Here they are: OTL.Txt: OTL logfile created on: 28/04/2015 18:00:28 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kazuma\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17728) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 11,88 Gb Total Physical Memory | 9,15 Gb Available Physical Memory | 76,98% Memory free 23,88 Gb Paging File | 20,52 Gb Available in Paging File | 85,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 2047,66 Gb Total Space | 1661,34 Gb Free Space | 81,13% Space Free | Partition Type: NTFS Computer Name: KAZ | User Name: Kazuma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015/04/28 17:59:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kazuma\Desktop\OTL.exe PRC - [2015/04/23 21:04:46 | 002,888,384 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2015/04/23 21:04:46 | 001,820,864 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe PRC - [2015/04/23 21:04:46 | 000,837,824 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2015/04/14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2015/04/14 09:36:20 | 006,212,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe PRC - [2015/04/08 17:32:31 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2015/03/28 00:45:04 | 002,673,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2015/03/28 00:45:01 | 001,878,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe ========== Modules (No Company Name) ========== MOD - [2015/04/23 21:47:38 | 036,544,904 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2015/04/23 21:47:38 | 009,203,080 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\pdf.dll MOD - [2015/04/23 21:04:50 | 002,396,352 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll MOD - [2015/04/23 21:04:46 | 000,702,656 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2015/04/22 23:16:30 | 004,962,816 | ---- | M] () -- C:\Program Files (x86)\Steam\v8.dll MOD - [2015/04/22 23:16:24 | 001,556,992 | ---- | M] () -- C:\Program Files (x86)\Steam\icui18n.dll MOD - [2015/04/22 23:16:24 | 001,187,840 | ---- | M] () -- C:\Program Files (x86)\Steam\icuuc.dll MOD - [2015/04/16 14:40:32 | 000,776,192 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll MOD - [2015/03/28 00:45:04 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll MOD - [2014/12/01 18:31:16 | 002,396,672 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-56.dll MOD - [2014/12/01 18:31:16 | 000,485,888 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-3.dll MOD - [2014/12/01 18:31:16 | 000,479,744 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-56.dll MOD - [2014/12/01 18:31:16 | 000,442,880 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-54.dll MOD - [2014/12/01 18:31:16 | 000,332,800 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-2.dll ========== Services (SafeList) ========== SRV:64bit: - [2015/02/20 20:49:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2014/12/05 22:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2014/10/31 01:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2014/10/29 00:59:51 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2014/10/29 00:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2014/10/28 23:42:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2014/10/28 23:42:03 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2014/10/28 23:34:51 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2014/10/28 23:33:55 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2014/10/28 23:29:22 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2014/10/28 22:57:05 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:64bit: - [2014/10/28 22:48:20 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2014/10/28 22:43:27 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2014/10/28 22:27:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2014/10/28 22:26:21 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2014/10/28 22:26:02 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2014/10/28 22:24:37 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2014/10/28 22:22:40 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2014/10/28 22:20:03 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2014/10/28 22:19:20 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2014/10/28 22:16:17 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2014/10/28 22:13:24 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2014/10/28 22:13:02 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2014/10/28 22:12:36 | 000,407,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2014/10/28 22:12:22 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2014/10/28 22:11:10 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2014/10/28 22:09:48 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:64bit: - [2014/10/28 22:05:09 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2014/10/28 21:57:18 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2014/10/28 21:48:52 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2014/10/28 21:46:48 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2014/10/28 21:35:51 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2014/10/03 16:36:52 | 000,329,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0) SRV - [2015/04/24 01:05:30 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015/04/23 21:04:46 | 000,837,824 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2015/04/14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2015/04/08 17:32:31 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2015/03/28 00:45:01 | 001,878,672 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2015/03/28 00:45:00 | 001,152,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService) SRV - [2015/03/28 00:44:59 | 022,995,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV - [2014/10/29 00:50:11 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2014/10/28 22:51:55 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2014/10/28 22:04:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2014/10/28 21:53:11 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014/10/03 16:36:56 | 000,279,952 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) ========== Driver Services (SafeList) ========== DRV:64bit: - [2015/04/28 10:47:07 | 000,136,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2015/04/14 09:38:00 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2015/04/14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2015/03/04 07:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2015/02/03 20:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2015/02/03 20:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2015/02/03 20:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2014/12/11 21:51:20 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2014/11/22 07:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2014/10/29 00:59:47 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2014/10/29 00:59:12 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2014/10/29 00:57:42 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2014/10/29 00:56:04 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2014/10/28 23:46:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2014/10/28 23:46:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2014/10/28 23:46:09 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:64bit: - [2014/10/28 23:45:54 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2014/10/28 23:45:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2014/10/28 23:45:16 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2014/10/15 05:32:36 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS) DRV:64bit: - [2014/10/12 23:43:17 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2014/10/12 23:43:17 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2014/10/12 23:43:17 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2014/10/09 14:02:39 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2014/10/08 06:24:09 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2014/10/07 03:54:45 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2014/10/07 03:54:45 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2014/10/07 03:44:39 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2014/10/03 16:36:38 | 004,753,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2014/09/18 22:58:48 | 000,038,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2014/09/18 22:58:48 | 000,027,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2014/08/14 21:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2014/03/13 09:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2014/02/22 12:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2014/02/22 09:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2013/10/25 22:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2013/10/05 12:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2013/09/14 11:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2013/08/22 20:00:51 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2013/08/22 10:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2013/08/22 10:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2013/08/22 09:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2013/08/22 09:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2013/08/22 09:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2013/08/22 09:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2013/08/22 09:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2013/08/22 09:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2013/08/22 09:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2013/08/22 09:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2013/08/22 09:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2013/08/22 09:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:64bit: - [2013/08/22 09:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2013/08/22 09:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2013/08/22 09:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2013/08/22 09:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2013/08/22 09:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2013/08/22 09:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2013/08/22 09:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2013/08/22 09:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2013/08/22 09:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2013/08/22 09:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2013/08/22 09:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2013/08/22 09:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2013/08/22 09:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2013/08/22 09:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2013/08/22 09:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2013/08/22 09:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2013/08/22 08:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2013/08/22 08:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2013/08/22 08:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2013/08/22 08:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2013/08/22 08:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2013/08/22 08:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013/08/22 08:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2013/08/22 08:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2013/08/22 08:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2013/08/22 08:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2013/08/22 08:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2013/08/22 08:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013/08/22 08:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2013/08/22 08:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2013/08/22 08:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2013/08/22 05:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2013/08/12 20:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2013/08/09 21:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2013/07/30 15:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2013/07/25 16:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2013/06/18 11:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV - [2015/03/28 00:44:59 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1557431881-3636541786-3122483063-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKU\S-1-5-21-1557431881-3636541786-3122483063-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1557431881-3636541786-3122483063-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-1557431881-3636541786-3122483063-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "BR" FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.region: "BR" FF - prefs.js..browser.startup.homepage: "https://www.google.com/?gfe_rd=cr&ei=796eVJz6KaKj8wfHj4C4BA&gws_rd=ssl,cr&fg=1" FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.22.1-signed FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/27 12:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kazuma\AppData\Roaming\mozilla\Extensions [2015/04/25 13:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kazuma\AppData\Roaming\mozilla\Firefox\Profiles\ymk1k0rh.default\extensions [2015/02/15 03:43:11 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Kazuma\AppData\Roaming\mozilla\Firefox\Profiles\ymk1k0rh.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015/04/25 12:57:58 | 001,449,164 | ---- | M] () (No name found) -- C:\Users\Kazuma\AppData\Roaming\mozilla\firefox\profiles\ymk1k0rh.default\extensions\firefox@ghostery.com.xpi [2015/04/25 13:52:23 | 000,559,971 | ---- | M] () (No name found) -- C:\Users\Kazuma\AppData\Roaming\mozilla\firefox\profiles\ymk1k0rh.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015/04/02 11:38:04 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Kazuma\AppData\Roaming\mozilla\firefox\profiles\ymk1k0rh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015/04/24 01:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2015/04/24 01:05:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013/08/22 10:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKU\S-1-5-21-1557431881-3636541786-3122483063-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.124.132.33 189.124.132.32 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB1B921E-B8F8-4DDD-890A-2275057E6752}: DhcpNameServer = 189.124.132.33 189.124.132.32 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015/04/28 17:59:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kazuma\Desktop\OTL.exe [2015/04/28 10:53:03 | 000,000,000 | ---D | C] -- C:\KVRT_Data [2015/04/27 08:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2015/04/27 03:08:42 | 000,000,000 | ---D | C] -- C:\FRST [2015/04/25 00:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [2015/04/24 01:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2015/04/23 13:53:46 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\AppData\Roaming\Identities [2015/04/22 13:19:40 | 000,200,192 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\DscCoreConfProv.dll [2015/04/13 20:40:47 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\AppData\Local\Rockstar Games [2015/04/13 20:40:46 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\Documents\Rockstar Games [2015/04/13 20:40:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games [2015/04/13 20:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2015/04/09 16:20:01 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\Documents\Square Enix [2015/04/05 15:10:57 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\Documents\Euro Truck Simulator 2 [2015/04/04 19:22:57 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX [2015/04/04 19:22:57 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX [2015/04/02 15:40:40 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\Documents\GTA San Andreas User Files [2015/03/31 22:35:01 | 000,000,000 | ---D | C] -- C:\Users\Kazuma\AppData\Local\openvr [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015/04/28 17:59:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kazuma\Desktop\OTL.exe [2015/04/28 10:47:07 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2015/04/28 10:46:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/04/27 01:26:29 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2015/04/26 16:39:02 | 000,028,337 | ---- | M] () -- C:\Users\Kazuma\Desktop\1430077026041.jpg [2015/04/25 15:49:48 | 001,797,166 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2015/04/25 15:49:48 | 000,774,702 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat [2015/04/25 15:49:48 | 000,722,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2015/04/25 15:49:48 | 000,158,296 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat [2015/04/25 15:49:48 | 000,135,394 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2015/04/24 22:13:30 | 002,551,506 | ---- | M] () -- C:\Users\Kazuma\Desktop\1429924363898.gif [2015/04/23 13:52:24 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015/04/23 13:52:22 | 1615,056,894 | -HS- | M] () -- C:\hiberfil.sys [2015/04/22 17:10:51 | 000,043,393 | ---- | M] () -- C:\Users\Kazuma\Desktop\36e865e4d27afddd7aa0fa2410cdb721.png [2015/04/22 17:09:31 | 000,049,021 | ---- | M] () -- C:\Users\Kazuma\Desktop\5252.png [2015/04/22 17:08:02 | 000,076,451 | ---- | M] () -- C:\Users\Kazuma\Desktop\bane-620x286-airplane.png [2015/04/17 14:58:30 | 000,064,989 | ---- | M] () -- C:\Users\Kazuma\Desktop\1429284570533.png [2015/04/14 09:38:00 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2015/04/14 09:37:46 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2015/04/14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2015/04/13 13:26:44 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2015/04/08 21:58:18 | 000,849,552 | ---- | M] () -- C:\Windows\SysNative\nvmcumd.dll [2015/04/08 21:58:18 | 000,029,329 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2015/04/08 14:52:00 | 004,336,074 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2015/04/07 13:43:16 | 001,152,921 | ---- | M] () -- C:\Users\Kazuma\Desktop\1428388605889.gif [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2015/04/26 16:39:02 | 000,028,337 | ---- | C] () -- C:\Users\Kazuma\Desktop\1430077026041.jpg [2015/04/24 22:13:30 | 002,551,506 | ---- | C] () -- C:\Users\Kazuma\Desktop\1429924363898.gif [2015/04/22 17:06:21 | 000,076,451 | ---- | C] () -- C:\Users\Kazuma\Desktop\bane-620x286-airplane.png [2015/04/22 13:18:16 | 000,142,848 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll [2015/04/22 13:18:16 | 000,107,008 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2015/04/22 13:17:41 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\BthpanContextHandler.dll [2015/04/22 13:16:40 | 000,053,248 | ---- | C] () -- C:\Windows\SysNative\BWContextHandler.dll [2015/04/22 13:16:39 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2015/04/17 14:46:01 | 000,064,989 | ---- | C] () -- C:\Users\Kazuma\Desktop\1429284570533.png [2015/04/15 12:51:54 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2015/04/15 12:51:54 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2015/04/13 13:26:44 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2015/04/13 13:25:02 | 000,849,552 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll [2015/04/07 13:43:16 | 001,152,921 | ---- | C] () -- C:\Users\Kazuma\Desktop\1428388605889.gif [2014/12/31 06:21:48 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini [2014/10/03 16:36:30 | 000,186,368 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2014/10/03 16:36:28 | 016,810,624 | ---- | C] () -- C:\Windows\SysWow64\igd11dxva32.dll [2013/08/22 12:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2013/08/22 12:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2013/08/22 11:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2013/08/22 04:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2013/08/21 20:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2013/08/21 20:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== ZeroAccess Check ========== [2015/02/04 17:35:59 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 14:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 14:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/28 22:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/28 21:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/28 22:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2015/02/27 21:18:29 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\com.fbkc.hdydi [2015/01/15 16:33:41 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\FiraxisLive [2014/12/29 17:53:49 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\Firestorm_x64 [2015/01/31 11:33:36 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\Mount&Blade Warband [2015/02/04 17:19:47 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\The Creative Assembly [2015/04/25 15:59:36 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\TS3Client [2015/01/04 12:11:05 | 000,000,000 | ---D | M] -- C:\Users\Kazuma\AppData\Roaming\Wargaming.net ========== Purity Check ========== ========== Files - Unicode (All) ========== [2015/02/27 03:27:36 | 000,170,372 | ---- | M] ()(C:\Users\Kazuma\Desktop\warhammer-40000-???????-Imperium-????????-1152898.png) -- C:\Users\Kazuma\Desktop\warhammer-40000-фэндомы-Imperium-Украдено-1152898.png [2015/02/27 03:27:36 | 000,170,372 | ---- | C] ()(C:\Users\Kazuma\Desktop\warhammer-40000-???????-Imperium-????????-1152898.png) -- C:\Users\Kazuma\Desktop\warhammer-40000-фэндомы-Imperium-Украдено-1152898.png ========== Alternate Data Streams ========== @Alternate Data Stream - 237 bytes -> C:\Users\Kazuma\SkyDrive:ms-properties < End of report > Extras.Txt: OTL Extras logfile created on: 28/04/2015 18:00:28 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kazuma\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17728) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 11,88 Gb Total Physical Memory | 9,15 Gb Available Physical Memory | 76,98% Memory free 23,88 Gb Paging File | 20,52 Gb Available in Paging File | 85,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 2047,66 Gb Total Space | 1661,34 Gb Free Space | 81,13% Space Free | Partition Type: NTFS Computer Name: KAZ | User Name: Kazuma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1557431881-3636541786-3122483063-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C68726C-5632-4CD8-8439-FA39D4300269}" = lport=2869 | protocol=6 | dir=in | app=system | "{0CD535F1-B2A9-43C7-94CB-A175921094AE}" = lport=138 | protocol=17 | dir=in | app=system | "{0CFB0342-DDEC-484F-8B0F-7D039A4CB477}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0F3D6810-0DEE-472D-B3BC-61000A674D89}" = rport=445 | protocol=6 | dir=out | app=system | "{11C5609A-3781-486C-9C1A-BFB32B710360}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe | "{11CFEA2E-48C0-4CCD-89AE-6F375D8CF0FC}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\remotecrashsender.exe | "{15B5F836-78B4-494E-B632-692EEC950590}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe | "{17F2F555-6ED2-4880-B7F9-FE65BD719680}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{408ADF9D-9850-467D-87F5-DB50DB8A04C7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{4A6E8174-E175-4DB0-94F0-1ECF815883A9}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{52F7AD8A-2CD4-49CF-BDCE-ECD4DB44935C}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{54013138-4BE7-4A3B-B28F-32181DD6F347}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5778DE50-F6D1-4EF6-AC1F-31AA3D398EA0}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{690F5629-D175-4872-A204-4AFFC3AB2DCE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{699D5E68-39A7-4316-9F3A-B2142B2971C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{69B9C4DA-95DF-45DF-8F9E-9384B9A6C637}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{70CCBB55-0868-41F7-B118-823A525C5EDF}" = lport=445 | protocol=6 | dir=in | app=system | "{721AE69F-A9C4-4E0C-8A61-C219C522DEBB}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe | "{7B7A3006-533D-4EBC-B452-E07C2FB8791E}" = lport=139 | protocol=6 | dir=in | app=system | "{8A7E23EE-5745-474E-A0C8-70314BFBDF88}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe | "{8D11181F-E5D8-4837-B380-DC441C162E6E}" = rport=10243 | protocol=6 | dir=out | app=system | "{91B90354-3056-4365-B641-C42F5796BC82}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{9770E4D4-227F-4F0A-BB8C-98374AD9C099}" = rport=137 | protocol=17 | dir=out | app=system | "{983189C1-53EC-4E5E-96B9-13B3BA36AC70}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{9E685041-7C3F-47D5-B383-2C5A3D4AA3B7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BF00AAF4-F176-4318-92A9-3BBB0C40C561}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C7E8DFFD-5C15-400C-AD02-74D28BBDAA0C}" = rport=139 | protocol=6 | dir=out | app=system | "{C84E96BB-D48A-4D0E-89F2-7D3423C99936}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D488214E-12EE-4BE4-A87F-FC4B7C317EB7}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{DD56C282-B65B-480C-B6E2-5306A49EB7C1}" = rport=138 | protocol=17 | dir=out | app=system | "{E5AADCC5-08D7-46C4-B827-57AEAC085780}" = rport=80 | protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\remotecrashsender.exe | "{F26D4148-7223-4A99-80D3-62D94E53EA75}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FA3BE479-07BC-418B-89A7-E1CD02B9072A}" = lport=10243 | protocol=6 | dir=in | app=system | "{FA8057B6-BB67-4B32-90E1-6BEABA2E24C7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{FEA94542-07F4-450C-8A98-E81BA786D25F}" = lport=137 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{029D6F56-382D-4636-918A-9CBFDFCA0841}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{03003FD6-4879-4173-9F89-438C35365884}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{05559C9A-A30D-43D9-9F05-8023CAF8B305}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row iv\saintsrowiv.exe | "{0B0D0E27-6CB6-4D9B-8A52-C88D112C7B41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | "{0C8A814D-6943-4EE4-845C-EC9FF5127522}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{0CF4437B-C97F-4CBF-B7EA-46FE9EDC894F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{126F0668-47A6-4F05-94CC-FA2CD8F59CBF}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{1454E7B2-9E31-429C-B872-F2136E4B2BE1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe | "{1D7DEE85-F6FB-4E31-88B9-1812D45D2DCC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{1E44F99B-9B52-4F87-8984-9278EED5B5C5}" = dir=out | name=@{microsoft.zunevideo_2.6.439.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{1EEEB767-947F-4A21-B136-B43B9780F7C8}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{1F52F381-8856-4A84-989F-C44BB450BE53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{22F76F6D-937C-4C55-90D6-1D46FCA4891A}" = protocol=58 | dir=in | app=system | "{22FB512E-DEEB-4517-863E-D4285F0C6989}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe | "{2A8BE9FB-E90E-428F-B890-75A85157F7C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{2AB84169-BDFA-4B12-AF6B-92DB516ACD8D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{2ABB3FC1-845F-4561-AC07-75C156F8ACC3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe | "{2B6AE585-7787-4EBB-857D-68AD53C2365A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{2DF7458C-407F-4167-90A8-2B50219E91C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{314C63B7-EB22-4BB1-95E7-8814BD8E895E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe | "{31DEE79F-B0DD-48ED-9203-32AC256C36D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | "{36A6AAE8-2427-499C-BDCE-A1E58D014E91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | "{379E16AA-0A0E-4423-9503-F1CAE8297A52}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\how do you do it\how_do_you_do_it\how do you do it.exe | "{387381B1-2228-418D-A67A-25B09C83C56B}" = dir=in | name=skype | "{3B9637D1-64FE-4F5D-B1E0-F59CFCE347FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe | "{3C5AA891-F100-4884-834C-EBDA2670CAE7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe | "{3CD2562C-DB79-4DC3-A4A1-300BA25544B3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe | "{3FFBA07E-0788-4DFE-A0BB-3669D6112F03}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jedi academy\gamedata\jamp.exe | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{434AE82B-7177-4C7A-806E-A501E9A828C2}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{4381785A-3AE7-47C0-A96C-A6A5280ABC33}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | "{44B6EFAD-B28C-4930-BEA3-51EF43A444EF}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{4570B5D4-9855-4081-8415-93C1FFDE8628}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jedi academy\gamedata\jasp.exe | "{470FE953-146B-45D7-BB64-EB3D5729F042}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe | "{49EFE73E-AA26-4091-9232-F081503DF0E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{4B4A626D-9BCB-4E56-9A27-DE033ACAF5CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{4C860A5F-F4CD-4C39-8D0B-C36CE84D49C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe | "{4E8BEC74-905A-4707-8DC8-D2862745679E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4FE1BE9C-279E-475F-80E4-B73694ECD9D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{534CB71E-25D1-419B-98A4-4D3CDADDE63D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{569D07EB-997A-48BD-B51C-8DB6D1F5EE13}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe | "{5841981B-645D-459F-AC0E-C95A81213987}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tropico 5\tropico5steam.exe | "{59797ABB-2FE9-489C-9784-AF89591A79C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5E68DBA1-DCD7-4A33-998C-5CFD5148130A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5F1EDE09-3692-468D-B5ED-EA078BF426AF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\cmw.exe | "{5F34EDB6-397F-428D-B016-4644CAD521AE}" = protocol=6 | dir=out | app=system | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{624827C8-ED77-49CB-B1EC-B3F37BCA855F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | "{630C09D3-37D1-4F2E-A989-7BDA58E446AD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{638F9811-FC24-4327-960C-5133A9523B1A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe | "{63A7295D-8509-467E-AA5A-06D0C5D808E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{69968A4D-3715-4DE2-B564-0EA6D09187BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe | "{6C047940-C9A7-4585-B813-21498C548A7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2 deathmatch\hl2.exe | "{6D6B08DB-43DE-4128-97F6-9482DBD32BB6}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{6D9CD24C-0E61-4308-8B43-E2B4382BFD40}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6DA4FE35-D0CE-4A60-B20F-2D1568DE8728}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe | "{6DDB256E-E3A9-4174-9A60-0A5CF320351A}" = dir=out | name=skype | "{6F8BBEFB-199E-4874-ABFD-9D1174067773}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6FA3F726-BF3D-40F9-B7B0-1AA83896F8D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2 deathmatch\hl2.exe | "{709FDF87-8270-4D5C-A33D-E64E978111DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe | "{7154E274-3CDE-4064-BEFD-6FF0C7E17ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe | "{724556EB-49C4-40BD-BEFE-B78BD80EFD2F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{7304012A-84D3-4164-985F-3622EFBDC196}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{76618DB5-49A4-4D65-86A8-06A6B7394D4F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\how do you do it\how_do_you_do_it\how do you do it.exe | "{76681238-0BB6-4F46-9331-24D0F7802C58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{76D89D96-0D08-4AD9-9420-939AF296B296}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\day of defeat source\hl2.exe | "{773DDE2A-E2D6-41A5-8516-4EA5E418BA5A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jedi academy\gamedata\jasp.exe | "{78889DA5-3915-47FE-B61F-7193AB6D19AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x64\eurotrucks2.exe | "{792C4E26-5846-45DF-96FB-FCE27D05D5E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{79A92AEA-10EA-449D-80A3-4643DCF93E2C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{79AA2D3B-FB5E-4179-BE7B-7E8A8D136258}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x64\eurotrucks2.exe | "{79DA4B9C-D4F8-47AD-9349-85B3F490D757}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe | "{81092031-6935-4640-BD4A-E0936D570003}" = protocol=6 | dir=out | app=c:\program files (x86)\omc modpack client\omc modpack client.exe | "{84DE90CC-106B-4596-BE65-915A050FCCB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\victoria 2\victoria2.exe | "{8559F572-1BF8-450D-A024-D2C27F9B1194}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{8A1960C7-BF71-476A-BE40-3FAA5C2B0EB8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe | "{8BD8C43E-CCD8-49FC-B785-A1C47BBFC152}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe | "{9102449F-F3E1-4239-A657-8608B2EDFBEF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe | "{958F71A3-0123-4690-98F3-F64069C1381F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{98D4BE44-25EC-47FA-8D78-4FAB489A7274}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | "{993263B4-14E9-444E-9880-606E27B76CF4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless legend\endlesslegend.exe | "{9C9A7217-2884-4C69-9715-C53B7B83AF83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{A780E9CA-42B0-43AC-938D-9A4B55C72299}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | "{A95E8D5D-7F46-4302-B6E7-08D42FEA4D36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | "{A9EE9883-8402-47FF-AF6B-EA609658E349}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{AAFF6E49-6997-4DB2-B9E0-F8893DDDB997}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{ADC9D9A5-C673-492F-B2FF-E0E3C18932E5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | "{B1C458F6-D2FA-4E31-A160-DD422613464E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless legend\endlesslegend.exe | "{B25D6DAF-8FAE-4D83-BA8C-05D72D0606B1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe | "{B4BEE244-46F4-488E-A332-F994D18CC7BA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe | "{B841DD4C-BD89-48B7-9DB1-85CFCB791E8A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\cmw.exe | "{B8ECFB8D-B820-4D23-8877-81599C3F7A14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gtavlauncher.exe | "{BAA69B28-0800-490F-9CD4-3EFCA199AC5B}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{BFA2B958-CB6F-4580-9169-2614C7C79F1B}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{C115A88D-341F-4F4C-86ED-288F36467B93}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\victoria 