Boa Noite galera

depois que conec um pen drive para remove aqueles virus de atalho pelo comand attrib
minha maquina apos o boot abre o CMD com a seguint mensagem
“o windows nao pode localizar aiasfacoiaksf.vbs”

o avast informou que era preciso reinicia para corri o erro

*********************************************relatorio avast!

Name do arquivo C: \ $ Recycle.Bin \ … \ xmkysecqun64.exe.vir
Gravidade alta - local: Win64: Adware-gen [Adw]
Acao Movido para quarentena - Resultado acao bem sucedida

*********************************************Relatorio AdwCleaner

AdwCleaner v3.208 - Relatório criado 13/05/2014 às 21:49:48

Atualizado 11/05/2014 por Xplode

Sistema Operacional : Windows 8 Single Language (64 bits)

Usuário : Gisele - PC-SANTOS

Executando de : C:\Users\Gisele\Downloads\adwcleaner.exe

Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Program Files (x86)\HomeTab
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files\003
Pasta Deletada : C:\Program Files\HomeTab
Pasta Deletada : C:\Program Files\SupraSavings
Pasta Deletada : C:\Users\Gisele\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Gisele\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Gisele\AppData\Roaming\SimplyTech
Arquivo Deletada : C:\Windows\System32\Tasks\Browser Updater
Arquivo Deletada : C:\Windows\System32\Tasks\ProtectedSearch

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.Band
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.Band.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Chave Deletedo : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID{A928E66C-F501-4E66-9953-855C712F93B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface{A928E66C-F501-4E66-9953-855C712F93B2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID{A928E66C-F501-4E66-9953-855C712F93B2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface{A928E66C-F501-4E66-9953-855C712F93B2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Chave Deletedo : HKCU\Software\HomeTab
Chave Deletedo : HKCU\Software\simplytech
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\AppDataLow\Software\simplytech
Chave Deletedo : HKCU\Software\AppDataLow\Software\suprasavings
Chave Deletedo : HKLM\Software\FreeSoftToday
Chave Deletedo : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings

***** [ Navegadores ] *****

-\ Internet Explorer v10.0.9200.16537

-\ Google Chrome v34.0.1847.131

[ Arquivo : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\preferences ]


AdwCleaner[R1].txt - [4113 octets] - [13/05/2014 21:47:30]
AdwCleaner[S1].txt - [3646 octets] - [13/05/2014 21:49:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3706 octets] ##########

Nao sei mais o que fazer, alguem por favor me ajude

Boa noite

como você ja iniciou o topico na virus and worms
foi notificado o especialista de malware qualificado

Baixe OTL para o seu desktop

http://oldtimer.geekstogo.com/OTL.exe
link secundário
http://www.itxassociates.com/OT-Tools/OTL.exe
• Dê um duplo clique no ícone para executá-lo. Certifique-se de todas as outras janelas estão fechadas e deixe-o funcionar sem interrupção.

https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif

• Selecione todos os usuários

• Sob a caixa de verificação personalizada colar isso em
[b]netsvcs
BASESERVICES
% Systemdrive% \ *. Exe
/ md5start

  • serviços.
    explorer.exe
    winlogon.exe
    userinit.exe
    svchost.exe
    / md5stop
    dir “% systemdrive% \ *” / S / A: L / C
    CREATERESTOREPOINT[/b]

• Clique no botão Digitalizar Executar. Não altere as configurações salvo disse para fazê-lo. A digitalização vai levar muito tempo.
• Quando a verificação for concluída, ele vai abrir duas janelas notepad. OTL.Txt e Extras.Txt. Estes são salvos no mesmo local OTL.

• anexar ambos os logs

não copie e cole
para anexar os logs utilize a opção a seguir clique em anexos e outras opções

http://i61.tinypic.com/2mcxvn.png

ESSA OPC QUE VC IMFORMA D COPIA E COLAR NAO ABRIU

SO UM RELATORIO

ELES FICAM SALVOS EM ALGUM LUGAR ???

OTL Extras logfile created on: 15/05/2014 00:03:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gisele\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16863)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

1,89 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 33,66% Memory free
5,14 Gb Paging File | 3,75 Gb Available in Paging File | 72,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 142,03 Gb Free Space | 76,23% Space Free | Partition Type: NTFS
Drive D: | 258,44 Gb Total Space | 258,00 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

