Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 8 / Firefox russische Po-ups behindern normales Surfen

Windows 8 / Firefox russische Po-ups behindern normales Surfen


Log-Analyse und Auswertung: Windows 8 / Firefox russische Po-ups behindern normales Surfen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.09.2015, 15:36   #1
cybercarsten
 
Windows 8 / Firefox russische Po-ups behindern normales Surfen - Standard

Windows 8 / Firefox russische Po-ups behindern normales Surfen


Hallo liebes Trojaner-Board Team,

der Windows 8 Laptop meiner Frau hat ein uebles (sorry, brasilianische Tastatur) Adware-Problem. Im Sekundenabstand erscheinen Pop-ups oder neue Fenster, meist von russischen Absendern. Alle Versuche mit Pop-up-Blockern, Ad-Blockern und Malwarebytes haben nicht wirklich geholfen. Ich habe die ueblichen Scans durchgefuehrt und poste sie hier:


Malwarebytes von heute:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 12/09/2015
Scan Time: 10:03
Logfile: MWB20150912.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.09.12.02
Rootkit Database: v2015.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Monica

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356644
Time Elapsed: 23 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-1, Delete-on-Reboot, [fa08121dfc8fe0565d3894f8d92bbb45], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-11, Delete-on-Reboot, [ae543ff07912de581085b4d808fc0000], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-2, Delete-on-Reboot, [f012e9464d3ee5512372b8d4c143af51], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-3, Delete-on-Reboot, [eb170926cebd10262e672c603fc5768a], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-4, Delete-on-Reboot, [c73be946f99276c0049159338f755fa1], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5, Delete-on-Reboot, [14eebd722e5dee48f69f810b6b99b44c], 
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5_user, Delete-on-Reboot, [2ed468c7acdff244a4f1a6e6b74df40c], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 4
PUP.Optional.InstallCore, C:\Users\Monica\AppData\Local\Temp\nsn2AEB.tmp, Quarantined, [56acb37c8ffc43f30ff75666a25f31cf], 
PUP.Optional.InstallCore, C:\Users\Monica\AppData\Local\Temp\ICReinstall_nsn2AEB.tmp, Quarantined, [7d85b6790e7d1f1744c2e7d58978a25e], 
PUP.Optional.APNToolBar, C:\Windows\Temp\7zSEB0D.tmp\Offercast346_AVG_.exe, Quarantined, [13efc768b1da6fc71d9efabe34cd847c], 
PUP.Optional.APNToolBar, C:\Windows\Temp\oc_F108\OCDLL.dll, Quarantined, [e81ae748b1dae84e16a52d8b9e63b749], 

Physical Sectors: 0
(No malicious items detected)


(end)
McAfee logfile:

Code:
ATTFilter
7/5/2014	5:19:13 PM	"C:\Users\Monica\AppData\Local\Temp\A298tmp\jfilemanagersetup.exe"	"Artemis!C27E418EE71E"	"2"

7/5/2014	5:19:21 PM	"C:\Users\Monica\AppData\Local\Microsoft\Windows\INetCache\IE\BERXUL82\JFileManagerSetup[1].exe"	"Artemis!C27E418EE71E"	"2"

7/5/2014	5:58:12 PM	"C:\Users\Monica\AppData\Local\Temp\is-S0HIC.tmp\dm.exe"	"Artemis!775CCF751159"	"3"

7/12/2014	7:30:09 AM	"C:\Program Files (x86)\v01BlockAndSurf\v01BlockAndSurfdY174.exe"	"Artemis!55BCF45239D2"	"3"

7/12/2014	7:30:11 AM	"C:\Program Files (x86)\v01BlockAndSurf\wdBlockAndSurfR.exe"	"Artemis!D72CA74E70B9"	"3"

7/12/2014	7:32:04 AM	"C:\Program Files (x86)\v01BlockAndSurf\v01BlockAndSurfdY174.exe"	"Artemis!55BCF45239D2"	"3"

7/12/2014	7:32:04 AM	"C:\Program Files (x86)\v01BlockAndSurf\wdBlockAndSurfR.exe"	"Artemis!D72CA74E70B9"	"3"

8/13/2015	9:55:33 AM	"E:\1818.lnk"	"JS/Downloader!lnk"	"1"

8/13/2015	9:55:34 AM	"E:\autorun.inf.lnk"	"JS/Downloader!lnk"	"1"

8/13/2015	9:55:34 AM	"E:\Prozesse.lnk"	"JS/Downloader!lnk"	"1"


GMER von heute:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-12 09:55:29
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002b WDC_WD5000LPVX-22V0TT0 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Monica\AppData\Local\Temp\pwldypod.sys


---- Kernel code sections - GMER 2.1 ----

.text    C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                                                                                                                                             fffff960001bf300 15 bytes [00, 0B, F2, 01, 00, 06, 6C, ...]
.text    C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                                                                                                                                                                                        fffff960001bf310 8 bytes [00, D7, FB, FF, 00, D3, CD, ...]

---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [664:688]                                                                                                                                                                                                                     fffff960008912d0
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [5204:5220]                                                                                                                                                                                              00007ffa89975aa0
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [5204:3432]                                                                                                                                                                                              00007ffa8a0812c0
---- Processes - GMER 2.1 ----

Library  c:\users\monica\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsn1f48.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580](2015-09-12 12:20:10)                                       0000000002f20000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)           000000006fe10000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30)                                                           000000004a900000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30)                                                         00000000057e0000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30)                                                           000000004ad00000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)        000000006f9f0000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000006f560000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580](2015-03-04 21:45:30)                                                                                        00000000734f0000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)        000000006c190000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)         000000006b010000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)          000000006adf0000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000006ab50000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            000000006ab20000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580](2015-03-04 21:45:30)                                                                                           0000000073950000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)  000000006a760000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)         000000006a720000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)   000000006a650000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580](2015-03-04 21:45:30)                                                                       0000000073960000
Library  C:\Users\Monica\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe [4580](2015-03-04 21:45:30)                                                                       0000000073350000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                                                       unknown MBR code