2\victoria2.exe | "{C60439EA-FB1A-4A39-861F-3A4F4425C78B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe | "{C99BA7B2-721B-4444-994E-8AC4F808184A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metal gear solid ground zeroes\mgsgroundzeroes.exe | "{CBE6B1C8-4DBF-413F-918E-28573C623645}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe | "{CC3AC08C-DC5A-4ECA-B279-59BF61A4B418}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | "{CCD2B491-029E-40AF-92A8-0A268A9FBC2F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CF4F1A26-2824-4858-9A43-7CDE30FD8DD5}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | "{D11FDB56-4E59-4272-89F5-1E83B85B3768}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{D56ED3AD-FFFF-45A5-8AE4-909351AB806B}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DE42B950-F1D0-4BE2-BF3F-D11CF277D5ED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | "{DE5F52FC-5469-48DB-9F79-AB81C9BED2CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe | "{DEF124B7-D88C-47B2-AD41-F49667A7BBF3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{E05F5007-834E-403B-8F55-5BD775D67ADA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row iv\saintsrowiv.exe | "{E16DA9CC-FB2C-4888-98EC-C1ED4DD8E88E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe | "{E4A15E00-13EE-4592-B897-B625BA29BF49}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tropico 5\tropico5steam.exe | "{E88CD393-CB77-48E8-A3D2-10225E88904E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe | "{EA7BE018-0B9C-41CF-A55A-6C20902BC804}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{EE88D7C4-C570-4077-BC3D-DF770305E144}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gtavlauncher.exe | "{F371775B-6A1D-4CE8-BBA4-6E213C5925B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | "{F3AC2E19-7F6B-496E-BED9-0B3072C69711}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{F7F83C17-C54D-4460-BB05-FA631072E27E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe | "{F90B8C63-B3C8-48C3-B319-B468F969ED42}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metal gear solid ground zeroes\mgsgroundzeroes.exe | "{FB1528CA-5E73-4B90-9CE1-1197FD3D8C5C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{FB3AD77D-41CA-4973-9D3F-454818E79F71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jedi academy\gamedata\jamp.exe | "{FB44992C-0578-4D59-8196-0AA7E9299799}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe | "{FBBF11A2-AE50-44DA-B2B3-C78C7AE60951}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe | "{FC2DB496-71AD-4413-A1FC-7B6907B9A703}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | "TCP Query User{08F89E55-0D5D-43CF-A021-15C8D12A3F5D}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | "TCP Query User{9C713196-7959-4BFA-A77E-C1DCEC93CBB6}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe | "TCP Query User{9EF3BA4E-F0BC-4A23-9E86-97D97235017B}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{AF58CC9A-55AA-44C8-8887-C421E60E3533}C:\games\world_of_tanks_ct\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks_ct\worldoftanks.exe | "TCP Query User{B7734FD4-42E2-4885-B1C6-727ECD85914D}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "TCP Query User{E47D66DF-4BD9-434B-98A8-43E3F71D9DE5}C:\program files\firestorm-releasex64\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\firestorm-releasex64\slvoice.exe | "TCP Query User{EE716D04-2305-44E6-967F-774ED6723344}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "TCP Query User{F65194C8-4BB8-44CB-ACAB-F31E098024C6}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe | "UDP Query User{404C7F40-1442-40E1-92FD-4F61480C74EB}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe | "UDP Query User{6BE51F36-5670-44D6-9F22-93D12AD8A277}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{7C7343C9-AE4A-4D1B-A0BD-5BA771791039}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "UDP Query User{8785BBC8-7D21-4B18-8990-0B4AED6C9852}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war thunder\aces.exe | "UDP Query User{9F10D903-D32D-42B4-BF95-B5560A29B969}C:\games\world_of_tanks_ct\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks_ct\worldoftanks.exe | "UDP Query User{CAB90784-F930-47DA-A4F9-2AE22B4B8A44}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe | "UDP Query User{E4778B44-C6BD-42D0-8B87-3595B75168D6}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{E9DAEED5-8B7C-4D81-AA0D-65525DA1C761}C:\program files\firestorm-releasex64\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\firestorm-releasex64\slvoice.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver do 3D Vision 350.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 350.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 350.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.4.1.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver de controle do 3D Vision 349.95 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.15.0324 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 2.4.1.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver de áudio HD 1.3.33.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio" = NVIDIA Áudio Virtual Miracast 350.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.4.1.