Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 06-11-2016 Executado por ALEXSANDRO (administrador) em ALEXSANDRO-PC (09-11-2016 23:37:49) Executando a partir de C:\Users\ALEXSANDRO\Downloads Perfis Carregados: ALEXSANDRO (Perfis Disponíveis: ALEXSANDRO) Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe (GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe (GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe (Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe () C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe () C:\Program Files\AVG Web TuneUp\vprot.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Akamai Technologies, Inc.) C:\Users\ALEXSANDRO\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\ALEXSANDRO\AppData\Local\Akamai\netsession_win.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe () C:\ProgramData\DataCardService\DCService.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe () C:\Program Files\WeatherTool\2.0.1.11280\WeatherService.exe (ShenZhen Enode Techology co,.Ltd) C:\Program Files\WeatherTool\2.0.1.11280\weather.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe (Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe (Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Google Inc.) C:\Users\ALEXSANDRO\AppData\Local\Google\Update\GoogleUpdate.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe (Google Inc.) C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-26] (Panda Security, S.L.) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-09-13] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [187152 2016-09-13] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2180680 2016-09-29] () HKLM\...\Run: [Autodesk Desktop App] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.) Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal) HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd) HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\Run: [Google Update] => C:\Users\ALEXSANDRO\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.) HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\Run: [Akamai NetSession Interface] => C:\Users\ALEXSANDRO\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.) HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\Policies\Explorer: [] HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\MountPoints2: {b991a754-da76-11e4-a2b9-0090f5a7b0ee} - F:\AutoRun.exe HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\MountPoints2: {b991a7b7-da76-11e4-a2b9-0090f5a7b0ee} - F:\AutoRun.exe HKU\S-1-5-21-2320990107-4095518728-475931620-1000\...\MountPoints2: {b991a8a2-da76-11e4-a2b9-0090f5a7b0ee} - F:\AutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.) ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => Nenhum Arquivo GroupPolicy: Restrição - Chrome <======= ATENÇÃO GroupPolicyScripts: Restrição <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C10EC3DB-669E-4024-89B7-F7AE756E3ABD}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{CBB59E97-0B4A-4659-BE7D-B36331FC7321}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=a3d2f7b2efb2f410c6cc645b46d57566 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434422347&z=f80d7ca5e37480a972852a2g2zccfz1zaoao2c5z1z&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1434422347&z=f80d7ca5e37480a972852a2g2zccfz1zaoao2c5z1z&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434422347&z=f80d7ca5e37480a972852a2g2zccfz1zaoao2c5z1z&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&q={searchTerms} HKU\S-1-5-21-2320990107-4095518728-475931620-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434422347&z=f80d7ca5e37480a972852a2g2zccfz1zaoao2c5z1z&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&q={searchTerms} HKU\S-1-5-21-2320990107-4095518728-475931620-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=a3d2f7b2efb2f410c6cc645b46d57566 HKU\S-1-5-21-2320990107-4095518728-475931620-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1434422347&z=f80d7ca5e37480a972852a2g2zccfz1zaoao2c5z1z&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G HKU\S-1-5-21-2320990107-4095518728-475931620-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434422347&z=f80d7ca5e37480a972852a2g2zccfz1zaoao2c5z1z&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&q={searchTerms} URLSearchHook: HKLM -> Padrão = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} URLSearchHook: HKLM - WebProtector - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\WebProtector\WebProtector.dll (Web Protector) SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={DA26623B-3B64-475E-9D05-38D9730AC8B2}&mid=2976e3758fb647ccb973d1d9b343591d-02df6c03db027743dbcdd9a9db7819f97a770e69&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-06-13 12:12:40&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&ts=1434422396&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> {1764060A-434E-47FD-91B9-F8BB3C3C1B84} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&ts=1434422396&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={DA26623B-3B64-475E-9D05-38D9730AC8B2}&mid=2976e3758fb647ccb973d1d9b343591d-02df6c03db027743dbcdd9a9db7819f97a770e69&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-06-13 12:12:40&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> {E4E012DC-1925-48E9-8010-2D195574642A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&ts=1434422396&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2320990107-4095518728-475931620-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=ST9500325AS_5VEB7C0GXXXX5VEB7C0G&ts=1434422396&type=default&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-07] (Oracle Corporation) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-09-29] (AVG) BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-07] (Oracle Corporation) BHO: B1 Empty Tab -> {E4E012DC-1925-48E9-8010-2D195574642A} -> C:\Program Files\Internet Explorer\alitab.dll [2015-03-25] (B1) Toolbar: HKLM - WebProtector - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\WebProtector\WebProtector.dll [2015-06-15] (Web Protector) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-07] () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Nenhum Arquivo] FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-07] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2320990107-4095518728-475931620-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ALEXSANDRO\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.) FF Plugin HKU\S-1-5-21-2320990107-4095518728-475931620-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ALEXSANDRO\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.) FF Plugin HKU\S-1-5-21-2320990107-4095518728-475931620-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ALEXSANDRO\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-07-20] (Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> mysearch.avg.com/?rvt=1 CHR StartupUrls: Default -> "hxxps://www.google.com.br/?gws_rd=ssl" CHR Profile: C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default [2016-11-09] CHR Extension: (Google Apresentações) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09] CHR Extension: (Google Docs) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09] CHR Extension: (Google Drive) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05] CHR Extension: (YouTube) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (AVG Secure Search) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-07-18] CHR Extension: (Google Search) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05] CHR Extension: (Planilhas do Google) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09] CHR Extension: (Documentos Google off-line) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20] CHR Extension: (Protector Web – Confiável proteção contra phishing) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfecnpmgnlnbmipaogfhoacoioifjgko [2015-08-23] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08] CHR Extension: (Maps Homepage) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\peefijfehegcihhmnnaopkhgfaodgodb [2015-04-11] CHR Extension: (Gmail) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01] CHR Extension: (Chrome Media Router) - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27] CHR HKLM\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2320990107-4095518728-475931620-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2320990107-4095518728-475931620-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfecnpmgnlnbmipaogfhoacoioifjgko] - hxxp://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.QUGREEKDYOJMFCCBWXFH75JLIQ - C:\Users\ALEXSANDRO\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.) S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [647864 