Computer Name: PC-SANTOS | User Name: Gisele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes<extension>]
.html[@ = htmlfile] – C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<extension>]
.cpl [@ = cplfile] – C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] – C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Classes<extension>]
.html [@ = ChromeHTML] – Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes<key>\shell[command]\command]
batfile [open] – “%1” %*
cmdfile [open] – “%1” %*
comfile [open] – “%1” %*
exefile [open] – “%1” %*
helpfile [open] – Reg Error: Key error.
htmlfile [edit] – Reg Error: Key error.
htmlfile [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
htmlfile [opennew] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
htmlfile [print] – “%systemroot%\system32\rundll32.exe” “%systemroot%\system32\mshtml.dll”,PrintHTML “%1”
http [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
https [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut [open] – “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] – “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile [open] – “%1” %*
regfile [merge] – Reg Error: Key error.
scrfile [config] – “%1”
scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] – “%1” /S
txtfile [edit] – Reg Error: Key error.
Unknown [openas] – %SystemRoot%\system32\OpenWith.exe “%1” (Microsoft Corporation)
Directory [cmd] – cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] – Reg Error: Value error.
Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – “C:\Program Files\Internet Explorer\iexplore.exe” (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<key>\shell[command]\command]
batfile [open] – “%1” %*
cmdfile [open] – “%1” %*
comfile [open] – “%1” %*
cplfile [cplopen] – %SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile [open] – “%1” %*
helpfile [open] – Reg Error: Key error.
htmlfile [edit] – Reg Error: Key error.
htmlfile [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
htmlfile [opennew] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
htmlfile [print] – “%systemroot%\system32\rundll32.exe” “%systemroot%\system32\mshtml.dll”,PrintHTML “%1”
http [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
https [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile [open] – “%1” %*
regfile [merge] – Reg Error: Key error.
scrfile [config] – “%1”
scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] – “%1” /S
txtfile [edit] – Reg Error: Key error.
Unknown [openas] – %SystemRoot%\system32\OpenWith.exe “%1” (Microsoft Corporation)
Directory [cmd] – cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] – Reg Error: Value error.
Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = CE 37 E6 AF FF 6A CD 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“AutoUpdateDisableNotify” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{03F46F44-9E43-4BB2-B511-2F5220C1A50B}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{1012E374-0231-4538-BD04-BD7626A93434}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{11263CD8-F926-47A6-8F88-35EE9D793515}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{240C1D11-4FDA-4432-A20E-4D06B584616F}” = lport=10243 | protocol=6 | dir=in | app=system |
“{24163FF8-1C3A-431F-B577-C53FEE045609}” = lport=137 | protocol=17 | dir=in | app=system |
“{2A0E2DC6-EB18-4AB5-93FA-4FE12490E51F}” = lport=445 | protocol=6 | dir=in | app=system |
“{2B33A5CF-47C6-41FA-9381-308DD450DCF5}” = rport=137 | protocol=17 | dir=out | app=system |
“{48B60C31-9021-4932-B79D-3E90B0FCD6BF}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{554716A7-0688-4CAD-AD7C-572C1554AA2A}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{58DAA78F-CAFC-4339-9816-09E8452C3531}” = rport=139 | protocol=6 | dir=out | app=system |
“{61E525FF-DB2C-4E68-AF23-16A5FF2BE326}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{9BAAAEFE-CE18-4ACC-9E87-F6BF35B04035}” = rport=10243 | protocol=6 | dir=out | app=system |
“{A90950B0-9EB8-49B4-A5BF-A6A605966A32}” = rport=445 | protocol=6 | dir=out | app=system |
“{B10463FE-6E9E-4DA5-8297-E80F51ED0982}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{B118375C-9834-49FD-BD49-0C3B5DAA1632}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
“{C78978E9-0ADD-46F6-A1C8-C609ECE5B448}” = lport=2869 | protocol=6 | dir=in | app=system |
“{D79F444E-A8DB-411F-9961-5987608D5C44}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{E462AACB-C038-426D-BF3E-D2D109C33F43}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{E90E0028-63A3-4B4A-A6D0-BEB225E34266}” = lport=138 | protocol=17 | dir=in | app=system |
“{EFF24B2E-D792-4BD7-9FE6-85E790ACD4DE}” = rport=138 | protocol=17 | dir=out | app=system |
“{FDD905F6-5C0C-41BC-AA06-15AAFD563AAB}” = lport=139 | protocol=6 | dir=in | app=system

