Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Usuario (2015-07-31 19:27:13)
Running from C:\Users\Usuario\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3064860665-2106470997-2649600080-500 - Administrator - Disabled)
Convidado (S-1-5-21-3064860665-2106470997-2649600080-501 - Limited - Disabled)
Usuario (S-1-5-21-3064860665-2106470997-2649600080-1001 - Administrator - Enabled) => C:\Users\Usuario
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BB Token Admin Tool (HKLM-x32\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.1.0 - Watchdata Technologies Pte., Ltd.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ETDWare PS/2-X64 11.6.23.203_WHQL (HKLM\...\Elantech) (Version: 11.6.23.203 - ELAN Microelectronic Corp.)
Ferramentas do Visual Studio 2005 para Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{8D71EFB0-B1EF-4478-92D2-A65DB23AC460}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{413fe921-b226-41c8-bc3c-574074ceec4d}) (Version: 1.4.4.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{9BC57F80-FBCF-463C-B69F-09DEC3A4612B}) (Version: 4.2.00.02052 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.2.00 - Sony Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Rapport (x32 Version: 3.5.1412.176 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Warsaw 1.5.1.8886 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.1.8886 - GAS Tecnologia)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-07-2015 12:57:27 Installed Rapport
23-07-2015 18:18:32 Ponto de Verificação Agendado
30-07-2015 16:16:02 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 02:26 - 2015-07-30 16:12 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E3989F1-A917-448E-AB85-584C8456A2AE} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {2AF1E3B2-8631-461C-BADF-A142AB13323B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {2B6D130D-4A73-4968-9379-3A733E59FE4D} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {366BA451-FAE4-4E95-980A-634D522A109F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {5C77087E-C620-4069-9424-DDD0CDA99E71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9007BD2F-0E8E-4504-BCFE-490E3C07662E} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe
Task: {9A884A99-FE63-4D55-946F-B2E21A51D613} - System32\Tasks\avastBCLRestartS-1-5-21-3064860665-2106470997-2649600080-1001 => Chrome.exe
Task: {9D1A5392-3B34-4BDD-AF75-2243E8E08EF6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {CDD27CFC-933A-48A7-AC66-D5BC588DFD55} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {DAD529DA-B48E-42E2-B748-2F039054B6AC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {DEB21A6D-2D89-4F5E-A785-E16E57D99A34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {DFFC696E-B886-4568-8E15-1AD0D9C20E67} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {F1F05B85-24C7-4B8B-B1CB-A00366E65023} - System32\Tasks\{32C664C5-3C97-4930-AD6C-D1EC28E62F41} => pcalua.exe -a "C:\Users\Usuario\Downloads\DiagnosticoBB (1).exe" -d C:\Users\Usuario\Downloads
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-07 11:44 - 2015-07-07 11:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 13:41 - 2015-07-07 13:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 13:41 - 2015-07-07 13:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-22 12:59 - 2015-04-22 12:59 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 12:59 - 2015-04-22 12:59 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-30 21:34 - 2015-07-30 21:34 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15073005\algo.dll
2015-07-31 15:15 - 2015-07-31 15:15 - 02959872 _____ () C:\Program Files\AVAST Software\Avast\defs\15073103\algo.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-03-21 14:18 - 2015-03-21 14:18 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-04-11 07:13 - 2012-04-11 07:13 - 00035328 _____ () C:\Windows\SYSTEM32\WatchData\Watchdata Brazil CSP v1.0\UIResB3.DLL
2012-03-29 00:39 - 2012-03-29 00:39 - 00239616 _____ () C:\Windows\SYSTEM32\WatchData\Watchdata Brazil CSP v1.0\hodll.dll
2013-11-14 09:37 - 2013-05-08 17:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-11-14 09:57 - 2013-02-20 21:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-07-29 19:44 - 2015-07-25 05:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-29 19:44 - 2015-07-25 05:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\...\bb.com.br -> hxxps://seg.bb.com.br
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A4808445-5350-4904-A502-78936D18F429}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{3BFF4518-F4B6-4E1D-BF6C-A165D4F8B21C}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7FF2A163-C17C-4D68-A970-66EF24C64390}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5EB331FF-3F24-4532-85BE-D4946136A44A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{0D32DAB5-DE69-430D-955B-00722DFB5B22}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C80705D0-A32A-4376-B75F-E00A5E3418E3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0CCFA6C8-297E-47DC-9EA1-3B96C3CE40A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{D980A466-E8D3-4815-8A20-560C990AEAAE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{331DAD00-FBCD-4A20-A9B3-08849F530CD1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{FC764AD0-B402-496B-A447-D9363115BEB7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