de início do
aplicativo com falha: 0x01d02d2094b729fe Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: d287047b-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:38 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x1080 Hora de início do
aplicativo com falha: 0x01d02d2095a3b055 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: d46d30c8-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 17:58:40 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x15fc Hora de início do
aplicativo com falha: 0x01d02d2097aa5d88 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: d5844a4b-9913-11e4-a096-000df08b7f53
Error - 2015/01/10 18:07:24 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x12c8 Hora de início do
aplicativo com falha: 0x01d02d20990c63b7 Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: 0dce9197-9915-11e4-a096-000df08b7f53
Error - 2015/01/10 18:07:26 | Computer Name = win7-PC | Source = Application Error | ID = 1000
Description = Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385,
carimbo de hora: 0x4a5bca54 Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577,
carimbo de hora: 0x4d79bfba Código de exceção: 0xc0000005 Deslocamento com falha:
0x000000000010ca4c Identificação do processo com falha: 0x155c Hora de início do
aplicativo com falha: 0x01d02d21d0f37aef Caminho do aplicativo com falha: C:\Windows\system32\DllHost.exe
FCaminho
do módulo de falhas: C:\Windows\system32\ESENT.dll Identificação do Relatório: 0ef49f9b-9915-11e4-a096-000df08b7f53
[ System Events ]
Error - 2015/01/08 09:25:44 | Computer Name = win7-PC | Source = DCOM | ID = 10010
Description =
Error - 2015/01/09 07:22:16 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Windows Search.
Error - 2015/01/09 07:22:16 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Windows Search devido ao seguinte
erro: %%1053
Error - 2015/01/09 07:28:48 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Windows Search.
Error - 2015/01/09 07:28:48 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Windows Search devido ao seguinte
erro: %%1053
Error - 2015/01/09 07:30:40 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Windows Search.
Error - 2015/01/09 07:30:40 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Windows Search devido ao seguinte
erro: %%1053
Error - 2015/01/09 07:33:48 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Windows Search.
Error - 2015/01/09 07:33:48 | Computer Name = win7-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Windows Search devido ao seguinte
erro: %%1053
Error - 2015/01/10 07:33:39 | Computer Name = win7-PC | Source = BTHUSB | ID = 327697
Description = Falha indeterminada do adaptador Bluetooth local; ele não será usado.
O driver foi descarregado.
< End of report >
#23
Posted 10 January 2015 - 04:46 PM
#24
Posted 14 January 2015 - 07:17 AM
I did that and the problem is still here
Also, i said vew doesn't work so i just used the "list last 10 event viewer errors" for minitollbox
MiniToolBox by Farbar Version: 30-11-2014
Ran by Victor (administrator) on 14-01-2015 at 11:15:15
Running from "C:\Users\Victor\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Event log errors: ===============================
Application errors:
==================
Error: (01/14/2015 11:13:45 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xb50
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:43 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xfe4
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:41 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xb34
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:39 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xe60
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:31 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xeb4
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:30 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0x6cc
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:28 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xd84
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:25 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xfe8
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:15 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: DllHost.exe, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bca54
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0xf94
Hora de início do aplicativo com falha: 0xDllHost.exe0
Caminho do aplicativo com falha: DllHost.exe1
FCaminho do módulo de falhas: DllHost.exe2
Identificação do Relatório: DllHost.exe3
Error: (01/14/2015 11:13:04 AM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: taskhost.exe, versão: 6.1.7601.18010, carimbo de hora: 0x50aee9f3
Nome do módulo de falhas: ESENT.dll, versão: 6.1.7601.17577, carimbo de hora: 0x4d79bfba
Código de exceção: 0xc0000005
Deslocamento com falha: 0x000000000010ca4c
Identificação do processo com falha: 0x8bc
Hora de início do aplicativo com falha: 0xtaskhost.exe0
Caminho do aplicativo com falha: taskhost.exe1
FCaminho do módulo de falhas: taskhost.exe2
Identificação do Relatório: taskhost.exe3
System errors:
=============
Error: (01/14/2015 11:09:56 AM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-02-10 17:22:48.350
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-10 17:22:48.250
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
**** End of log ****
#25
Posted 14 January 2015 - 09:30 AM
Let's try NirSoft's MyEventViewer.
http://www.nirsoft.n...ent_viewer.html
You want: Download MyEventViewer for x64
Download, Save and Right click and Extract All. Then right click on MyEventViewer.exe and Run As Admin
once it loads, go into Options, Event Type Filter and uncheck Information then repeat for Audit Success
Do Ctrl + A to select all logs then File, Save Selected Items, (change it to your desktop) call it logs and Save
Then Copy and Paste or Attach the file logs.txt
#26
Posted 18 January 2015 - 08:45 AM
Here, it's attached.
Attached Files
#27
Posted 18 January 2015 - 05:03 PM
I can fix one of the errors:
download the attached wininit.zip file. Save it and right click and Extract all which should give you a wininit.reg file. Right click on the reg file and Merge.
I wonder if we can update the C:\Windows\system32\ESENT.dll file. You do have a newer one. I think we will have to use Combofix to do it.
Let's first install and run Combofix:
#28
Posted 22 January 2015 - 08:12 AM
I thought this scan would take hours lol
I named it combofixlog.txt
Attached Files
#29
Posted 22 January 2015 - 08:46 AM
#30
Posted 23 January 2015 - 08:07 AM
Here:
Attached Files
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users