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{00EB0E46-295D-4ADF-B320-A5301077B6DF}” = dir=in | app=c:\program files (x86)\hometab\wpackageupdater.exe |
“{01C66D4B-571A-4F0C-9277-8085A18A608D}” = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
“{03D1FA41-DFB4-4319-AA4F-C49C2E7BDF6C}” = dir=in | app=c:\soloapp\webdriver.dll |
“{056B6DD9-9F8E-492E-B8F1-5B2D1500C00B}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
“{079FFD7B-EDF9-4A83-A000-47614CE91DC2}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
“{0B2B3378-6FC3-45CC-ACF9-4542A34901D6}” = dir=out | name=wordament |
“{16142051-FD22-4BE8-B961-0B6AB514CF12}” = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
“{17816CB7-E5E3-4044-A70C-2F27EFEA616A}” = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
“{1D79EE35-D218-4095-BCCB-B06CF244C88B}” = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
“{23165712-1C4E-435A-8822-DAA35796F75A}” = dir=out | name=taptiles |
“{28AD42B3-0240-44BB-98F3-43994DCD8A52}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
“{2C667222-4238-499F-9A48-CDC90E945874}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
“{2E86C3C7-B878-466E-BACD-9D0D1158592D}” = dir=in | app=c:\soloapp\soloapp.exe |
“{2EEF767B-836C-4C2D-967D-114ED88BE198}” = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
“{2F202458-7DF3-46AD-B860-37D9CFEB3C8C}” = dir=out | app=c:\soloapp\chromedriver.exe |
“{31F9E2B1-BABC-4DD8-AE53-0BA4A6C7D52A}” = dir=out | name=skype |
“{38F7E712-D77F-4777-B5F7-D667897217AF}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
“{3A0B9D6A-3E56-4B6B-81AD-2943F5E95B02}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{3A16B969-D903-4E76-822B-F2E4488DA095}” = dir=out | name=windows_ie_ac_001 |
“{3A1DF859-FE27-422D-BBF2-C023976EEAED}” = protocol=6 | dir=out | app=system |
“{3C366B85-D28F-49FE-8463-EEE8FA9FC364}” = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
“{40142C04-AD0D-49CF-B34D-7F8F5FA66BF2}” = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{46721B2B-DBC1-4545-8861-F24A7535E88D}” = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
“{4C3382D2-F4D8-4AC8-9814-4DAA34156B38}” = dir=in | app=c:\soloapp\chromedriver.exe |
“{530EC926-2493-4A1F-816E-71D6D98F1CF3}” = dir=in | app=c:\program files (x86)\hometab\wbrowserdirect.exe |
“{5565D256-FA8F-4187-AFFA-6D48A2D8C548}” = dir=out | app=c:\program files (x86)\hometab\wbrowserdirect.exe |
“{57E5F49B-1275-4E5E-99F2-AF3EE78DB4A4}” = dir=out | app=c:\program files (x86)\hometab\wpackageupdater.exe |
“{59625BB6-3D0B-4847-BB8A-71CBE3740214}” = dir=out | name=adera |
“{60587358-A509-417A-8955-FADB4B5B9796}” = dir=out | name=fresh paint |
“{6389BD93-87DB-449E-951D-9B8D4A7AB4CC}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{6CF308CD-C692-47E0-B917-1339BD7FC7B3}” = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
“{709968FF-5303-49AA-9DCE-69D68D855E7F}” = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
“{797F0CEA-5649-4DE9-938E-82FED6570802}” = dir=in | app=c:\soloapp\iedriverserver.exe |
“{7CBDA225-677A-4522-8ACD-8A08735F6CDC}” = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
“{808F1451-4108-46FD-ADBB-F17324B5F0BD}” = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
“{811A7E18-4AC9-4E97-86B8-FEA804375470}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{8A97FD64-7736-4D66-B6B1-7A1C5AC8C925}” = dir=in | name=skype |
“{8DA40C24-4DF5-4CCE-82A1-117CA1D742B4}” = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
“{8FC05F4D-DCF6-44F7-928B-6735AD75E2D3}” = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{90C19964-DC91-4732-85A2-6CEF9C624036}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{980E5A29-D6CE-4CBC-95B5-82C0CD76C324}” = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
“{9D4AC616-7EE8-454C-A827-8E3DD05B905C}” = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
“{B746A466-E18D-4723-9ECE-A15B6311A94A}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{B7DAFFD5-F33F-4EAD-84D1-5A5DA2411122}” = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
“{B962A1FB-D9BC-48DE-9C15-74EC269791B8}” = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
“{C61727B1-A6E2-4F09-ABF8-AF10EB368EDD}” = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{C7EF46EF-93C0-4D84-BD4C-4D6239A29DAF}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{C89B43C0-0D4B-4355-A957-2E0F9801D544}” = dir=in | app=c:\program files (x86)\hometab\wsystemshield.exe |
“{CC609217-2FCB-49DF-AFD4-86305137C8D6}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{CE4D51A4-A7E4-427B-A451-6E99FF0BC101}” = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{CEECCEE0-58F6-4CD7-A033-73C4EC4249DF}” = dir=out | app=c:\soloapp\iedriverserver.exe |
“{D36CE457-38F2-46FF-9AE2-11E70C1D0D96}” = dir=out | app=c:\soloapp\soloapp.exe |
“{D3B23EAD-6F9F-45C5-85D1-4900CED4D905}” = dir=out | app=c:\soloapp\webdriver.dll |
“{DA539457-8BD7-4755-A849-A03C74F191B7}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{DA7111DB-E521-4F86-99EC-579C2C77DD97}” = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
“{DCCC6A36-CECF-44D1-9310-7607D92ADAFF}” = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
“{DDEE6113-0741-46DE-B4EB-C9B688A5A051}” = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
“{E171B14F-2844-4758-BE4C-07243CA6C7A3}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{E7985E1D-C36F-4787-80A8-6350D07E9266}” = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
“{F3669DC9-7319-4B85-88CF-67D2A295A975}” = dir=out | name=microsoft solitaire collection |
“{F6C1F0FC-7C72-4B6D-99DD-F9451B9279A6}” = dir=out | app=c:\program files (x86)\hometab\wsystemshield.exe |
“{F8C0B635-A982-48FD-AB8E-9C560D623326}” = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
“{F8F5CA9E-588F-423A-A7B0-7E12CD3D1164}” = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}” = ASUS VivoBook
“{1D8E6291-B0D5-35EC-8441-6616F567A0F7}” = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
“{37B8F9C7-03FB-3253-8781-2517C99D7C00}” = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
“{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}” = ASUS Power4Gear Hybrid
“{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}” = WinZip 18.0
“{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}” = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
“{EF79C448-6946-4D71-8134-03407888C054}” = Shared C Run-time for x64
“{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}” = Intel® Trusted Connect Service Client
“2BD897DEE9289F769D9176245811D5330A360B0B” = Windows Driver Package - ASUS (ATP) Mouse (08/27/2012 1.0.0.125)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{0969AF05-4FF6-4C00-9406-43599238DE0D}” = ASUS Splendid Video Enhancement Technology
“{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}” = ASUS LifeFrame3
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{20D4A895-748C-4D88-871C-FDB1695B0169}” = Platform
“{28006915-2739-4EBE-B5E8-49B25D32EB33}” = Qualcomm Atheros Client Installation Program
“{3108C217-BE83-42E4-AE9E-A56A2A92E549}” = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
“{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}” = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
“{4D3286A6-F6AB-498A-82A4-E4F040529F3D}” = ASUS Smart Gesture
“{58172D66-2F69-4215-9AEC-ED8196023736}” = ASUS Tutor
“{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{749F674B-2674-47E8-879C-5626A06B2A91}” = ASUS InstantOn
“{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}” = ASUS Instant Connect
“{8F21291E-0444-4B1D-B9F9-4370A73E346D}” = WinFlash
“{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}” = ASUS USB Charger Plus
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}” = ATK Package
“{AC76BA86-7AD7-FFFF-7B44-AA0000000001}” = Adobe Reader X (10.1.10) MUI
“{AF37176A-78CA-545B-34EF-8B6A21514DD1}” = Adobe Help Manager
“{B175520C-86A2-35A7-8619-86DC379688B9}” = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
“{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}” = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
“{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}” = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
“{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}” = Adobe Fireworks CS6
“{DC06C90B-C5BE-42F6-B74D-A9503170998C}” = ASUS Product Demo Movie
“{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1” = SpeedUpMyPC
“{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}” = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
“{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}” = Intel(R) Processor Graphics
“{F3D5911B-4578-48E7-A186-D3990401F714}_is1” = 1-Zip version 1.0
“{f73e860e-2c24-43f8-a44f-90eb6173c98c}is1" = HomeTab 6.1
“{F9D72742-0351-447C-B160-F0A5AC9D87BF}” = Alcor Micro USB Card Reader
“{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}” = ASUS Live Update
“{FCB3772C-B7D0-4933-B1A9-3707EBACC573}” = Intel(R) SDK for OpenCL - CPU Only Runtime Package
“{FE23D063-934D-4829-A0D8-00634CE79B4A}” = Adobe AIR
“Adobe AIR” = Adobe AIR
“Adobe Creative Cloud” = Adobe Creative Cloud
“AmUStor” = Alcor Micro USB Card Reader
“ASUS WebStorage” = ASUS WebStorage Sync Agent
“Avast” = avast! Free Antivirus
“chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1” = Adobe Help Manager
“DAEMON Tools Lite” = DAEMON Tools Lite
“Google Chrome” = Google Chrome
"InstallShield
{20D4A895-748C-4D88-871C-FDB1695B0169}” = VIA Platform Device Manager
“Optimizer Pro_is1” = Optimizer Pro v3.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01/05/2014 20:57:21 | Computer Name = PC-Santos | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail
com o erro: -2144927142. Veja o log Microsoft-Windows-TWinUI/Operational para obter
informações adicionais.