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27 "{C2D4E056-EE19-4908-94C3-A23792BD3CEC}" = Firestorm SecondLife and OpenSim viewer "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 "6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager "CCleaner" = CCleaner "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1" = World of Tanks - Common Test "{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31 "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 "{39FEF436-D526-4829-ACF9-014874ABEFAD}_is1" = Napoleonic Wars Enhancement Pack "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4e154806-de7a-4300-b61e-bc0c3a4c5b43}" = Firestorm-Releasex64 x64 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 "{E2F3187C-2B94-486F-8914-E69211487FB6}_is1" = OMC ModPack Client Versão 1.2.5.0 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "7-Zip" = 7-Zip 9.20 "Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI "Cheat Engine 6.4_is1" = Cheat Engine 6.4 "DarthMod Napoleon" = DarthMod Napoleon "ESET Online Scanner" = ESET Online Scanner v3 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.1.6.1022 "Mozilla Firefox 37.0.2 (x86 en-US)" = Mozilla Firefox 37.0.2 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Rockstar Games Social Club" = Rockstar Games Social Club "ShiftWindow_is1" = ShiftWindow 1.02 "Steam" = Steam "Steam App 105600" = Terraria "Steam App 12120" = Grand Theft Auto: San Andreas "Steam App 203770" = Crusader Kings II "Steam App 206420" = Saints Row IV "Steam App 208580" = Star Wars: Knights of the Old Republic II "Steam App 211820" = Starbound "Steam App 218620" = PAYDAY 2 "Steam App 219640" = Chivalry: Medieval Warfare "Steam App 220" = Half-Life 2 "Steam App 22330" = The Elder Scrolls IV: Oblivion "Steam App 227300" = Euro Truck Simulator 2 "Steam App 230410" = Warframe "Steam App 236390" = War Thunder "Steam App 236850" = Europa Universalis IV "Steam App 240" = Counter-Strike: Source "Steam App 245620" = Tropico 5 "Steam App 250900" = The Binding of Isaac: Rebirth "Steam App 271590" = Grand Theft Auto V "Steam App 272510" = NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution "Steam App 289130" = Endless Legend "Steam App 300" = Day of Defeat: Source "Steam App 311340" = METAL GEAR SOLID V: GROUND ZEROES "Steam App 320" = Half-Life 2: Deathmatch "Steam App 340" = Half-Life 2: Lost Coast "Steam App 34030" = Napoleon: Total War "Steam App 353360" = how do you Do It? "Steam App 380" = Half-Life 2: Episode One "Steam App 4000" = Garry's Mod "Steam App 420" = Half-Life 2: Episode Two "Steam App 42960" = Victoria II "Steam App 440" = Team Fortress 2 "Steam App 48700" = Mount & Blade: Warband "Steam App 550" = Left 4 Dead 2 "Steam App 6020" = Star Wars Jedi Knight: Jedi Academy "Steam App 70" = Half-Life "Steam App 730" = Counter-Strike: Global Offensive "Steam App 8190" = Just Cause 2 "Steam App 8930" = Sid Meier's Civilization V ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1557431881-3636541786-3122483063-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 26/04/2015 23:48:08 | Computer Name = Kaz | Source = NvStreamSvc | ID = 133073 Description = Error - 27/04/2015 07:53:32 | Computer Name = Kaz | Source = SideBySide | ID = 16842830 Description = Falha na geração de contexto de ativação para "C:\Users\Kazuma\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error - 27/04/2015 07:53:37 | Computer Name = Kaz | Source = SideBySide | ID = 16842830 Description = Falha na geração de contexto de ativação para "C:\Users\Kazuma\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error - 27/04/2015 07:53:39 | Computer Name = Kaz | Source = SideBySide | ID = 16842830 Description = Falha na geração de contexto de ativação para "C:\Users\Kazuma\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error - 27/04/2015 12:04:17 | Computer Name = Kaz | Source = SideBySide | ID = 16842830 Description = Falha na geração de contexto de ativação para "C:\Users\Kazuma\Downloads\esetsmartinstaller_enu.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error - 27/04/2015 15:22:43 | Computer Name = Kaz | Source = SideBySide | ID = 16842830 Description = Falha na geração de contexto de ativação para "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Error - 27/04/2015 23:59:44 | Computer Name = Kaz | Source = NvStreamSvc | ID = 133073 Description = Error - 28/04/2015 05:14:37 | Computer Name = Kaz | Source = NvStreamSvc | ID = 133073 Description = Error - 28/04/2015 09:47:35 | Computer Name = Kaz | Source = NvStreamSvc | ID = 133073 Description = Error - 28/04/2015 12:29:48 | Computer Name = Kaz | Source = Application Hang | ID = 1002 Description = O programa LiveComm.exe versão 17.5.9600.20689 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID do Processo: 16a4 Hora de Início: 01d081cfd3949028 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe ID do Relatório: c772461f-edc3-11e4-826f-fcaa14f4e479 Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1 [ System Events ] Error - 19/04/2015 11:51:46 | Computer Name = Kaz | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070005: Microsoft.ZuneVideo. Error - 21/04/2015 10:57:37 | Computer Name = Kaz | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070005: Microsoft.ZuneVideo. Error - 22/04/2015 15:11:47 | Computer Name = Kaz | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80240055: Atualização do Windows 8.1 para sistemas baseados em x64 (KB3000850). Error - 23/04/2015 12:46:04 | Computer Name = Kaz | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070005: Microsoft.ZuneVideo. Error - 23/04/2015 13:00:41 | Computer Name = Kaz | Source = Service Control Manager | ID = 7009 Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service. Error - 23/04/2015 13:00:41 | Computer Name = Kaz | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro: %%1053 Error - 23/04/2015 22:40:48 | Computer Name = Kaz | Source = Service Control Manager | ID = 7009 Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service. Error - 23/04/2015 22:40:48 | Computer Name = Kaz | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro: %%1053 Error - 25/04/2015 00:10:39 | Computer Name = Kaz | Source = Service Control Manager | ID = 7009 Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service. Error - 25/04/2015 00:10:39 | Computer Name = Kaz | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro: %%1053 < End of report >