2016-10-13] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4149312 2016-10-13] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [945936 2016-09-13] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [605336 2016-10-13] (AVG Technologies CZ, s.r.o.) R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [Arquivo não assinado] S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2016-10-20] (Flexera Software LLC) R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia) R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-26] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.) R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-26] (Panda Security, S.L.) R2 TheDesktopWeatherService; C:\Program Files\WeatherTool\2.0.1.11280\WeatherService.exe [141960 2016-03-29] () R2 vToolbarUpdater40.3.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-09-29] (AVG Secure Search) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-09-29] () ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257792 2016-09-22] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [210176 2016-07-27] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [218880 2016-09-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [197376 2016-09-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.) R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.) R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [46440 2015-03-31] (Baidu, Inc.) R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-12-08] (GAS Tecnologia) S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [69504 2010-04-09] (Huawei Technologies Co., Ltd.) R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-03-20] (GAS Tecnologia) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [86800 2015-02-09] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202128 2015-02-09] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109584 2015-02-09] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126480 2015-02-09] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [41744 2014-12-31] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99856 2015-02-09] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61712 2015-02-09] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120592 2015-02-09] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281232 2015-02-09] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [205456 2015-02-09] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108432 2015-02-09] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [239888 2015-02-09] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94864 2015-02-09] (Panda Security, S.L.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [140048 2015-02-25] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2015-02-25] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2015-02-25] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2015-02-25] (Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2015-02-25] (Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100624 2015-02-25] (Panda Security, S.L.) S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X] U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [204800 2010-04-07] (Huawei Technologies Co., Ltd.) S0 gbpddreg; system32\drivers\gbpddreg32.sys [X] S3 PCFApiUtil; \??\C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-11-09 23:37 - 2016-11-09 23:38 - 00024364 _____ C:\Users\ALEXSANDRO\Downloads\FRST.txt 2016-11-09 23:34 - 2016-11-09 23:37 - 00000000 ____D C:\FRST 2016-11-09 23:33 - 2016-11-09 23:33 - 01759744 _____ (Farbar) C:\Users\ALEXSANDRO\Downloads\FRST.exe 2016-10-27 00:11 - 2016-10-27 00:11 - 00412834 _____ C:\Users\ALEXSANDRO\Downloads\redes_energia_bandeira (1).pdf 2016-10-25 22:06 - 2016-10-25 22:06 - 00412834 _____ C:\Users\ALEXSANDRO\Downloads\redes_energia_bandeira.pdf 2016-10-25 21:36 - 2016-10-25 21:36 - 00058544 _____ C:\Users\ALEXSANDRO\Downloads\boleto concurso motorista (1).html 2016-10-25 21:09 - 2016-10-25 21:09 - 00058544 _____ C:\Users\ALEXSANDRO\Downloads\boleto concurso motorista.html 2016-10-25 21:03 - 2016-10-25 21:03 - 00058544 _____ C:\Users\ALEXSANDRO\Desktop\boleto concurso motorista.html 2016-10-25 21:03 - 2016-10-25 21:03 - 00000000 ____D C:\Users\ALEXSANDRO\Desktop\boleto concurso motorista_files 2016-10-23 11:37 - 2016-10-23 11:37 - 00000000 ____D C:\Users\Todos os Usuários\Avg_Update_1016tb 2016-10-23 11:37 - 2016-10-23 