Error - 01/05/2014 20:57:25 | Computer Name = PC-Santos | Source = Application Hang | ID = 1002
Description = O programa LiveComm.exe versão 16.4.4206.722 parou de interagir com
o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema,
verifique o histórico de problemas no painel de controle da Central de Ações. ID
do Processo: 788 Hora de Início: 01cf65a12e47bce7 Hora de Término: 4294967295 Caminho
do Aplicativo: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe

ID
do Relatório: b63cba70-d194-11e3-be7d-50465d378733 Nome completo do pacote com falha:
microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe ID do aplicativo
relativo ao pacote com falha: Microsoft.WindowsLive.Mail

Error - 01/05/2014 21:59:05 | Computer Name = PC-Santos | Source = ESENT | ID = 455
Description = taskhostex (1680) WebCacheLocal: Erro -1811 (0xfffff8ed) ao abrir
o arquivo de log C:\Users\Gisele\AppData\Local\Microsoft\Windows\WebCache\V0100021.log.

Error - 02/05/2014 07:21:39 | Computer Name = PC-Santos | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail
com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter
informações adicionais.

Error - 02/05/2014 17:07:20 | Computer Name = PC-Santos | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 04/05/2014 11:12:39 | Computer Name = PC-Santos | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 04/05/2014 14:06:51 | Computer Name = PC-Santos | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 04/05/2014 19:39:56 | Computer Name = PC-Santos | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail
com o erro: -2147467263. Veja o log Microsoft-Windows-TWinUI/Operational para obter
informações adicionais.

Error - 04/05/2014 23:42:20 | Computer Name = PC-Santos | Source = Application Error | ID = 1000
Description = Nome do aplicativo com falha: FBAgent.exe, versão: 2.0.0.1, carimbo
de data/hora: 0x50e6be1a Nome do módulo com falha: ntdll.dll, versão: 6.2.9200.16579,
carimbo de data/hora: 0x51637f77 Código de exceção: 0xc0000374 Deslocamento da falha:
0x00000000000ebd59 ID do processo com falha: 0x454 Hora de início do aplicativo com
falha: 0x01cf65aa0c1ce6b5 Caminho do aplicativo com falha: C:\Windows\system32\FBAgent.exe
Caminho
do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll ID do Relatório: 425f11de-d407-11e3-be7e-50465d378733
Nome
completo do pacote com falha: ID do aplicativo relativo ao pacote com falha:

Error - 06/05/2014 08:54:09 | Computer Name = PC-Santos | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 09/05/2014 11:00:06 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:00:18 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:00:28 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:00:38 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:00:48 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:00:58 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:01:09 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 09/05/2014 11:01:19 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 10/05/2014 22:47:52 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

Error - 10/05/2014 22:48:02 | Computer Name = PC-Santos | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço avast! HardwareID devido ao seguinte
erro: %%127

< End of report >

OTL logfile created on: 15/05/2014 00:03:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gisele\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16863)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

1,89 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 33,66% Memory free
5,14 Gb Paging File | 3,75 Gb Available in Paging File | 72,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 142,03 Gb Free Space | 76,23% Space Free | Partition Type: NTFS
Drive D: | 258,44 Gb Total Space | 258,00 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