---- EOF - GMER 2.1 ----
FRST von heute:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
Ran by Monica (administrator) on MONICA (12-09-2015 09:30:39)
Running from C:\Users\Monica\Downloads
Loaded Profiles: Monica (Available Profiles: Monica)
Platform: Windows 8.1 Single Language (X64) Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Dropbox, Inc.) C:\Users\Monica\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\ARA.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3792598364-1687661706-653696805-1001\...\Run: [Dropbox Update] => C:\Users\Monica\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-07-27] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-12-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Monica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52812;https=127.0.0.1:52812
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 89.248.166.149 8.8.8.8
Tcpip\..\Interfaces\{7B40D5F3-8CB1-4B0F-AF03-7785EE67636D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BCA91B0F-7C70-41BA-A4FA-BAB10466C94F}: [DhcpNameServer] 89.248.166.149 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3792598364-1687661706-653696805-1001 -> DefaultScope {9398AD76-4E30-43A2-99DD-236C1B42E630} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR0D20140722&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3792598364-1687661706-653696805-1001 -> {9398AD76-4E30-43A2-99DD-236C1B42E630} URL = hxxps://br.search.yahoo.com/search?fr=mcafee&type=C011BR0D20140722&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-07] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-07-21] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-07-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-07-21] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\p4fqrnbh.default
FF Homepage: hxxp://www.google.com.br/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-07] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-05-01] (Nitro PDF)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Extension: Block site - C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\p4fqrnbh.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-06-07]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\p4fqrnbh.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-17]
FF Extension: Strict Pop-up Blocker - C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\p4fqrnbh.default\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2015-09-03]
FF Extension: Video DownloadHelper - C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\p4fqrnbh.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Adblock Plus - C:\Users\Monica\AppData\Roaming\Mozilla\Firefox\Profiles\p4fqrnbh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-01]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-25]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-07-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-16] (SurfRight B.V.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-07-21] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-05-01] (Nitro PDF Software)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-11-12] (The OpenVPN Project)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-07-21] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-12 09:30 - 2015-09-12 09:31 - 00021485 _____ C:\Users\Monica\Downloads\FRST.txt
2015-09-12 09:29 - 2015-09-12 09:30 - 00000000 ____D C:\FRST
2015-09-12 09:29 - 2015-09-12 09:29 - 02190848 _____ (Farbar) C:\Users\Monica\Downloads\FRST64.exe
2015-09-11 07:46 - 2015-09-02 23:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-11 07:46 - 2015-09-02 23:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-11 07:46 - 2015-09-02 15:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-11 07:46 - 2015-09-02 14:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-11 07:46 - 2015-07-22 11:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-11 07:46 - 2015-07-22 10:52 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-11 07:46 - 2015-07-17 11:15 - 00951296 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-11 07:46 - 2015-07-17 11:10 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-11 07:46 - 2015-07-09 13:14 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-11 07:46 - 2015-07-03 18:51 - 01380056 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-11 07:46 - 2015-07-03 11:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-11 07:46 - 2015-06-27 08:47 - 00118616 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-11 07:46 - 2015-06-19 14:07 - 02819072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-09-11 07:45 - 2015-07-13 16:10 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-11 07:45 - 2015-07-10 16:06 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-09-10 21:49 - 2015-09-10 21:49 - 00330240 _____ C:\Users\Monica\Downloads\TP4 present simple.ppt
2015-09-09 07:38 - 2015-08-26 23:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 07:38 - 2015-08-26 15:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 07:38 - 2015-08-26 15:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 07:38 - 2015-08-26 15:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 07:38 - 2015-08-26 15:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 07:38 - 2015-08-26 11:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 07:38 - 2015-08-26 11:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 07:38 - 2015-08-26 11:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 07:38 - 2015-08-26 11:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-09 07:38 - 2015-08-26 11:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 07:38 - 2015-08-26 11:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 07:38 - 2015-08-26 11:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 07:37 - 2015-07-30 14:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 07:37 - 2015-07-30 13:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 07:36 - 2015-08-22 15:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 07:36 - 2015-08-22 14:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 07:36 - 2015-08-22 14:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 07:36 - 2015-08-22 14:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 07:36 - 2015-08-22 14:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 07:36 - 2015-08-22 14:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 07:36 - 2015-08-22 13:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 07:36 - 2015-08-22 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 07:36 - 2015-08-22 13:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 07:36 - 2015-08-22 13:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 07:36 - 2015-08-22 13:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-09 07:36 - 2015-08-22 13:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 07:36 - 2015-08-22 13:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 07:36 - 2015-08-22 13:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 07:36 - 2015-08-22 13:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 07:36 - 2015-08-22 13:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 07:36 - 2015-08-22 13:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 07:36 - 2015-08-22 13:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 07:36 - 2015-08-22 13:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 07:36 - 2015-08-22 13:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 07:36 - 2015-08-22 13:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-09 07:36 - 2015-08-22 13:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 07:36 - 2015-08-22 13:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 07:36 - 2015-08-22 13:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 07:36 - 2015-08-22 13:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 07:36 - 2015-08-22 13:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 07:36 - 2015-08-22 13:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 07:36 - 2015-08-22 12:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 07:36 - 2015-08-22 12:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 07:36 - 2015-07-22 11:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 07:36 - 2015-07-22 11:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 07:36 - 2015-07-22 11:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 07:36 - 2015-07-22 11:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 07:36 - 2015-07-18 15:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-09 07:36 - 2015-07-18 15:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 07:36 - 2015-07-18 15:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-09 07:36 - 2015-07-18 15:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 07:35 - 2015-09-01 23:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 07:35 - 2015-09-01 23:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 07:35 - 2015-09-01 23:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 07:35 - 2015-09-01 23:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 07:35 - 2015-09-01 23:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 07:35 - 2015-08-03 18:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 07:35 - 2015-08-03 18:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 07:35 - 2015-08-01 11:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 07:35 - 2015-08-01 00:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-09 07:35 - 2015-08-01 00:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-09 07:35 - 2015-08-01 00:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 07:35 - 2015-08-01 00:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-09 07:35 - 2015-08-01 00:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-09 07:35 - 2015-07-14 00:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe
2015-08-27 19:18 - 2015-08-27 19:18 - 01734144 _____ C:\Users\Monica\Downloads\lesson3.ppt
2015-08-27 16:31 - 2015-09-12 09:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-20 20:42 - 2015-08-20 20:44 - 27555912 _____ C:\Users\Monica\Downloads\Luxury Lifestyle.avi
2015-08-19 04:52 - 2015-08-19 04:52 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-08-19 04:52 - 2015-08-19 04:52 - 00002028 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-08-13 22:50 - 2015-08-13 22:50 - 01279488 _____ C:\Users\Monica\Downloads\Quiz pronouns possessive.xls
2015-08-13 22:50 - 2015-08-13 22:50 - 00389632 _____ C:\Users\Monica\Downloads\regrets.pps
2015-08-13 22:49 - 2015-08-13 22:49 - 02560000 _____ C:\Users\Monica\Downloads\L1 pronouns.ppt
2015-08-13 22:49 - 2015-08-13 22:49 - 02560000 _____ C:\Users\Monica\Downloads\L1 pronouns.pps
2015-08-13 12:14 - 2015-07-30 11:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 12:14 - 2015-07-30 10:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 10:02 - 2015-08-13 10:04 - 00000000 ____D C:\backup SONY 4GB
2015-08-13 09:24 - 2015-06-11 17:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-13 09:24 - 2015-06-11 17:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-13 09:23 - 2015-06-12 14:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-13 09:23 - 2015-06-12 13:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-13 09:22 - 2015-07-28 20:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-13 09:22 - 2015-07-28 11:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-13 09:22 - 2015-07-28 11:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-13 09:22 - 2015-07-28 11:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-13 09:22 - 2015-07-28 11:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-13 09:22 - 2015-07-28 11:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-13 09:22 - 2015-07-28 11:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-13 09:20 - 2015-07-07 06:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-13 09:20 - 2015-07-07 06:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-13 09:20 - 2015-07-07 06:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-13 09:19 - 2015-07-14 18:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-13 09:19 - 2015-07-14 18:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-13 09:19 - 2015-07-14 18:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-21 10:36 - 2014-02-05 19:33 - 00000852 _____ C:\Windows\system32\Drivers\RTKHDRC.dat
2021-10-04 04:34 - 2014-02-05 19:33 - 00000712 _____ C:\Windows\system32\Drivers\RTMICEQ0.dat
2015-09-12 09:28 - 2014-07-02 17:12 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3792598364-1687661706-653696805-1001
2015-09-12 09:23 - 2014-02-06 00:45 - 00774900 _____ C:\Windows\system32\prfh0416.dat
2015-09-12 09:23 - 2014-02-06 00:45 - 00158494 _____ C:\Windows\system32\prfc0416.dat
2015-09-12 09:23 - 2013-11-01 08:36 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 09:22 - 2014-02-05 19:03 - 01228430 _____ C:\Windows\WindowsUpdate.log
2015-09-12 09:19 - 2014-07-02 17:10 - 00000000 __RDO C:\Users\Monica\SkyDrive
2015-09-12 09:17 - 2013-08-22 11:46 - 00032533 _____ C:\Windows\setupact.log
2015-09-12 09:17 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-12 09:17 - 2013-08-22 11:44 - 00362728 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-12 09:15 - 2014-07-05 18:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-12 09:15 - 2013-11-01 08:23 - 00874232 _____ C:\Windows\PFRO.log
2015-09-12 09:15 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-12 09:12 - 2013-08-22 16:12 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-12 09:12 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-12 09:11 - 2014-07-02 18:10 - 00000000 ____D C:\Windows\system32\MRT
2015-09-12 09:02 - 2015-07-31 10:18 - 00024145 _____ C:\Users\Monica\Documents\promotoria.odt
2015-09-12 09:01 - 2014-07-02 21:26 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-12 09:00 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-12 08:54 - 2014-07-02 19:15 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7A32C733-5B5E-4645-84DD-67B52D44E8A1}
2015-09-11 11:49 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-11 11:08 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-11 06:01 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-10 21:53 - 2014-07-20 08:02 - 00309248 ___SH C:\Users\Monica\Downloads\Thumbs.db
2015-09-09 07:15 - 2014-07-02 23:18 - 00000000 ____D C:\Users\Monica\AppData\Local\CrashDumps
2015-09-08 08:23 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2015-09-05 05:37 - 2014-09-10 14:33 - 00553984 ___SH C:\Users\Monica\Documents\Thumbs.db
2015-08-26 18:37 - 2014-07-02 18:10 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-23 17:18 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-19 04:52 - 2013-11-01 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-08-19 04:46 - 2014-07-02 17:09 - 00000000 ____D C:\Users\Monica\AppData\Local\clear.fi
2015-08-17 10:25 - 2014-12-13 11:18 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-17 10:25 - 2014-07-10 11:16 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-17 10:25 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-17 10:25 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-17 10:25 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-17 10:25 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-17 10:25 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 12:10 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 12:10 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 12:10 - 2013-08-22 12:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