{D31726FA-AA82-4EEA-ADF2-F9E69CC4BC89}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{C0EDB26A-E8BE-4EF6-8974-CEEB28F9E25A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{4144D705-21F1-41DF-8FB1-9D18DDB3E5CD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CCBA4A85-C5E5-4D6C-B287-0CFAE840E1E4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{9D8229F0-19BF-40CC-A53C-5F960C1B133A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{184E2EDE-A044-486B-B586-DDBEF4113210}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6CDB41E4-722C-47B8-B19E-AFE774B5389E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C17A24BC-ABDF-40A7-AB00-8CCECDD761AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{5DAA63DE-2B82-4B70-B214-85FE4E5BB049}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{6F7F44D0-3EB3-443A-A418-B6D3C5066F8C}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{7812805D-BE76-473C-9920-C71478F0E28C}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [TCP Query User{432DAEBD-4C09-4C11-80B7-F55A9B61846B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{013D61D8-1289-4052-8385-03927FA0E464}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{C7EE4184-9EA8-468F-A19E-872AAA2D8780}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{67C409E1-6997-46FA-B0D0-9F2F54EA4706}] => (Allow) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2BC1542-94ED-4F61-AFD5-CCF5B7821DB3}] => (Allow) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{F5EFB86C-3602-485F-8098-79A9AFBAEC02}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A8C38BC4-3776-4427-A576-91098A9D0BC7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{95867523-A508-4E41-A419-E066D0683124}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{ECF01375-F5F8-4837-9AD0-1E0871B2A1A6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3643522A-593B-40AC-BD42-82C90C028319}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE9CE614-1EEF-4772-BC21-F396A13AEC7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7BA35DA3-2C22-4B19-8F7F-076B2B2A6CC9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5F32A878-C655-4DAC-A9AD-87714724D98F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DE09F086-6215-4532-A826-E20BC8822662}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{9C8417BE-EFD9-4B07-8D6F-30FC12476709}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{03029884-01F5-4DF0-B5B1-3FE7D2C51D44}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{71E3862E-C84C-4E14-B5C0-96370B08EDE4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{34184772-24EF-4B3C-B3D9-B411CDE22CA0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3FA026CD-A45F-42BF-832A-E87E9A0EFC6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/31/2015 01:40:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/29/2015 06:31:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 10:41:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 11:45:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (1984) WebCacheLocal: Erro -1811 (0xfffff8ed) ao abrir o arquivo de log C:\Users\Usuario\AppData\Local\Microsoft\Windows\WebCache\V010019D.log.
System errors:
=============
Error: (07/31/2015 04:41:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Microsoft Office:
=========================
Error: (07/31/2015 01:40:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/29/2015 06:31:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 10:41:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/28/2015 11:45:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex1984WebCacheLocal: C:\Users\Usuario\AppData\Local\Microsoft\Windows\WebCache\V010019D.log-1811 (0xfffff8ed)
CodeIntegrity:
===================================
Date: 2015-07-31 16:41:56.669
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:56.526
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:55.579
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:55.434
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:54.462
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:54.339
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:53.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:53.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:52.245
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:52.115
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 6024.27 MB
Available physical RAM: 3425.22 MB
Total Virtual: 7048.27 MB
Available Virtual: 4171.91 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.19 GB) (Free:369.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 65ADDC8A)
Partition: GPT Partition Type.
==================== End of log ============================
Ran by Usuario (2015-07-31 19:27:13)
Running from C:\Users\Usuario\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3064860665-2106470997-2649600080-500 - Administrator - Disabled)
Convidado (S-1-5-21-3064860665-2106470997-2649600080-501 - Limited - Disabled)
Usuario (S-1-5-21-3064860665-2106470997-2649600080-1001 - Administrator - Enabled) => C:\Users\Usuario
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BB Token Admin Tool (HKLM-x32\...\{95A34656-CD4A-45A0-BAB8-AB950EFCBEBF}) (Version: 1.1.0 - Watchdata Technologies Pte., Ltd.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ETDWare PS/2-X64 11.6.23.203_WHQL (HKLM\...\Elantech) (Version: 11.6.23.203 - ELAN Microelectronic Corp.)