Computer Name: PC-SANTOS | User Name: Gisele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/05/14 23:59:40 | 000,602,112 | ---- | M] (OldTimer Tools) – C:\Users\Gisele\Downloads\OTL.ussafe.exe
PRC - [2014/05/08 04:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/23 21:33:15 | 000,841,032 | ---- | M] (Google Inc.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/04/20 18:45:23 | 003,873,704 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/20 18:45:22 | 000,050,344 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/03/21 02:40:50 | 002,691,480 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2014/03/20 11:24:00 | 005,288,608 | ---- | M] () – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2014/02/19 06:06:04 | 000,769,904 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2012/09/14 18:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) – C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/09/11 21:06:52 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/09/11 16:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2012/09/11 14:43:14 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) – C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2012/08/24 22:17:14 | 000,107,192 | ---- | M] (ASUS) – C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2012/08/24 22:17:10 | 000,192,000 | ---- | M] (ASUSTeK) – C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2012/08/06 19:56:14 | 000,590,208 | ---- | M] (ASUS) – C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
PRC - [2012/07/25 14:53:18 | 001,558,176 | ---- | M] (ASUSTeK Computer Inc.) – C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012/07/24 23:21:22 | 001,123,536 | ---- | M] (ASUSTek Computer Inc.) – C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012/07/17 21:54:20 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/07/17 19:57:22 | 000,365,376 | ---- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 19:57:20 | 000,277,824 | ---- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/06/27 17:47:02 | 000,129,856 | ---- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/06/25 15:57:14 | 000,166,720 | ---- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012/05/28 15:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012/04/13 15:14:00 | 000,277,120 | ---- | M] (ASUS) – C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
PRC - [2011/11/21 19:19:50 | 000,096,896 | ---- | M] (ASUS) – C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2014/04/27 21:28:56 | 007,660,032 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll
MOD - [2014/04/27 21:28:38 | 001,900,544 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\0e9817b12da250f8d4c680e1cb26e1c0\System.Xaml.ni.dll
MOD - [2014/04/27 21:26:50 | 012,877,824 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll
MOD - [2014/04/27 21:22:48 | 001,644,544 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll
MOD - [2014/04/27 21:09:13 | 000,975,872 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll
MOD - [2014/04/27 21:07:49 | 000,475,648 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\d3abe72a65b16c5ca129dd4509450190\PresentationFramework.Aero2.ni.dll
MOD - [2014/04/27 21:07:40 | 018,785,280 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\952cc4d9a277dc4b0abc0de4a64b11a6\PresentationFramework.ni.dll
MOD - [2014/04/27 21:05:31 | 011,021,312 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d860b38580f4403397d67fa84d624447\PresentationCore.ni.dll
MOD - [2014/04/27 21:05:04 | 003,941,888 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e2fb4aca9e25e4eaac703466d36b17ed\WindowsBase.ni.dll
MOD - [2014/04/27 21:03:45 | 010,051,072 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll
MOD - [2014/04/27 21:03:19 | 016,953,856 | ---- | M] () – C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll
MOD - [2014/04/23 21:33:13 | 000,390,472 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
MOD - [2014/04/23 21:33:10 | 004,081,480 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014/04/23 21:33:05 | 000,674,632 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014/04/23 21:33:04 | 000,093,000 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014/04/23 21:33:03 | 001,647,432 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014/04/23 21:33:01 | 000,065,352 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2014/04/19 23:27:55 | 019,336,120 | ---- | M] () – C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/03/20 11:24:00 | 005,288,608 | ---- | M] () – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2014/03/18 23:22:06 | 032,733,088 | ---- | M] () – C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
MOD - [2012/08/24 22:17:08 | 000,009,216 | ---- | M] () – C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/04/20 18:45:22 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
SRV:64bit: - [2013/10/25 04:34:55 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Windows Defender\MsMpEng.exe – (WinDefend)
SRV:64bit: - [2013/08/16 02:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\WSService.dll – (WSService)
SRV:64bit: - [2013/06/24 19:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wcmsvc.dll – (Wcmsvc)
SRV:64bit: - [2013/06/01 06:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\DeviceSetupManager.dll – (DsmSvc)
SRV:64bit: - [2013/05/04 03:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\netprofmsvc.dll – (netprofm)
SRV:64bit: - [2013/05/04 03:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\bisrv.dll – (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 01:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\AudioEndpointBuilder.dll – (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 23:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\TimeBrokerServer.dll – (TimeBroker)
SRV:64bit: - [2013/03/01 23:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\SystemEventsBrokerServer.dll – (SystemEventsBroker)
SRV:64bit: - [2013/01/09 20:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\wlidsvc.dll – (wlidsvc)
SRV:64bit: - [2013/01/09 20:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\lsm.dll – (LSM)
SRV:64bit: - [2013/01/07 20:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] – C:\Windows\SysNative\FBAgent.exe – (AFBAgent)
SRV:64bit: - [2012/09/20 05:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll – (PrintNotify)
SRV:64bit: - [2012/09/20 03:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\fhsvc.dll – (fhsvc)
SRV:64bit: - [2012/09/14 08:55:00 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [On_Demand | Running] – C:\Windows\SysNative\ViakaraokeSrv.exe – (VIAKaraokeService)
SRV:64bit: - [2012/07/26 00:08:39 | 000,051,712 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\rundll32.exe – (70e6ca8c)
SRV:64bit: - [2012/07/26 00:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\wiarpc.dll – (WiaRpc)
SRV:64bit: - [2012/07/26 00:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\vaultsvc.dll – (VaultSvc)
SRV:64bit: - [2012/07/26 00:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\svsvc.dll – (svsvc)
SRV:64bit: - [2012/07/26 00:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\netlogon.dll – (Netlogon)
SRV:64bit: - [2012/07/26 00:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\NcaSvc.dll – (NcaSvc)
SRV:64bit: - [2012/07/26 00:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\NcdAutoSetup.dll – (NcdAutoSetup)
SRV:64bit: - [2012/07/26 00:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\keyiso.dll – (KeyIso)
SRV:64bit: - [2012/07/26 00:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\efssvc.dll – (EFS)
SRV:64bit: - [2012/07/26 00:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\das.dll – (DeviceAssociationService)
SRV:64bit: - [2012/07/26 00:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\AUInstallAgent.dll – (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicvss)
SRV:64bit: - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmictimesync)
SRV:64bit: - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicshutdown)
SRV:64bit: - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicrdv)
SRV:64bit: - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmickvpexchange)
SRV:64bit: - [2012/07/25 21:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicheartbeat)
SRV:64bit: - [2012/04/20 19:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] – C:\Program Files\Intel\iCLS Client\HeciServer.exe – (Intel(R)
SRV - [2014/05/08 04:20:58 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
SRV - [2012/09/20 05:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll – (PrintNotify)
SRV - [2012/09/11 16:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] – C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe – (ASLDRService)
SRV - [2012/08/30 23:35:20 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\IntelCpHeciSvc.exe – (cphs)
SRV - [2012/07/26 00:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\StorSvc.dll – (StorSvc)
SRV - [2012/07/17 19:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe – (UNS)
SRV - [2012/07/17 19:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe – (LMS)
SRV - [2012/06/27 17:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe – (Intel(R)
SRV - [2012/06/25 15:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe – (jhi_service)
SRV - [2012/04/13 15:14:00 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] – C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe – (ASUS InstantOn)
SRV - [2011/11/21 19:19:50 | 000,096,896 | ---- | M] (ASUS) [On_Demand | Running] – C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe – (ATKGFNEXSrv)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/04/24 12:34:52 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] – C:\Windows\SysNative\Drivers{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys – ({b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64)
DRV:64bit: - [2014/04/21 15:15:50 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] – C:\Windows\SysNative\Drivers\dtsoftbus01.sys – (dtsoftbus01)
DRV:64bit: - [2014/04/20 18:45:36 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] – C:\Windows\SysNative\Drivers\aswSnx.sys – (aswSnx)
DRV:64bit: - [2014/04/20 18:45:36 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] – C:\Windows\SysNative\Drivers\aswSP.sys – (aswSP)
DRV:64bit: - [2014/04/20 18:45:36 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\aswVmm.sys – (aswVmm)
DRV:64bit: - [2014/04/20 18:45:36 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] – C:\Windows\SysNative\Drivers\aswStm.sys – (aswStm)
DRV:64bit: - [2014/04/20 18:45:36 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\SysNative\Drivers\aswMonFlt.sys – (aswMonFlt)
DRV:64bit: - [2014/04/20 18:45:36 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\aswRvrt.sys – (aswRvrt)
DRV:64bit: - [2014/04/20 18:45:36 | 000,029,208 | ---- | M] () [Kernel | Auto | Stopped] – C:\Windows\SysNative\Drivers\aswHwid.sys – (aswHwid)
DRV:64bit: - [2014/04/20 18:45:35 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\SysNative\Drivers\aswRdr2.sys – (aswRdr)
DRV:64bit: - [2013/10/25 04:34:52 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\WdBoot.sys – (WdBoot)
DRV:64bit: - [2013/10/24 19:34:32 | 000,248,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\WdFilter.sys – (WdFilter)
DRV:64bit: - [2013/10/10 08:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\wfplwfs.sys – (WFPLWFS)
DRV:64bit: - [2013/10/05 03:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\spaceport.sys – (spaceport)
DRV:64bit: - [2013/10/01 23:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\USBHUB3.SYS – (USBHUB3)
DRV:64bit: - [2013/08/16 02:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] – C:\Windows\SysNative\Drivers\dam.sys – (dam)
DRV:64bit: - [2013/08/10 03:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\tpm.sys – (TPM)
DRV:64bit: - [2013/07/09 05:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\msgpioclx.sys – (GPIOClx0101)
DRV:64bit: - [2013/07/01 22:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\USBXHCI.SYS – (USBXHCI)
DRV:64bit: - [2013/07/01 22:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\UCX01000.SYS – (UCX01000)
DRV:64bit: - [2013/06/29 03:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\sdbus.sys – (sdbus)
DRV:64bit: - [2013/06/01 00:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\BthAvrcpTg.sys – (BthAvrcpTg)
DRV:64bit: - [2013/03/02 07:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\storahci.sys – (storahci)
DRV:64bit: - [2013/03/02 07:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\pdc.sys – (pdc)
DRV:64bit: - [2013/01/09 22:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\msgpiowin32.sys – (msgpiowin32)