==================== Files in the root of some directories =======

2014-11-26 17:39 - 2014-11-26 17:42 - 30896010 _____ () C:\Program Files\Passware Kit PRO.zip
2014-04-22 09:03 - 2014-04-22 09:03 - 123392946 _____ () C:\Program Files (x86)\openoffice1.cab
2014-04-22 09:01 - 2014-04-22 09:01 - 2310144 _____ () C:\Program Files (x86)\openoffice410.msi
2014-04-22 09:01 - 2014-04-22 09:01 - 0476160 _____ () C:\Program Files (x86)\setup.exe
2014-04-22 09:01 - 2014-04-22 09:01 - 0000279 _____ () C:\Program Files (x86)\setup.ini
2014-07-05 17:23 - 2014-07-05 17:23 - 0000266 _____ () C:\Users\Monica\AppData\Local\alwju.bat
2014-07-05 17:21 - 2014-07-05 17:21 - 0000266 _____ () C:\Users\Monica\AppData\Local\bncpb.bat
2014-07-05 17:18 - 2014-07-05 17:18 - 0000266 _____ () C:\Users\Monica\AppData\Local\ikuwyceg.bat
2014-07-05 17:25 - 2014-07-05 17:25 - 0000266 _____ () C:\Users\Monica\AppData\Local\isnpkup.bat
2014-07-05 17:31 - 2014-07-05 17:31 - 0000266 _____ () C:\Users\Monica\AppData\Local\lindinsi.bat
2014-07-05 17:19 - 2014-07-05 17:19 - 0591320 _____ (ClickMeIn Limited) C:\Users\Monica\AppData\Local\nspEA15.tmp
2014-07-05 17:27 - 2014-07-05 17:27 - 0000266 _____ () C:\Users\Monica\AppData\Local\timyfs.bat
2014-07-05 17:29 - 2014-07-05 17:29 - 0000266 _____ () C:\Users\Monica\AppData\Local\tyeljw.bat
2014-02-05 19:33 - 2014-02-05 19:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Monica\AppData\Local\Temp\8EDA.exe
C:\Users\Monica\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsn1f48.dll
C:\Users\Monica\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Monica\AppData\Local\Temp\nitro_reader3_64.exe
C:\Users\Monica\AppData\Local\Temp\octC2DF.tmp.exe
C:\Users\Monica\AppData\Local\Temp\Quarantine.exe
C:\Users\Monica\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-01 07:33

