API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 26th, 2015
106
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.20 KB | None | 0 0
raw download clone embed print report
  1. OTL Extras logfile created on: 26/09/2015 21:14:14 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HAMMER\Desktop
  3. Professional (Version = 6.1.7600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7600.16385)
  5. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  6.  
  7. 1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,14% Memory free
  8. 3,75 Gb Paging File | 3,02 Gb Available in Paging File | 80,55% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 74,43 Gb Total Space | 57,07 Gb Free Space | 76,67% Space Free | Partition Type: NTFS
  13. Drive D: | 465,76 Gb Total Space | 177,55 Gb Free Space | 38,12% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: HAMMER-PC | User Name: HAMMER | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: All users
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
  20.  
  21.  
  22. [color=#E56717]========== File Associations ==========[/color]
  23.  
  24. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  25. .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
  26. .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
  27.  
  28. [color=#E56717]========== Shell Spawning ==========[/color]
  29.  
  30. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  31. batfile [open] -- "%1" %*
  32. cmdfile [open] -- "%1" %*
  33. comfile [open] -- "%1" %*
  34. cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
  35. exefile [open] -- "%1" %*
  36. helpfile [open] -- Reg Error: Key error.
  37. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
  38. htmlfile [edit] -- Reg Error: Key error.
  39. http [open] -- Reg Error: Key error.
  40. https [open] -- Reg Error: Key error.
  41. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  42. piffile [open] -- "%1" %*
  43. regfile [merge] -- Reg Error: Key error.
  44. scrfile [config] -- "%1"
  45. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  46. scrfile [open] -- "%1" /S
  47. txtfile [edit] -- Reg Error: Key error.
  48. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  49. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  50. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  51. Directory [MinhaBox.Upload] -- "C:\Program Files\Minhateca.com.br Box\\MinhaBox.exe" -u"%1" ()
  52. Directory [mplayerc.enqueue] -- "C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe" /add "%1" (MPC-HC Team)
  53. Directory [mplayerc.play] -- "C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe" "%1" (MPC-HC Team)
  54. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  55. Folder [explore] -- Reg Error: Value error.
  56. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  57.  
  58. [color=#E56717]========== Security Center Settings ==========[/color]
  59.  
  60. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  61. "cval" = 1
  62.  
  63. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  64.  
  65. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  66. "VistaSp1" = Reg Error: Unknown registry data type -- File not found
  67. "AntiVirusOverride" = 0
  68. "AntiSpywareOverride" = 0
  69. "FirewallOverride" = 0
  70.  
  71. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
  72.  
  73. [color=#E56717]========== Firewall Settings ==========[/color]
  74.  
  75. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
  76. "DisableNotifications" = 0
  77. "EnableFirewall" = 1
  78.  
  79. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  80. "DisableNotifications" = 0
  81. "EnableFirewall" = 1
  82.  
  83. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
  84. "DisableNotifications" = 0
  85. "EnableFirewall" = 1
  86.  
  87. [color=#E56717]========== Authorized Applications List ==========[/color]
  88.  
  89.  
  90. [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
  91.  
  92. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  93. "{16643228-0F03-459F-9F9F-D20485E23693}" = lport=10243 | protocol=6 | dir=in | app=system |
  94. "{257A92D6-6FCB-4E4E-A964-52AAED0A7F47}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  95. "{4D0FE5BC-53C7-472B-9735-4FFE85161386}" = lport=445 | protocol=6 | dir=in | app=system |
  96. "{4F320B0F-0EB8-4F1D-8A34-F0C54132B642}" = rport=137 | protocol=17 | dir=out | app=system |
  97. "{55EE76B3-3667-4706-B8C7-66FCDCF81DC8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
  98. "{5ABDD333-2AD6-4728-B48C-B77E6CEFD0E1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
  99. "{5C566925-CBBA-47A2-873F-2E1A5A4F1C2C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
  100. "{60F2E1EB-7E90-4706-A3D5-3CEE717C91EB}" = rport=445 | protocol=6 | dir=out | app=system |
  101. "{6A497985-87CB-4D80-9C94-13981D6D8227}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
  102. "{6F72B195-EF5D-46F3-9552-463CADEADF34}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
  103. "{8DDDA249-0F95-4F90-8D8E-8DDC7F9F730D}" = lport=139 | protocol=6 | dir=in | app=system |
  104. "{9CCBA554-A52E-4268-AB0E-9CC2B09A617F}" = lport=137 | protocol=17 | dir=in | app=system |
  105. "{9CF4B075-13B6-4F9F-8ADE-A44AB9D1B8EE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
  106. "{AA312912-2A5B-4248-A939-EB602ABD23C9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  107. "{B9E998C0-B72C-48CB-B585-036AD285CF00}" = lport=2869 | protocol=6 | dir=in | app=system |
  108. "{BA031B30-D8FA-4B0E-B51D-EC125C7324B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
  109. "{C67D650E-3E19-4847-9416-89429A8E7678}" = rport=138 | protocol=17 | dir=out | app=system |
  110. "{D0FA6F7A-C070-4312-A7BC-4A0A89DDC89B}" = rport=139 | protocol=6 | dir=out | app=system |
  111. "{D5807530-D3CD-4D00-9C10-1671CC2BABC1}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
  112. "{E54314D5-CCD7-418C-BEFB-3DCBEB07E643}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
  113. "{EC29B0CC-A4A0-4DCA-98D2-D7F94406137C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
  114. "{EF04EC4A-1BEA-4754-BC5F-DD0BA950F05B}" = lport=138 | protocol=17 | dir=in | app=system |
  115. "{FB56B19B-D5D4-4EEB-AF18-0A0677EF6160}" = rport=10243 | protocol=6 | dir=out | app=system |
  116.  