DRV:64bit: - [2012/11/27 00:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\BthhfHid.sys – (bthhfhid)
DRV:64bit: - [2012/11/20 01:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\hidi2c.sys – (hidi2c)
DRV:64bit: - [2012/11/06 00:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\fxppm.sys – (FxPPM)
DRV:64bit: - [2012/10/12 05:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\rdpvideominiport.sys – (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 04:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\sdstor.sys – (sdstor)
DRV:64bit: - [2012/09/20 04:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\evbda.sys – (ebdrv)
DRV:64bit: - [2012/09/20 04:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\bxvbda.sys – (b06bdrv)
DRV:64bit: - [2012/09/19 05:15:20 | 003,653,632 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\athw8x.sys – (athr)
DRV:64bit: - [2012/09/17 20:05:54 | 000,013,696 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Auto | Running] – C:\Program Files\ASUS\P4G\plctrl.sys – (plctrl)
DRV:64bit: - [2012/09/14 08:54:52 | 002,203,792 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\viahduaa.sys – (VIAHdAudAddService)
DRV:64bit: - [2012/09/11 14:43:44 | 000,056,704 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\AsusTP.sys – (ATP)
DRV:64bit: - [2012/08/30 23:35:08 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\igdkmd64.sys – (igfx)
DRV:64bit: - [2012/08/27 00:11:04 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\IntcDAud.sys – (IntcDAud)
DRV:64bit: - [2012/08/02 00:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\kbfiltr.sys – (kbfiltr)
DRV:64bit: - [2012/07/26 02:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
DRV:64bit: - [2012/07/26 02:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\condrv.sys – (condrv)
DRV:64bit: - [2012/07/26 02:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\VSTXRAID.SYS – (VSTXRAID)
DRV:64bit: - [2012/07/26 02:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\VerifierExt.sys – (VerifierExt)
DRV:64bit: - [2012/07/26 02:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\uaspstor.sys – (UASPStor)
DRV:64bit: - [2012/07/26 02:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\acpiex.sys – (acpiex)
DRV:64bit: - [2012/07/26 02:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\mvumis.sys – (mvumis)
DRV:64bit: - [2012/07/26 02:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\stexstor.sys – (stexstor)
DRV:64bit: - [2012/07/26 02:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\lsi_sas2.sys – (LSI_SAS2)
DRV:64bit: - [2012/07/26 02:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\lsi_sss.sys – (LSI_SSS)
DRV:64bit: - [2012/07/26 02:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\HpSAMD.sys – (HpSAMD)
DRV:64bit: - [2012/07/26 02:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys – (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 02:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\EhStorClass.sys – (EhStorClass)
DRV:64bit: - [2012/07/26 02:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\amdsbs.sys – (amdsbs)
DRV:64bit: - [2012/07/26 02:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\3ware.sys – (3ware)
DRV:64bit: - [2012/07/26 02:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\amdsata.sys – (amdsata)
DRV:64bit: - [2012/07/26 02:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] – C:\Windows\SysNative\Drivers\amdxata.sys – (amdxata)
DRV:64bit: - [2012/07/26 01:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\clfs.sys – (CLFS)
DRV:64bit: - [2012/07/26 01:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\vpci.sys – (vpci)
DRV:64bit: - [2012/07/26 00:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\terminpt.sys – (terminpt)
DRV:64bit: - [2012/07/25 23:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\mshidumdf.sys – (mshidumdf)