==================== End of FRST.txt ============================
FRST Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by Monica (2015-09-12 09:32:48)
Running from C:\Users\Monica\Downloads
Windows 8.1 Single Language (X64) (2014-07-02 20:07:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3792598364-1687661706-653696805-500 - Administrator - Disabled)
Convidado (S-1-5-21-3792598364-1687661706-653696805-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3792598364-1687661706-653696805-1003 - Limited - Enabled)
Monica (S-1-5-21-3792598364-1687661706-653696805-1001 - Administrator - Enabled) => C:\Users\Monica

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírus e antispyware da McAfee  (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírus e antispyware da McAfee  (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.04.2004.0 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-3792598364-1687661706-653696805-1001\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.9.43466 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-3792598364-1687661706-653696805-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Ferramentas do Visual Studio 2005 para Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4113 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.115 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-GB)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Nitro Reader 3 (HKLM\...\{E5660852-CBDA-4C17-9475-C0C0E5A4CFB4}) (Version: 3.5.3.14 - Nitro)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
OpenOffice 4.1.0 (HKLM-x32\...\{28B88897-774A-4005-BBFF-663B1F8EAA5A}) (Version: 4.10.9764 - Apache Software Foundation)
Passware Kit Professional 12.3 (HKLM-x32\...\{FFFF4FFA-3CC9-4EC1-845A-8B24027820E3}) (Version: 12.3.6332 - Passware)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3792598364-1687661706-653696805-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monica\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