  117. [color=#E56717]========== Vista Active Application Exception List ==========[/color]
  118.  
  119. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  120. "{0A363F5D-5BA0-43EE-B532-44B8DEF99401}" = protocol=6 | dir=in | app=c:\users\hammer\appdata\roaming\utorrent\utorrent.exe |
  121. "{0F74A1B5-1E46-4B29-97F2-3E1080E88723}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
  122. "{12165388-603E-437D-9292-84E411818B1B}" = protocol=6 | dir=out | app=c:\users\hammer\appdata\roaming\utorrent\utorrent.exe |
  123. "{1556CF25-4B4F-413A-BCBF-E82C9EA65D1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  124. "{17EC0E38-9AB9-4A72-9D31-99139B86A257}" = protocol=6 | dir=in | app=c:\users\hammer\appdata\roaming\utorrent\utorrent.exe |
  125. "{1BB22BAB-8F25-472E-B019-A87CB6DB4676}" = protocol=17 | dir=in | app=c:\users\hammer\appdata\roaming\utorrent\utorrent.exe |
  126. "{21C943BC-8BBB-4A44-96B3-41C10B465D00}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
  127. "{325EFAD4-756F-4855-A85A-8AF0A672BA99}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
  128. "{3BBD0A2C-310B-4034-83CF-3630FE5AADA4}" = protocol=17 | dir=out | app=c:\users\hammer\appdata\roaming\utorrent\utorrent.exe |
  129. "{41E27CC8-E025-4483-AB7F-6E37E33A8B6C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
  130. "{47B09ACD-F524-4A4E-96B5-4552E41BDBFC}" = protocol=6 | dir=in | app=c:\users\hammer\downloads\utorrent.exe |
  131. "{5B32883E-4CBB-42FB-B12A-8BE88548BECC}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\devicesetup.exe |
  132. "{6E59CC6F-AE3F-4376-8AA0-E4D46E717300}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
  133. "{7F357DDF-FE52-47C9-BF71-F7BBC8FD6D82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
  134. "{80EF6E2C-51A9-48E4-A6F3-4D0631AAA055}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
  135. "{83A47D9C-0A5F-490A-AA07-2E4DA9141D20}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
  136. "{97663434-2E7C-4F6A-B7AB-A5F8C4734A74}" = protocol=17 | dir=in | app=c:\users\hammer\appdata\roaming\utorrent\utorrent.exe |
  137. "{A0678065-381C-4986-A397-61D81230A17D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
  138. "{A30789CE-BA62-4E40-8479-E8A290CE83EC}" = protocol=17 | dir=in | app=c:\users\hammer\downloads\utorrent.exe |
  139. "{B2FD0A44-08B4-4836-8888-A9126D37FDFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  140. "{B3531665-7053-4A26-8B1B-7C22B28E7500}" = protocol=6 | dir=out | app=system |
  141. "{B4494062-943A-4844-B448-75D99EBB7CC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
  142. "{CD26C231-B2CA-4CE5-94B1-E3B0E5A0A721}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
  143. "{D1DF373B-4B10-473B-A1D3-074B8EDAE32F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  144. "{DAEA3DEC-0C67-43C4-B718-AA9343E5BCEE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  145. "{E0E58272-2797-4193-A684-7F832B0A277E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
  146. "{E6AC24A1-01CF-4866-9C7D-A77AABFBC4CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
  147. "{EBF46354-FC42-4263-9650-FB13DB74CE93}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
  148. "{ECE51EFD-4387-4717-B66C-124AC4104FA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
  149. "{F2F1D951-ED7F-4085-9715-AAD1D991AD2F}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe |
  150. "TCP Query User{2FDB4441-A47E-4DDC-8F64-3CD98F80EB75}C:\program files\freetime\formatfactory\formatfactory.exe" = protocol=6 | dir=in | app=c:\program files\freetime\formatfactory\formatfactory.exe |
  151. "TCP Query User{EFD809CE-495B-4D24-A8F5-DA9F54DF2B4D}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe |
  152. "UDP Query User{1883416F-D4E6-4527-BA12-61381D48E27D}C:\program files\freetime\formatfactory\formatfactory.exe" = protocol=17 | dir=in | app=c:\program files\freetime\formatfactory\formatfactory.exe |
  153. "UDP Query User{FA24EDDC-5E0A-4DB4-BC8A-B9578EA1198B}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe |
  154.  