DRV:64bit: - [2012/07/25 23:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\Drivers\BasicDisplay.sys – (BasicDisplay)
DRV:64bit: - [2012/07/25 23:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\HyperVideo.sys – (HyperVideo)
DRV:64bit: - [2012/07/25 23:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\Drivers\BasicRender.sys – (BasicRender)
DRV:64bit: - [2012/07/25 23:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\vmgencounter.sys – (gencounter)
DRV:64bit: - [2012/07/25 23:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\kdnic.sys – (kdnic)
DRV:64bit: - [2012/07/25 23:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\acpitime.sys – (acpitime)
DRV:64bit: - [2012/07/25 23:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\Drivers\npsvctrig.sys – (npsvctrig)
DRV:64bit: - [2012/07/25 23:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\WpdUpFltr.sys – (WpdUpFltr)
DRV:64bit: - [2012/07/25 23:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\acpipagr.sys – (acpipagr)
DRV:64bit: - [2012/07/25 23:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\hyperkbd.sys – (hyperkbd)
DRV:64bit: - [2012/07/25 23:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\SerCx.sys – (SerCx)
DRV:64bit: - [2012/07/25 23:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\SpbCx.sys – (SpbCx)
DRV:64bit: - [2012/07/25 23:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\TsUsbGD.sys – (TsUsbGD)
DRV:64bit: - [2012/07/25 23:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\bthhfenum.sys – (BthHFEnum)
DRV:64bit: - [2012/07/25 23:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\dmvsc.sys – (dmvsc)
DRV:64bit: - [2012/07/25 23:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\TsUsbFlt.sys – (TsUsbFlt)
DRV:64bit: - [2012/07/25 23:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\wpcfltr.sys – (wpcfltr)
DRV:64bit: - [2012/07/25 23:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\NdisImPlatform.sys – (NdisImPlatform)
DRV:64bit: - [2012/07/25 23:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\mslldp.sys – (MsLldp)
DRV:64bit: - [2012/07/25 23:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\SysNative\Drivers\Ndu.sys – (Ndu)
DRV:64bit: - [2012/07/24 23:21:22 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\AiCharger.sys – (AiCharger)
DRV:64bit: - [2012/07/24 00:16:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\Drivers\iaStorA.sys – (iaStorA)
DRV:64bit: - [2012/07/19 06:21:42 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\L1C63x64.sys – (L1C)
DRV:64bit: - [2012/07/02 20:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\HECIx64.sys – (MEIx64)
DRV:64bit: - [2012/06/02 11:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\agrsm64.sys – (AgereSoftModem)
DRV:64bit: - [2012/06/02 11:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\Rt630x64.sys – (RTL8168)
DRV:64bit: - [2012/06/02 11:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\NETwNs64.sys – (NETwNs64)
DRV:64bit: - [2012/06/02 11:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\Drivers\e1i63x64.sys – (e1iexpress)
DRV:64bit: - [2012/05/31 00:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] – C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys – (HIDSwitch)
DRV - [2011/09/07 14:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] – C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys – (ATKWMIACPIIO)
DRV - [2009/07/02 22:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] – C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys – (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM..\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM..\SearchScopes,DefaultScope =
IE - HKLM..\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU.DEFAULT..\SearchScopes,DefaultScope =
IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-19..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001..\SearchScopes\Web: “URL” = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “AutoConfigURL” = http://cdn1.browsersecurity.net/safe/cloud.js?si=77324&tid=18194

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\msktbird@mcafee.com: C:\Program Files\McAfee\MSK

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: about:newtab?source=home
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR - Extension: Google Drive = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR - Extension: YouTube = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR - Extension: Pesquisa do Google = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR - Extension: avast! Online Security = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0
CHR - Extension: Google Wallet = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0
CHR - Extension: Gmail = C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/26 02:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (HomeTab) - {f5d294b2-2032-45c9-b123-f60ce0e723fb} - C:\Program Files\HomeTab\IE\HomeTab.dll File not found
O2 - BHO: (ASUS Browser Extension x86) - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (HomeTab) - {f5d294b2-2032-45c9-b123-f60ce0e723fb} - C:\Program Files (x86)\HomeTab\IE\HomeTab.dll File not found
O3:64bit: - HKLM..\Toolbar: (HomeTab) - {f5d294b2-2032-45c9-b123-f60ce0e723fb} - C:\Program Files\HomeTab\IE\HomeTab.dll File not found
O3:64bit: - HKLM..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM..\Toolbar: (HomeTab) - {f5d294b2-2032-45c9-b123-f60ce0e723fb} - C:\Program Files (x86)\HomeTab\IE\HomeTab.dll File not found
O3 - HKLM..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM…\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM…\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM…\Run: [fst_br_129] File not found
O4 - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001…\Run: [asodakaossd] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001…\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001…\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Software Limited)
O4 - Startup: C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\asodakaossd.lnk = C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3528210504-3123644852-1271194366-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{163C1DBD-FFE1-4C72-9B0E-88EC91C0FCF8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{FA95CACC-14D4-4D3A-8E87-37A5CD7C065E}: DhcpNameServer = 127.0.0.1
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL) - C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL ()
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~2.dll) - c:\progra~2\optimi~1\optpro~2.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk )
O35:64bit: - HKLM..comfile [open] – “%1” %