20-08-2015 17:36:08 Windows Update
31-08-2015 07:12:32 Windows Update
08-09-2015 15:27:34 Ponto de Verificação Agendado
12-09-2015 09:06:37 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 10:25 - 2015-08-11 14:54 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1	mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F27EC7E-E8F1-4D6C-88D1-DBB19477BD39} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-11 -> No File <==== ATTENTION
Task: {10F98876-4BA0-4BA8-9E98-B7F46BDAD16F} - System32\Tasks\lindinsi => C:\Users\Monica\AppData\Local\lindinsi.bat [2014-07-05] ()
Task: {190DC44D-8E22-45F9-A675-5D78CA06A748} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5_user -> No File <==== ATTENTION
Task: {202B0A4E-918B-4043-93A7-D81700F16E24} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-08-13] (Acer)
Task: {2BF73531-0812-442F-9C20-298864C2A821} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {2EA1FE73-FE03-4AF7-97F8-A58AB7D291F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {335486A0-07A8-44F5-A129-987F88214A7D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {3C7020F0-4BDB-4AA4-B34C-808F90E2F5E7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {3F365E5C-C7BB-40F1-B0A1-6549DCE46748} - System32\Tasks\ikuwyceg => C:\Users\Monica\AppData\Local\ikuwyceg.bat [2014-07-05] ()
Task: {57493D84-9C8E-4615-9641-B22D812C6F75} - System32\Tasks\isnpkup => C:\Users\Monica\AppData\Local\isnpkup.bat [2014-07-05] ()
Task: {5BACF658-2447-4EE9-BD6B-67A1EF12175A} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-5 -> No File <==== ATTENTION
Task: {5E558A77-EABC-48A8-907C-A2856FA13AA3} - System32\Tasks\timyfs => C:\Users\Monica\AppData\Local\timyfs.bat [2014-07-05] ()
Task: {646B7114-B6C8-4ED3-BF80-743BA8FDB6FD} - System32\Tasks\tyeljw => C:\Users\Monica\AppData\Local\tyeljw.bat [2014-07-05] ()
Task: {65C76B99-C017-47DD-AAC9-1E3C75D833A9} - System32\Tasks\alwju => C:\Users\Monica\AppData\Local\alwju.bat [2014-07-05] ()
Task: {70FDF72B-6D2F-4B0E-8BFF-03C2957AD54A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {7124E938-5E16-4442-B98D-EC5187990663} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {72D0B9F4-8143-4B6F-87C3-D306AF544271} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {75412B3F-992A-4759-9CB7-64225A7FB2BD} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-1 -> No File <==== ATTENTION
Task: {8831CF92-CBD4-45E3-A388-BA52CCB27FC4} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {98D21829-3B98-48A1-894F-6A625F8CCFC3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {9BD3C0E8-3784-4E29-BF6B-77845CB8110D} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-2 -> No File <==== ATTENTION
Task: {A1775910-CDE8-43B3-9ED4-203C04B24E14} - System32\Tasks\bncpb => C:\Users\Monica\AppData\Local\bncpb.bat [2014-07-05] ()
Task: {A304EFB4-FE0F-45F7-8AFD-B62CF6EDE5B6} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-3 -> No File <==== ATTENTION
Task: {C16458BF-446D-469A-83E4-AB0E7F682EF5} - \1f5d2935-6b05-42ef-8e38-deefb0fb7fd7-4 -> No File <==== ATTENTION
Task: {D3DFA619-5149-4796-AC2D-BF89A73E4E9A} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {E5B91C5B-4900-4DB1-8BE0-51E7B7AB1DC6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {E8CFD0D5-62DF-4B73-B28B-6925F60E0925} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3792598364-1687661706-653696805-1001Core.job => C:\Users\Monica\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-09-07 00:48 - 2013-09-07 00:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 00:45 - 2013-09-07 00:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-07-27 17:46 - 2015-07-27 17:46 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-09-12 09:20 - 2015-09-12 09:20 - 00043008 _____ () c:\users\monica\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsn1f48.dll
2015-03-04 18:45 - 2015-03-19 04:15 - 00750080 _____ () C:\Users\Monica\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 18:45 - 2015-03-19 04:15 - 00047616 _____ () C:\Users\Monica\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 18:45 - 2015-03-19 04:15 - 00865280 _____ () C:\Users\Monica\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 18:45 - 2015-03-19 04:15 - 00200704 _____ () C:\Users\Monica\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-02-05 19:26 - 2013-09-03 20:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-07-27 07:26 - 2015-07-27 07:26 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 16:08 - 2015-07-23 16:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-07-23 15:56 - 2015-07-23 15:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-08-13 20:48 - 2015-08-13 20:48 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-08-13 20:48 - 2015-08-13 20:48 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Monica\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Monica\Documents\Anderson pedido.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\Anderson pedido.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\autoriracao rateio 13 salario.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\autoriracao rateio 13 salario.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\Hotel pagamento.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\Hotel pagamento.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\OAB curso.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\OAB curso.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\Processo Anarilda Wellington.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\Monica\Documents\rateio 13 salario.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\rateio 13 salario.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\T03 attendance 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\T03 attendance 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\T03 attendance 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\T03 attendance 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\T03 QT.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\T03 QT.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\T03 schedule.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\T03 schedule.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\Thyssen boleto.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\Thyssen boleto.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Monica\Documents\Vienna Freud.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Monica\Documents\Vienna Freud.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3792598364-1687661706-653696805-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 89.248.166.149 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{868B7A9A-3771-488A-953B-F26B35463F52}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A6AAD695-9D85-43D8-8EF1-840D0D7225E8}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{D424EB46-FD6A-42B8-BF84-BAE5582EB53B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{878298F0-B10E-41D2-B924-10795C559E21}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{A95C9EAB-BCAF-487E-A78E-91A41FF59D77}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5A01F964-4C54-4E28-A134-8B7737552A6C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5EB92DF1-D48E-476E-96D6-9EF4B001E2CD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{2882398B-6DF1-48C4-AD47-B83295F56AA7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{FFC1E2C4-C418-46D0-A9A6-704C2392E609}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{6DDB21F3-ADF3-4784-8261-85C4EDA81B72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{AFAB4A6E-22ED-48DD-86FE-5BD3DDA901D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{63611343-3981-4AB1-8B24-BD730C4B4616}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{638023C5-0CE1-460B-8E2B-27E1323D5745}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{7B8F9CDC-8B63-46E8-8B9C-9B41C5F71BCE}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F61E21B8-A811-4390-8C48-F76709C647B4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{32CB50FA-5ECE-4CE2-809A-62EEAD42AD73}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{D26B9193-3F07-4625-8CEA-AE17F9E69ABB}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{7F4E1D66-B2BB-4F19-AC59-0A323EE6CDA3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{6A840E65-DA1B-429A-AF4F-73BE8B951184}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{271879EF-7A48-4758-BC5F-538D9F33B421}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{A875F548-50CF-42D6-BC9C-E20F305F33B4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{B5E3560E-AD87-44E5-959D-792E2648C3F4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{0A663979-5B49-4EB1-9654-114059C55B1D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{4B3D8C37-3C44-43BD-9BF5-BD7436DDC9C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{2FA47325-1091-4631-949D-6C9E8250C8DC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{7F7C622A-1DA4-4592-AB73-BF3AE172A9C4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{264CADAA-C8EB-4F77-8D5B-594862727558}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{056F5CE8-5D3B-4A98-8598-860442AF70D8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{2CF087A2-0A94-4B1F-BF9E-E981076CF396}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{881BD0AC-6A1A-4B2A-BFB0-F082B355D0A5}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{0222F0C9-A388-4D48-9915-50C5FCCB1142}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{C2251342-C52A-4761-943B-C3F3754AA2BD}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{2CAD4F62-82BD-4EA4-AF23-3F27A35C56E0}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{D170B7FF-9CB2-40AE-ADFE-12DAFF0D6B0F}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{A2C5235E-F22F-440B-83BA-4904F19D3E6A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{3A3BA756-49D5-4155-ABA4-294F4B07B8DB}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{5B123DF9-9854-452A-9373-637B53F5C6A5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{FAB3BB80-2F01-4864-9FC1-AFD08D68C346}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{97AEFD6C-C061-4DC0-B147-0337EA7112B6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{3016371D-2ED5-44FE-BF84-004194B3F1BA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{8E4DA2B1-732A-424C-97BD-35EF3D105D5E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{F5D63344-8AD3-4DED-A560-E2D440E6DFF2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{1FAEED5E-6B1F-4F0F-A11E-BCE5B072BC4D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{F676DF36-0BDF-4856-B392-1F6A6306A90B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{4EC186E5-B7C0-4F15-BC32-C651A7A227AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F4D1FF55-E8CA-41D6-86D6-A6EF82A19AC9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9E74EFCD-9DFA-4F18-BF63-D1FFD2C71BE6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2279D5BE-86C8-4937-A4A0-9BAC04524933}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C6CC19CE-1B50-436B-B62E-7726F68F04EB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{CF1E157F-3F22-4462-8C4D-D3AB28319EFC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6F4A818D-11AC-4593-BE86-CD9E64036F6F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{AD378EB5-2202-4560-9DBF-BE2235558B64}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{8389B775-3C41-47F4-BFF9-990CC3A4A27F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{22F5B9FD-CE76-457B-A7E7-0496E8A080FC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{06F4BBC1-CB61-4B40-B1A7-D194A99EE9C6}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{0700FB97-8510-4857-A77D-0FF68F36D201}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1C8272E6-B760-4020-A911-A4225A882F08}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{2CB13FF8-B673-44D5-9024-6FE67FC564E2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{ACD2B40B-E57F-434A-AC4B-380600317282}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{7A22DA6B-9407-4BB2-A534-2E62B3333879}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8FB30E29-BE65-442D-A164-C99A40612211}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{93241890-2DF0-445D-B4FA-4D271080442F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{038E517A-F8C2-470B-B57D-3A67ED609DD7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{444045C5-0F26-48C0-90FE-A678CAD420FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2683B2DC-283B-4E09-856A-1DF0CFB54C0B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B5C97B80-385A-4971-9BBA-50A2A50A5070}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3D7D96BA-3AA9-4A42-972F-CBD7D0CCCA96}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8234C44A-6F09-4519-B0BF-F57B46BE901E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9770236A-BBB4-449A-A3AC-543E9E723327}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6972A28D-638B-4845-B421-D43C05E704E9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{91D29E93-0FCC-422E-99DA-A79140AE1667}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