Ferramentas do Visual Studio 2005 para Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Ajuda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Deskjet 2050 J510 series Estudo de aprimoramento de produtos (HKLM\...\{8D71EFB0-B1EF-4478-92D2-A65DB23AC460}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Software básico do dispositivo (HKLM\...\{2DCBB45E-AA03-4089-87E7-EC17E606D738}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{413fe921-b226-41c8-bc3c-574074ceec4d}) (Version: 1.4.4.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware versão 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Módulo de Segurança - Banco do Brasil (HKLM-x32\...\{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1) (Version: 3.12.1.2 - )
Mozilla Firefox 39.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pt-BR)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{9BC57F80-FBCF-463C-B69F-09DEC3A4612B}) (Version: 4.2.00.02052 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.2.00 - Sony Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Rapport (x32 Version: 3.5.1412.176 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Warsaw 1.5.1.8886 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.5.1.8886 - GAS Tecnologia)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0000}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0000}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-07-2015 12:57:27 Installed Rapport
23-07-2015 18:18:32 Ponto de Verificação Agendado
30-07-2015 16:16:02 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 02:26 - 2015-07-30 16:12 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E3989F1-A917-448E-AB85-584C8456A2AE} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {2AF1E3B2-8631-461C-BADF-A142AB13323B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {2B6D130D-4A73-4968-9379-3A733E59FE4D} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {366BA451-FAE4-4E95-980A-634D522A109F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {5C77087E-C620-4069-9424-DDD0CDA99E71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9007BD2F-0E8E-4504-BCFE-490E3C07662E} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe
Task: {9A884A99-FE63-4D55-946F-B2E21A51D613} - System32\Tasks\avastBCLRestartS-1-5-21-3064860665-2106470997-2649600080-1001 => Chrome.exe
Task: {9D1A5392-3B34-4BDD-AF75-2243E8E08EF6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {CDD27CFC-933A-48A7-AC66-D5BC588DFD55} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {DAD529DA-B48E-42E2-B748-2F039054B6AC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {DEB21A6D-2D89-4F5E-A785-E16E57D99A34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {DFFC696E-B886-4568-8E15-1AD0D9C20E67} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {F1F05B85-24C7-4B8B-B1CB-A00366E65023} - System32\Tasks\{32C664C5-3C97-4930-AD6C-D1EC28E62F41} => pcalua.exe -a "C:\Users\Usuario\Downloads\DiagnosticoBB (1).exe" -d C:\Users\Usuario\Downloads
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-07 11:44 - 2015-07-07 11:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 13:41 - 2015-07-07 13:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 13:41 - 2015-07-07 13:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-22 12:59 - 2015-04-22 12:59 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 12:59 - 2015-04-22 12:59 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-30 21:34 - 2015-07-30 21:34 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15073005\algo.dll
2015-07-31 15:15 - 2015-07-31 15:15 - 02959872 _____ () C:\Program Files\AVAST Software\Avast\defs\15073103\algo.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-03-21 14:18 - 2015-03-21 14:18 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-04-11 07:13 - 2012-04-11 07:13 - 00035328 _____ () C:\Windows\SYSTEM32\WatchData\Watchdata Brazil CSP v1.0\UIResB3.DLL
2012-03-29 00:39 - 2012-03-29 00:39 - 00239616 _____ () C:\Windows\SYSTEM32\WatchData\Watchdata Brazil CSP v1.0\hodll.dll
2013-11-14 09:37 - 2013-05-08 17:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-11-14 09:57 - 2013-02-20 21:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-07-29 19:44 - 2015-07-25 05:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-29 19:44 - 2015-07-25 05:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br
IE trusted site: HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\...\bb.com.br -> hxxps://seg.bb.com.br
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3064860665-2106470997-2649600080-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A4808445-5350-4904-A502-78936D18F429}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{3BFF4518-F4B6-4E1D-BF6C-A165D4F8B21C}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7FF2A163-C17C-4D68-A970-66EF24C64390}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5EB331FF-3F24-4532-85BE-D4946136A44A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{0D32DAB5-DE69-430D-955B-00722DFB5B22}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C80705D0-A32A-4376-B75F-E00A5E3418E3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0CCFA6C8-297E-47DC-9EA1-3B96C3CE40A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{D980A466-E8D3-4815-8A20-560C990AEAAE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{331DAD00-FBCD-4A20-A9B3-08849F530CD1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{FC764AD0-B402-496B-A447-D9363115BEB7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{D31726FA-AA82-4EEA-ADF2-F9E69CC4BC89}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{C0EDB26A-E8BE-4EF6-8974-CEEB28F9E25A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{4144D705-21F1-41DF-8FB1-9D18DDB3E5CD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CCBA4A85-C5E5-4D6C-B287-0CFAE840E1E4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{9D8229F0-19BF-40CC-A53C-5F960C1B133A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{184E2EDE-A044-486B-B586-DDBEF4113210}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6CDB41E4-722C-47B8-B19E-AFE774B5389E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{C17A24BC-ABDF-40A7-AB00-8CCECDD761AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{5DAA63DE-2B82-4B70-B214-85FE4E5BB049}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{6F7F44D0-3EB3-443A-A418-B6D3C5066F8C}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{7812805D-BE76-473C-9920-C71478F0E28C}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [TCP Query User{432DAEBD-4C09-4C11-80B7-F55A9B61846B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{013D61D8-1289-4052-8385-03927FA0E464}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{C7EE4184-9EA8-468F-A19E-872AAA2D8780}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{67C409E1-6997-46FA-B0D0-9F2F54EA4706}] => (Allow) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2BC1542-94ED-4F61-AFD5-CCF5B7821DB3}] => (Allow) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{F5EFB86C-3602-485F-8098-79A9AFBAEC02}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A8C38BC4-3776-4427-A576-91098A9D0BC7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{95867523-A508-4E41-A419-E066D0683124}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{ECF01375-F5F8-4837-9AD0-1E0871B2A1A6}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3643522A-593B-40AC-BD42-82C90C028319}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE9CE614-1EEF-4772-BC21-F396A13AEC7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7BA35DA3-2C22-4B19-8F7F-076B2B2A6CC9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5F32A878-C655-4DAC-A9AD-87714724D98F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DE09F086-6215-4532-A826-E20BC8822662}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{9C8417BE-EFD9-4B07-8D6F-30FC12476709}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{03029884-01F5-4DF0-B5B1-3FE7D2C51D44}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{71E3862E-C84C-4E14-B5C0-96370B08EDE4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{34184772-24EF-4B3C-B3D9-B411CDE22CA0}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3FA026CD-A45F-42BF-832A-E87E9A0EFC6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/31/2015 01:40:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/29/2015 06:31:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 10:41:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Falha na geração de contexto de ativação para "asmv2:clrClassInvocation1". Erro no arquivo de manifesto ou de política asmv2:clrClassInvocation2", na linha asmv2:clrClassInvocation3.
O elemento asmv2:clrClassInvocation aparece como filho do elemento urn:schemas-microsoft-com:asm.v1^entryPoint, o que não tem suporte nesta versão do Windows.
Error: (07/28/2015 11:45:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (1984) WebCacheLocal: Erro -1811 (0xfffff8ed) ao abrir o arquivo de log C:\Users\Usuario\AppData\Local\Microsoft\Windows\WebCache\V010019D.log.
System errors:
=============
Error: (07/31/2015 04:41:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Error: (07/31/2015 04:41:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuario\AppData\Local\Temp\catchme.sys
Microsoft Office:
=========================
Error: (07/31/2015 01:40:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/29/2015 06:31:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 10:41:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (07/28/2015 06:46:03 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4
Error: (07/28/2015 06:42:21 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4
Error: (07/28/2015 11:45:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex1984WebCacheLocal: C:\Users\Usuario\AppData\Local\Microsoft\Windows\WebCache\V010019D.log-1811 (0xfffff8ed)
CodeIntegrity:
===================================
Date: 2015-07-31 16:41:56.669
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:56.526
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:55.579
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:55.434
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:54.462
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:54.339
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:53.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:53.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:52.245
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-31 16:41:52.115
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Usuario\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 6024.27 MB
Available physical RAM: 3425.22 MB
Total Virtual: 7048.27 MB
Available Virtual: 4171.91 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.19 GB) (Free:369.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 65ADDC8A)
Partition: GPT Partition Type.
==================== End of log ============================