  155. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
  156.  
  157. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  158. "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
  159. "{6A22B145-83AD-4320-946C-73E04E4D3E90}" = Minhateca.com.br Box
  160. "{6E3939AE-9996-4D07-9A30-14C78AE93576}" = Microsoft Security Client
  161. "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
  162. "{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
  163. "{AF549236-6258-4AC6-A043-5B5B89C6EB61}" = SpyHunter
  164. "{D2FD81AC-3A24-40B1-882A-D6369E264D7F}" = HP Deskjet 2540 series Software básico do dispositivo
  165. "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
  166. "Adobe Flash Player PPAPI" = Adobe Flash Player 19 PPAPI
  167. "Advanced SystemCare 8_is1" = Advanced SystemCare 8
  168. "Everything" = Everything 1.2.1.371
  169. "FBDBServer_2_5_is1" = Firebird 2.5.2.26540 (Win32)
  170. "FormatFactory" = FormatFactory 3.6.0.0
  171. "Google Chrome" = Google Chrome
  172. "IObit Surfing Protection_is1" = Surfing Protection
  173. "IObitUninstall" = IObit Uninstaller
  174. "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 11.3.0
  175. "Microsoft Security Client" = Microsoft Security Essentials
  176. "SAM3" = SAM Broadcaster 2013
  177. "TeamViewer" = TeamViewer 10
  178. "WinPcapInst" = WinPcap 4.1.1
  179. "WinRAR archiver" = WinRAR 5.20 (32-bit)
  180. "Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 2.2.4)
  181.  
  182. [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
  183.  
  184. [HKEY_USERS\S-1-5-21-1425229123-4006759160-522371315-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  185. "uTorrent" = µTorrent
  186.  
  187. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
  188.  
  189. [ Application Events ]
  190. Error - 23/09/2015 21:50:12 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  191. Description =
  192.  
  193. Error - 24/09/2015 21:13:24 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  194. Description =
  195.  
  196. Error - 24/09/2015 21:13:24 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  197. Description =
  198.  
  199. Error - 25/09/2015 08:55:49 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  200. Description =
  201.  
  202. Error - 25/09/2015 08:55:49 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  203. Description =
  204.  
  205. Error - 25/09/2015 12:27:57 | Computer Name = HAMMER-PC | Source = Application Hang | ID = 1002
  206. Description = O programa Spyhunter4.exe versão 4.17.6.4336 parou de interagir com
  207. o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
  208. verifique o histórico de problemas no painel de controle da Central de Ações. ID
  209. de Processo: 8f8 Hora de Início: 01d0f7af0be35b32 Hora de Término: 0 Caminho do Aplicativo:
  210. C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Id do Relatório:
  211. 5b04c2c2-63a2-11e5-b682-001a4b0260e8
  212.  
  213. Error - 25/09/2015 21:12:28 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  214. Description =
  215.  
  216. Error - 26/09/2015 11:40:46 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  217. Description =
  218.  
  219. Error - 26/09/2015 11:40:46 | Computer Name = HAMMER-PC | Source = AdvancedSystemCareService8 | ID = 0
  220. Description =
  221.  
  222. Error - 26/09/2015 20:02:19 | Computer Name = HAMMER-PC | Source = Application Hang | ID = 1002
  223. Description = O programa uTorrent.exe versão 3.4.5.41162 parou de interagir com
  224. o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
  225. verifique o histórico de problemas no painel de controle da Central de Ações. ID
  226. de Processo: 138 Hora de Início: 01d0f8b7788d0246 Hora de Término: 31 Caminho do Aplicativo:
  227. C:\Users\HAMMER\AppData\Roaming\uTorrent\uTorrent.exe Id do Relatório: f3701037-64aa-11e5-b766-001a4b0260e8
  228.  
  229.  
  230. [ System Events ]
  231. Error - 24/09/2015 07:20:46 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  232. Description =
  233.  
  234. Error - 24/09/2015 07:20:46 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  235. Description =
  236.  
  237. Error - 25/09/2015 08:22:11 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  238. Description =
  239.  
  240. Error - 25/09/2015 08:22:12 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  241. Description =
  242.  
  243. Error - 25/09/2015 12:28:03 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  244. Description =
  245.  
  246. Error - 25/09/2015 12:28:04 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  247. Description =
  248.  
  249. Error - 26/09/2015 09:06:09 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  250. Description =
  251.  
  252. Error - 26/09/2015 09:06:09 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  253. Description =
  254.  
  255. Error - 26/09/2015 11:51:16 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  256. Description =
  257.  
  258. Error - 26/09/2015 11:51:16 | Computer Name = HAMMER-PC | Source = DCOM | ID = 10016
  259. Description =
  260.  
  261.  
  262. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!