{886C925C-7B24-4A60-BD0E-EEDB00A68225}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{8D6295D0-7866-4DFA-A082-CA65672C83E7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{7D2507BC-57AB-463B-89F1-03C38F0873FB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{57BFAAEA-4599-4C09-A63D-973848853C49}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{F100F530-C53E-42F0-90E2-0A00FE65B221}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{685E26CF-218D-4DAE-8FC4-E00A50FFCDDC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{CF53BECB-D4BE-44C9-9591-3ACC9D266C14}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{5ED27DD8-EEA6-4F8D-AD5C-922D2BFF0EBE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D370543C-6A16-44D1-8B83-1E728FC7A876}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{612263E9-0C35-426F-8083-D1ED98DAF474}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2C80D9B6-D082-4612-99CA-5DD1B8E6DFC1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B3A3E02C-117C-4FCF-B66D-6C5ADB6173EE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E78972D7-698C-4FF9-B87A-8749A733DC17}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FF7E2908-103A-4E7D-8763-6941211D8D12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F2530216-9564-4763-A2F4-3537C299A6F6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{04FB3D35-2674-47B4-BE20-BD5B46B49E50}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{614F8E57-FE70-4652-B4E3-2C0F6CDF5739}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{82E064D5-5985-46B1-9995-D310F28E8076}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{8FCAFA1A-BE1D-4F93-8FB8-C4EF2208262B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4716CF87-62DD-4E66-9F84-3A1252EEF3E6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F00DC467-E3CE-484D-B87A-BDA039004679}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F0EEBE2B-9CFF-4337-865E-164A9A4FC8D6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{FBB3B59A-13F5-4C37-BAAA-31BD77C39EDE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F5A9BDA5-972F-4680-9A57-C6C7E5BEF745}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{ED219CD8-B7F4-46B3-800F-55977BE9C13D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{BA2904AB-57F3-49BB-BA1E-4C238121F382}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{160DB14B-29FA-4EB2-A46D-FF04AA303BA3}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CEFA2315-3CC7-46B4-BFCF-FF59B24E2844}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{EECC0A66-53B6-4BCD-9EDE-C0E6AB6058DE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4BEE438A-6861-493F-8737-3E59DC612532}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A5F84365-CD3A-4345-BE30-964F9895C84A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9003A799-4235-4EC3-A690-BAF8ABA96904}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{39E9D626-5AC1-4CF7-8827-B513DFE1BD92}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE91CDFA-135E-40E5-B749-5DDD1F1F1C57}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{29EB3C1B-5984-409F-AA31-EB7CCC6E7C3E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2B959876-CCEC-483D-9D0B-99C554E8EEA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ADDC36D1-3BC3-4331-B203-79FF78B41363}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C4E85C84-3E6B-4A46-BCB2-390C7A2C693D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{15A450DC-F5F0-445B-922D-37178C84A1F4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{00739B69-4133-4732-BC0B-B69FEA83A3AC}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1AB3ADFD-6866-4A29-835F-5C0D6FBE82D9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{46C7447C-39F5-4287-8107-994462357174}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{68C09A72-EA71-4620-8AB9-9CF7B97163EB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D886B5EA-451F-4801-9519-16EF06E75BDF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{45EA03A1-39C3-4083-B316-6EC6C07AC412}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D39A378B-4A54-48DB-B41D-C334F9AB5EA5}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1980E542-94C0-4EAE-9CC9-0A871EF578D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1D9E7D51-8AA8-4A8D-99FA-A62E1F7223A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{234B63DB-8DED-4871-98A9-5FB35E8AB5D9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{843BD66B-380A-46C3-BFAC-FA82DA339C93}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CBF13F81-8203-4E17-A9B3-C14F75432A12}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6E2A65D0-A024-4CDA-850A-B28669B99A19}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{98C1FBFA-5169-457C-8EE7-387A8575C8BF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0FD41A76-F6B7-4767-98D4-5914EFB66306}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{34048F8F-F478-4A74-9718-FF1610241DA9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{57654119-2702-465E-80E5-4CB43E65B70C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EAAA15AE-9E70-444F-B269-9759106964B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{92C29F6D-B7B9-4963-9688-2D4A4B8E91B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BF909D9A-7318-409B-A9E0-96251AE4F4EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{25165BEB-8831-44AE-94F7-04E63AC557BE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1FF89E06-E3D8-4F4C-9D22-178FB064230E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D17D0F0C-1682-4110-A155-5A41DF9ED29A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9EBFAC6F-0CAF-48CA-AA97-333D7C2D4938}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CA0E8A63-E719-4752-A9E4-71A15DDE947D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{104DD35D-B51D-4BAA-9726-B9A39C127331}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7EB9F81C-B115-4A0E-A40B-E581A2B5B5E0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4EDF515A-50B7-42B9-95D4-91A2CACEF970}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{060CCC52-5D31-423F-97EE-DD1F50DB9207}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F85AAB0A-23D6-4211-9191-F53D285943FF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{24FF1F92-A5F3-47C3-B4E6-BED468492F7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1D00E5ED-E5A7-486F-94F7-ED0ED89A602A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{189B56B7-4FE7-47A9-B931-172C20521781}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CDD4EB2E-1A13-479C-83C7-C1D8C99F7189}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A9EC8D8E-C19F-4783-A150-A89730851788}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CAB33BC2-FD46-4C71-A5D2-010F0B2BA551}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7F13B5D7-4FB2-436E-93C3-73080A7DE93A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{FC533484-050E-4C32-BEDB-0F4741192172}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7A113C14-FB2D-48FA-A939-7DE943C919FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{905D5849-95E3-42BC-9617-DC9FF9A50361}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8D9A61CD-8E78-4300-9FC3-5F27A6A610B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{833BAB7B-BC2C-4F06-8D63-6A8712537300}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7287617E-667D-4D36-B663-B1F99E419489}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{94070D7F-AE25-461D-AE0A-1F209B3B5DE4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C8BC8BD8-D798-4AD8-9D34-60FBBA0D0179}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9D15EA70-380E-4686-AC9B-1AD9BD4B2419}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{18073016-80E2-42EA-B85B-466A210E6D03}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1F4A9B5D-FB01-4BC5-B8B6-0FC292D7A05B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1A150557-92DC-46F6-A8F2-A85DB8CD3879}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5087AF7-073B-472C-AF75-C9E8C7C60801}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F9268F4C-9F01-4B47-B0CE-1A1A88C6DEBD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D33E1BA3-22DD-4091-B2AF-30E43D08B846}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1191310D-F2CF-427D-9870-C7843DB84195}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{87875759-C885-402D-BF81-9F6A74572B7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0FE9765C-D2FF-4818-A281-B9C1826EA8DD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1243B007-30CB-4DA1-A6D4-147A1AA6C82E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B018C30F-5165-463B-B243-062D2D205A69}] => (Allow) C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C45897A4-9942-4F52-B946-6E033E94FC3B}] => (Allow) C:\Users\Monica\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C2A47498-54C7-44ED-A478-9BC724B68C08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4777003E-414E-4417-ADBA-8600DF122FFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8104A464-0F0B-4E34-98F5-C44CF0708000}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9CE2C813-1630-47B7-8514-6AAF28450A2B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A1F121C8-0EAB-4CE7-AFBA-0234F9ADD152}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E9389FCD-1666-45C1-B1F1-3A75C359C72B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1400EEFF-93A1-461E-BB5A-9F615925EF43}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E8411286-9287-4B14-A007-8928409C6DE1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{00ACE80B-B41E-40EA-A5AB-63DC18D9D38D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BB3EE62A-E19E-48A3-82E7-1822EF4DDA23}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FF337B5E-C496-4CF2-8DDD-42BEEB2C676E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{539AE13C-2A09-4D31-8435-03796A5EFFBB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{02725209-B52B-4FD8-95B7-F47EBB74C4FA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E76BB129-CB61-4859-9D98-39117ED1CBA5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{85A069C5-6126-4EAA-ACFD-F71E85E982D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{228056C2-F0F7-4FCF-95CC-E5600DC1EEBB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E46781D7-673C-458F-B0CD-8CF7E28F8E27}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ADF5616A-5CAC-4D48-B810-18E8DD5CDAB5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AF70E296-0309-4620-B0F5-08AF6BED84C2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7CCE9F97-6071-4615-B7BF-7BAFAFA41EB1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DAF19E82-8327-4CDF-BEFD-D7B1FCC1A8F1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1CB80860-C3B8-416F-98BF-9FFBE1C8686F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0151F974-6D55-4DC9-9913-57A9CBB8DA16}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C58C7261-76D6-4702-90F7-5F0B1AA00EA5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{35BA0E5E-7F9B-45AC-B373-7B014348F88E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9AEB76F9-80A0-40CA-BC6C-5CD90484EF08}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5EABFAD5-DA21-4E2B-88CE-174E2664F3E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8E9E513A-1E8F-4E19-A64B-4849F1D1DA13}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C9CB7D8F-F87D-443D-9D50-BCA7CF29B428}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{48CE8CCC-8D73-456D-8FDE-9C34A2935419}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0B58342A-456E-4A41-91B6-18E808C9CAC8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E9E5B267-FD06-40FB-BF26-EDA91EE15C0D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5F3698CC-1BEF-4E1E-BEDD-31601C2D4A49}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DAF5F63E-024F-42C7-A6BA-1855AAD76394}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5B81A66D-8964-4375-B2B3-C6B952714502}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{51A141CB-9FB1-4E57-9F47-E8D6215A6288}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2B5C90E7-C17B-4E37-81B4-DB1F777C331D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B1176B39-D0DC-43A9-8656-AF74E50F6B24}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F3AF57C1-D0DD-471B-BA62-374B1810C984}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{978766D4-FB84-47B9-AEAF-686AC264DA75}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2015 08:54:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: plugin-container.exe, versão: 40.0.3.5716, carimbo de data/hora: 0x55ddb213
Nome do módulo com falha: mozglue.dll, versão: 40.0.3.5716, carimbo de data/hora: 0x55dda062
Código de exceção: 0x80000003
Deslocamento da falha: 0x0000e250
ID do processo com falha: 0x2174
Hora de início do aplicativo com falha: 0xplugin-container.exe0
Caminho do aplicativo com falha: plugin-container.exe1
Caminho do módulo com falha: plugin-container.exe2
ID do Relatório: plugin-container.exe3
Nome completo do pacote com falha: plugin-container.exe4
ID do aplicativo relativo ao pacote com falha: plugin-container.exe5