O35:64bit: - HKLM..exefile [open] – “%1” %*
O35 - HKLM..comfile [open] – “%1” %*
O35 - HKLM..exefile [open] – “%1” %*
O37:64bit: - HKLM.…com [@ = comfile] – “%1” %*
O37:64bit: - HKLM.…exe [@ = exefile] – “%1” %*
O37 - HKLM.…com [@ = comfile] – “%1” %*
O37 - HKLM.…exe [@ = exefile] – “%1” %*
O38 - SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/05/14 23:33:01 | 000,000,000 | —D | C] – C:\Users\Gisele\Documents\Optimizer Pro
[2014/05/14 23:33:00 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Roaming\Optimizer Pro
[2014/05/14 23:32:58 | 000,000,000 | —D | C] – C:\ProgramData\TEMP
[2014/05/14 23:29:28 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2014/05/14 23:29:19 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Roaming\Uniblue
[2014/05/14 23:29:19 | 000,000,000 | —D | C] – C:\Program Files (x86)\Uniblue
[2014/05/14 23:27:51 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/05/14 23:27:48 | 000,000,000 | —D | C] – C:\Program Files (x86)\Optimizer Pro
[2014/05/13 21:59:28 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Local\Diagnostics
[2014/05/13 21:47:23 | 000,000,000 | —D | C] – C:\AdwCleaner
[2014/05/13 19:45:24 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1-Zip
[2014/05/13 19:45:23 | 000,000,000 | —D | C] – C:\Program Files (x86)\1-Zip
[2014/05/13 19:40:05 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/05/13 19:40:00 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Local\WinZip
[2014/05/13 19:39:37 | 000,000,000 | —D | C] – C:\ProgramData\WinZip
[2014/05/13 19:39:30 | 000,000,000 | —D | C] – C:\Program Files\WinZip
[2014/05/13 19:37:38 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Roaming\ARecEngine
[2014/05/11 16:33:06 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/11 15:51:49 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Local\Programs
[2014/05/11 00:29:19 | 000,536,576 | ---- | C] (SQLite Development Team) – C:\Windows\SysWow64\sqlite3.dll
[2014/05/11 00:09:46 | 000,000,000 | —D | C] – C:\Users\Gisele\AppData\Roaming\dsrisvergpucpu
[2014/05/05 10:14:02 | 000,000,000 | —D | C] – C:\Users\Gisele\Desktop\projetos
[2014/04/28 10:50:54 | 000,000,000 | —D | C] – C:\sources
[2014/04/27 20:01:50 | 000,116,224 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\Windows.Storage.Compression.dll
[2014/04/27 20:01:49 | 000,962,560 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\usercpl.dll
[2014/04/27 20:01:48 | 000,219,648 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\input.dll
[2014/04/27 20:01:48 | 000,047,616 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\PCPKsp.dll
[2014/04/27 20:01:47 | 000,612,416 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\mfplat.dll
[2014/04/27 20:01:41 | 000,204,800 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\dhcpcore6.dll
[2014/04/27 20:01:36 | 000,099,840 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\AppxSip.dll
[2014/04/27 20:01:30 | 001,226,752 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\Windows.UI.Immersive.dll
[2014/04/27 20:01:17 | 000,007,168 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\kbdhebl3.dll
[2014/04/27 19:59:58 | 000,579,584 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\StructuredQuery.dll
[2014/04/27 19:59:57 | 000,154,112 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\Windows.Storage.Compression.dll
[2014/04/27 19:59:54 | 000,056,552 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\drivers\sdstor.sys
[2014/04/27 19:59:50 | 001,395,712 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\Windows.UI.Immersive.dll
[2014/04/27 19:59:50 | 000,517,120 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\winlogon.exe
[2014/04/27 19:59:45 | 001,045,504 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\usercpl.dll
[2014/04/27 19:59:41 | 000,259,584 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\input.dll
[2014/04/27 19:59:36 | 000,049,664 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\BdeUISrv.exe
[2014/04/27 19:59:35 | 000,505,344 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\SpaceControl.dll
[2014/04/27 19:59:29 | 000,441,576 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\drivers\netio.sys
[2014/04/27 19:59:28 | 000,793,200 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\mfplat.dll
[2014/04/27 19:59:28 | 000,055,808 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\PCPKsp.dll
[2014/04/27 19:59:24 | 001,265,152 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\lsasrv.dll
[2014/04/27 19:59:16 | 000,007,680 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\kbdhebl3.dll
[2014/04/27 19:59:11 | 000,244,224 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\dhcpcore6.dll
[2014/04/27 19:59:11 | 000,062,976 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\dhcpcsvc6.dll
[2014/04/27 19:59:00 | 000,118,784 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\AppxSip.dll
[2014/04/27 19:59:00 | 000,034,816 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\microsoft-windows-pdc.dll
[2014/04/27 19:58:53 | 000,033,512 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\drivers\battc.sys
[2014/04/27 19:01:15 | 000,396,008 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\hal.dll
[2014/04/27 18:56:17 | 008,552,448 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\glcndFilter.dll
[2014/04/27 18:55:52 | 000,126,464 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\MFCaptureEngine.dll
[2014/04/27 18:55:47 | 000,386,560 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wlanmsm.dll
[2014/04/27 18:55:47 | 000,375,296 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wlansec.dll
[2014/04/27 18:55:47 | 000,202,240 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wlanapi.dll
[2014/04/27 18:55:47 | 000,093,696 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\WcnApi.dll
[2014/04/27 18:55:47 | 000,025,600 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wfdprov.dll
[2014/04/27 18:55:47 | 000,009,728 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wlanhlp.dll
[2014/04/27 18:55:39 | 000,189,440 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\bthprops.cpl
[2014/04/27 18:52:57 | 000,470,016 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\wlanmsm.dll