Error: (09/11/2015 11:47:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa LiveComm.exe versão 17.5.9600.20911 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 2fa8

Hora de Início: 01d0ec9ff7df1d49

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID do Relatório: eeff97cf-5893-11e5-82ac-201a0657a1d6

Nome completo do pacote com falha: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/11/2015 10:05:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: saUpd.exe, versão: 4.0.1.115, carimbo de data/hora: 0x55ae713e
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.17936, carimbo de data/hora: 0x55a68e0c
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f1280
ID do processo com falha: 0x27c4
Hora de início do aplicativo com falha: 0xsaUpd.exe0
Caminho do aplicativo com falha: saUpd.exe1
Caminho do módulo com falha: saUpd.exe2
ID do Relatório: saUpd.exe3
Nome completo do pacote com falha: saUpd.exe4
ID do aplicativo relativo ao pacote com falha: saUpd.exe5

Error: (09/11/2015 09:33:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: saUpd.exe, versão: 4.0.1.115, carimbo de data/hora: 0x55ae713e
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.17936, carimbo de data/hora: 0x55a68e0c
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f1280
ID do processo com falha: 0x2838
Hora de início do aplicativo com falha: 0xsaUpd.exe0
Caminho do aplicativo com falha: saUpd.exe1
Caminho do módulo com falha: saUpd.exe2
ID do Relatório: saUpd.exe3
Nome completo do pacote com falha: saUpd.exe4
ID do aplicativo relativo ao pacote com falha: saUpd.exe5

Error: (09/11/2015 06:19:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/10/2015 02:51:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/10/2015 09:22:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/09/2015 07:59:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/09/2015 07:58:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: saUpd.exe, versão: 4.0.1.115, carimbo de data/hora: 0x55ae713e
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.17936, carimbo de data/hora: 0x55a68e0c
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f1280
ID do processo com falha: 0x2d18
Hora de início do aplicativo com falha: 0xsaUpd.exe0
Caminho do aplicativo com falha: saUpd.exe1
Caminho do módulo com falha: saUpd.exe2
ID do Relatório: saUpd.exe3
Nome completo do pacote com falha: saUpd.exe4
ID do aplicativo relativo ao pacote com falha: saUpd.exe5

Error: (09/09/2015 07:37:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: saUpd.exe, versão: 4.0.1.115, carimbo de data/hora: 0x55ae713e
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.17936, carimbo de data/hora: 0x55a68e0c
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f1280
ID do processo com falha: 0x2678
Hora de início do aplicativo com falha: 0xsaUpd.exe0
Caminho do aplicativo com falha: saUpd.exe1
Caminho do módulo com falha: saUpd.exe2
ID do Relatório: saUpd.exe3
Nome completo do pacote com falha: saUpd.exe4
ID do aplicativo relativo ao pacote com falha: saUpd.exe5


System errors:
=============
Error: (09/12/2015 09:29:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/12/2015 09:14:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço mfemms.

Error: (09/11/2015 09:29:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/10/2015 09:27:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/09/2015 07:20:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/08/2015 10:42:19 AM) (Source: DCOM) (EventID: 10010) (User: MONICA)
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (09/08/2015 06:29:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/07/2015 07:05:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/06/2015 06:36:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1

Error: (09/05/2015 05:34:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Detecção de Serviços Interativos terminou com o erro: 
%%1


Microsoft Office:
=========================
Error: (09/12/2015 08:54:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.3.571655ddb213mozglue.dll40.0.3.571655dda062800000030000e250217401d0e89e4d0c1ce4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dllfc8d60c0-5944-11e5-82ac-201a0657a1d6

Error: (09/11/2015 11:47:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.209112fa801d0ec9ff7df1d494294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exeeeff97cf-5893-11e5-82ac-201a0657a1d6microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (09/11/2015 10:05:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: saUpd.exe4.0.1.11555ae713entdll.dll6.3.9600.1793655a68e0cc000037400000000000f128027c401d0ec9264f4d8c2c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exeC:\Windows\SYSTEM32\ntdll.dlld3e9bbf6-5885-11e5-82ac-201a0657a1d6

Error: (09/11/2015 09:33:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: saUpd.exe4.0.1.11555ae713entdll.dll6.3.9600.1793655a68e0cc000037400000000000f1280283801d0ec8e0c5a180cc:\PROGRA~2\mcafee\SITEAD~1\saUpd.exeC:\Windows\SYSTEM32\ntdll.dll5f5c1815-5881-11e5-82ac-201a0657a1d6

Error: (09/11/2015 06:19:37 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/10/2015 02:51:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/10/2015 09:22:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/09/2015 07:59:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (09/09/2015 07:58:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: saUpd.exe4.0.1.11555ae713entdll.dll6.3.9600.1793655a68e0cc000037400000000000f12802d1801d0eaee610f9be3c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exeC:\Windows\SYSTEM32\ntdll.dllb88ad6ee-56e1-11e5-82ac-201a0657a1d6

Error: (09/09/2015 07:37:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: saUpd.exe4.0.1.11555ae713entdll.dll6.3.9600.1793655a68e0cc000037400000000000f1280267801d0eaeb4e9ab877c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exeC:\Windows\SYSTEM32\ntdll.dllbd8acb64-56de-11e5-82ac-201a0657a1d6


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) 2955U @ 1.40GHz
Percentage of memory in use: 44%
Total physical RAM: 3976.27 MB
Available physical RAM: 2210.18 MB
Total Virtual: 6280.27 MB
Available Virtual: 4225.64 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:447.69 GB) (Free:400.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3FB2AF5E)

Partition: GPT.

==================== End of Addition.txt ============================


Ich hoffe, ihr koennt mir helfen, die Plagegeister wieder loszuwerden.

Viele Gruesse,
Carsten

 

Themen zu Windows 8 / Firefox russische Po-ups behindern normales Surfen
antispyware, avast, avg, browser, defender, device driver, dnsapi.dll, explorer, firefox, flash player, homepage, installation, launch, mozilla, realtek, rundll, security, services.exe, siteadvisor, software, svchost.exe, symantec, system, tastatur, temp, udp, webadvisor, windows, windowsapps, wlan


« Windows 8: Adobe Flash Player Script Fehler bei GMX | WIN 7 Warnmeldung Dateipfad Windows\system32\config\systemprofile\Desktop nicht verfügbar »


Ähnliche Themen: Windows 8 / Firefox russische Po-ups behindern normales Surfen


  1. Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet
    Log-Analyse und Auswertung - 27.10.2015 (6)
  2. Windows 7 Starter: Popups und Werbung via best offers in Firefox trotz Adblock Plus machen Surfen unerträglich
    Log-Analyse und Auswertung - 22.06.2015 (11)
  3. Windows 7: Webseiten werden auf Russische Werbung umgeleitet.
    Log-Analyse und Auswertung - 06.04.2015 (14)
  4. Ständig Werbebanner beim Surfen mit Firefox
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (17)
  5. Windows 8: Trojaner mit blauen Links und grünen Pfeilen beim surfen mit chrome und firefox
    Log-Analyse und Auswertung - 11.11.2014 (17)
  6. Deal Finder Firefox stört beim surfen wie löschen?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (17)
  7. Lästiges leeres Overlay beim Surfen mit Firefox
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (21)
  8. Musik im Hintergrund beim Surfen im Internet ( Firefox 20.0.1 )
    Log-Analyse und Auswertung - 30.04.2013 (21)
  9. Trojaner auf dem PC meiner Cousine, Reicht normales entfernen?
    Antiviren-, Firewall- und andere Schutzprogramme - 06.12.2012 (1)
  10. Surfen geht sehr langsam IE oder Firefox
    Plagegeister aller Art und deren Bekämpfung - 30.10.2012 (2)
  11. BKA Virus Infektion angeblich durch Surfen auch mit Firefox ?
    Plagegeister aller Art und deren Bekämpfung - 10.02.2012 (1)
  12. Studie: Teure Tarife und Sicherheitsbedenken behindern mobiles Shopping
    Nachrichten - 06.02.2012 (0)
  13. Internet Explorer öffnet russische Seiten und Windows dienste werden immer beendet
    Log-Analyse und Auswertung - 08.01.2011 (37)
  14. Beim surfen plötzlich eine Virenmeldung von Firefox
    Log-Analyse und Auswertung - 22.10.2009 (8)
  15. Firefox öffnet automatisch neue seiten beim surfen...
    Plagegeister aller Art und deren Bekämpfung - 07.11.2007 (3)
  16. Beim Surfen mit Firefox öffnen sich Pop Up's im IE
    Plagegeister aller Art und deren Bekämpfung - 31.05.2007 (1)
  17. IExplorer öffnet sich mit Werbefenster beim surfen mit Firefox
    Log-Analyse und Auswertung - 07.12.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8 / Firefox russische Po-ups behindern normales Surfen - Hallo liebes Trojaner-Board Team, der Windows 8 Laptop meiner Frau hat ein uebles (sorry, brasilianische Tastatur) Adware-Problem. Im Sekundenabstand erscheinen Pop-ups oder neue Fenster, meist von russischen Absendern. Alle Versuche - Windows 8 / Firefox russische Po-ups behindern normales Surfen...
Archiv
Du betrachtest: Windows 8 / Firefox russische Po-ups behindern normales Surfen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131