11:37 - 00000000 ____D C:\ProgramData\Avg_Update_1016tb 2016-10-20 01:31 - 2016-10-20 01:31 - 01118920 _____ (Microsoft Corporation) C:\Users\ALEXSANDRO\Downloads\NDP452-KB2901954-Web.exe 2016-10-20 01:27 - 2016-10-20 01:27 - 01424328 _____ (Microsoft Corporation) C:\Users\ALEXSANDRO\Downloads\NDP461-KB3102438-Web (1).exe 2016-10-20 01:25 - 2016-10-20 01:25 - 01424328 _____ (Microsoft Corporation) C:\Users\ALEXSANDRO\Downloads\NDP461-KB3102438-Web.exe 2016-10-20 01:15 - 2016-10-20 01:15 - 00002359 _____ C:\Users\ALEXSANDRO\Desktop\Instalar agora Autodesk® AutoCAD® 2017.lnk 2016-10-20 01:15 - 2016-10-20 01:15 - 00000000 ____D C:\Users\ALEXSANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-10-20 01:14 - 2016-10-20 01:14 - 00001485 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk 2016-10-20 01:12 - 2016-10-20 01:12 - 00002003 _____ C:\Users\Public\Desktop\A360 Desktop.lnk 2016-10-20 01:08 - 2016-10-20 01:24 - 00000000 ____D C:\Users\Public\Documents\Autodesk 2016-10-20 01:08 - 2016-10-20 01:14 - 00000000 ____D C:\Users\ALEXSANDRO\AppData\Local\Autodesk 2016-10-20 01:08 - 2016-10-20 01:08 - 00002100 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk 2016-10-20 01:06 - 2016-10-20 01:06 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared 2016-10-20 00:59 - 2016-10-20 01:13 - 00000000 ____D C:\Program Files\Autodesk 2016-10-20 00:38 - 2016-10-20 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-10-20 00:36 - 2016-10-20 01:07 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2016-10-20 00:34 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-10-20 00:34 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-10-20 00:34 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-10-20 00:34 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-10-20 00:34 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-10-20 00:34 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-10-20 00:34 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-10-20 00:34 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-10-20 00:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-10-20 00:34 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-10-20 00:34 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-10-20 00:34 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-10-20 00:26 - 2016-10-20 01:14 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk 2016-10-20 00:26 - 2016-10-20 01:14 - 00000000 ____D C:\Users\ALEXSANDRO\AppData\Roaming\Autodesk 2016-10-20 00:26 - 2016-10-20 01:14 - 00000000 ____D C:\ProgramData\Autodesk 2016-10-20 00:23 - 2016-10-20 00:25 - 00000000 ____D C:\Users\ALEXSANDRO\AppData\Local\Akamai 2016-10-20 00:23 - 2016-10-20 00:23 - 18633896 _____ C:\Users\ALEXSANDRO\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup.exe 2016-10-20 00:23 - 2016-10-20 00:23 - 00000000 ____D C:\Autodesk 2016-10-20 00:22 - 2016-10-20 00:22 - 00338360 _____ (Autodesk Inc.) C:\Users\ALEXSANDRO\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup_webinstall.exe 2016-10-09 16:43 - 2016-10-09 16:43 - 00147797 _____ C:\Users\ALEXSANDRO\Downloads\econversão de energia.html 2016-10-09 16:43 - 2016-10-09 16:43 - 00000000 ____D C:\Users\ALEXSANDRO\Downloads\econversão de energia_files 2016-10-09 16:15 - 2016-10-09 16:15 - 11162894 _____ C:\Users\ALEXSANDRO\Downloads\Capitulo1_Sears.pdf 2016-10-08 12:49 - 2016-10-08 12:49 - 11260928 _____ C:\Users\ALEXSANDRO\Downloads\ConversãoEnergia.zip 2016-10-08 11:52 - 2016-10-08 11:52 - 00014865 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-1-RELATORIO-CONTRAPARTIDA-SOCIAL (12) (2).pdf 2016-10-08 11:52 - 2016-10-08 11:52 - 00014865 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-1-RELATORIO-CONTRAPARTIDA-SOCIAL (12) (1).pdf 2016-10-08 11:45 - 2016-10-08 11:45 - 00014865 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-1-RELATORIO-CONTRAPARTIDA-SOCIAL (12).pdf 2016-10-08 11:45 - 2016-10-08 11:45 - 00008470 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-2-RELATORIO-CONTRAPARTIDA-SOCIAL (15).pdf 2016-09-30 02:00 - 2016-09-30 02:00 - 00460544 _____ C:\Users\ALEXSANDRO\Downloads\1---transistores-ii---v1.0.pdf 2016-09-29 23:18 - 2016-09-29 23:18 - 00910600 _____ C:\Users\ALEXSANDRO\Downloads\lista do piter.pdf 2016-09-28 23:55 - 2016-09-28 23:56 - 02741584 _____ C:\Users\ALEXSANDRO\Downloads\tabelas.zip 2016-09-28 23:55 - 2016-09-28 23:55 - 00275792 _____ C:\Users\ALEXSANDRO\Downloads\papel Grafico.zip 2016-09-28 23:55 - 2016-09-28 23:55 - 00104987 _____ C:\Users\ALEXSANDRO\Downloads\papel Desenho Tecnico.zip 2016-09-28 23:54 - 2016-09-29 00:03 - 43066108 _____ C:\Users\ALEXSANDRO\Downloads\livros Sensores.zip 2016-09-28 23:54 - 2016-09-28 23:55 - 08481124 _____ C:\Users\ALEXSANDRO\Downloads\modelos monografia normas.zip 2016-09-28 23:53 - 2016-09-29 00:05 - 62743312 _____ C:\Users\ALEXSANDRO\Downloads\livros Recursos Energeticos.zip 2016-09-28 23:52 - 2016-09-29 00:10 - 373667643 _____ C:\Users\ALEXSANDRO\Downloads\livros Mecanica Geral.zip 2016-09-28 23:51 - 2016-09-28 23:54 - 23646060 _____ C:\Users\ALEXSANDRO\Downloads\livros Logica e Programacao.zip 2016-09-28 23:50 - 2016-09-29 00:11 - 670170218 _____ C:\Users\ALEXSANDRO\Downloads\livros Fisica.zip 2016-09-28 23:50 - 2016-09-28 23:55 - 33651889 _____ C:\Users\ALEXSANDRO\Downloads\livros Fenomenos Transporte.zip 2016-09-28 23:49 - 2016-09-29 00:05 - 350250304 _____ C:\Users\ALEXSANDRO\Downloads\livros Eletronica Basica e Digital.zip 2016-09-28 23:47 - 2016-09-28 23:57 - 477922116 _____ C:\Users\ALEXSANDRO\Downloads\livros controle e servo.zip 2016-09-28 23:47 - 2016-09-28 23:48 - 82508995 _____ C:\Users\ALEXSANDRO\Downloads\livros Calculo.zip 2016-09-28 23:46 - 2016-09-28 23:48 - 78968355 _____ C:\Users\ALEXSANDRO\Downloads\livros Automotivos.zip 2016-09-28 23:46 - 2016-09-28 23:46 - 44741634 _____ C:\Users\ALEXSANDRO\Downloads\livros automacao e robotica.zip 2016-09-28 23:45 - 2016-09-28 23:45 - 07685130 _____ C:\Users\ALEXSANDRO\Downloads\FIP-UNICAPITAL Recursos Energeticos.zip 2016-09-28 23:44 - 2016-09-29 00:01 - 851372629 _____ C:\Users\ALEXSANDRO\Downloads\FIP-UNICAPITAL Fund Instrumentacao.zip 2016-09-28 23:43 - 2016-09-28 23:44 - 103627117 _____ C:\Users\ALEXSANDRO\Downloads\FIP Mecanica Geral.zip 2016-09-28 23:43 - 2016-09-28 23:43 - 36940207 _____ C:\Users\ALEXSANDRO\Downloads\FIP Linguagem de Programacao.zip 2016-09-28 23:42 - 2016-09-28 23:43 - 78406807 _____ C:\Users\ALEXSANDRO\Downloads\FATEC SUSPENSAO ATIVA.zip 2016-09-28 23:41 - 2016-09-28 23:42 - 02468064 _____ C:\Users\ALEXSANDRO\Downloads\FATEC Pre-Calculo.zip 2016-09-28 23:41 - 2016-09-28 23:41 - 02935176 _____ C:\Users\ALEXSANDRO\Downloads\FATEC modelo monografia.zip 2016-09-28 23:40 - 2016-09-28 23:40 - 06915101 _____ C:\Users\ALEXSANDRO\Downloads\F2 exs2.pdf 2016-09-28 23:39 - 2016-09-28 23:40 - 26171328 _____ C:\Users\ALEXSANDRO\Downloads\FATEC Fisica 2.zip 2016-09-28 23:39 - 2016-09-28 23:39 - 26689134 _____ C:\Users\ALEXSANDRO\Downloads\FATEC Fisica 1.zip 2016-09-28 23:37 - 2016-09-28 23:37 - 08331414 _____ C:\Users\ALEXSANDRO\Downloads\FATEC Fenomenos Transporte.zip 2016-09-28 22:56 - 2016-09-28 22:56 - 01567798 _____ C:\Users\ALEXSANDRO\Downloads\05 RecursosEnergeticos problema energetico .pdf 2016-09-28 22:56 - 2016-09-28 22:56 - 00993629 _____ C:\Users\ALEXSANDRO\Downloads\04 RecursosEnergeticos desenvolvimento sustentável2.pdf 2016-09-28 22:53 - 2016-09-28 22:53 - 01548690 _____ C:\Users\ALEXSANDRO\Downloads\03 RecursosEnergeticos desenvolvimento sustentável1.pdf 2016-09-28 22:52 - 2016-09-28 22:52 - 00968816 _____ C:\Users\ALEXSANDRO\Downloads\02 RecursosEnergeticos fontes energeticas (1).pdf 2016-09-28 22:51 - 2016-09-28 22:51 - 00968816 _____ C:\Users\ALEXSANDRO\Downloads\02 RecursosEnergeticos fontes energeticas.pdf 2016-09-28 22:36 - 2016-09-28 22:36 - 02451320 _____ C:\Users\ALEXSANDRO\Downloads\01 RecursosEnergeticos energia.pdf 2016-09-28 01:17 - 2016-09-28 01:17 - 00000000 ____D C:\Users\Public\Documents\Sys 2016-09-28 01:17 - 2016-09-28 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript 2016-09-28 01:17 - 2016-09-28 01:17 - 00000000 ____D C:\Program Files\GPLGS 2016-09-28 01:17 - 2008-07-19 17:02 - 00086016 _____ C:\Windows\system32\custmon32.dll 2016-09-28 01:16 - 2016-09-28 01:17 - 00000000 ____D C:\Program Files\gs 2016-09-28 01:16 - 2016-09-28 01:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSCad 2016-09-28 01:16 - 2016-09-28 01:16 - 00000000 ____D C:\Program Files\MSCad PDF 2016-09-28 01:15 - 2016-09-28 01:19 - 00000000 ____D C:\Program Files\MSCad 2016-09-28 01:14 - 2016-09-28 01:15 - 43299912 _____ (MSCad ) C:\Users\ALEXSANDRO\Downloads\Setup-MSCad-Profissional (1).exe 2016-09-28 00:56 - 2016-09-28 00:56 - 00847100 _____ C:\Users\ALEXSANDRO\Downloads\apostila-de-eletronica-basica(1) (1).pdf 2016-09-28 00:56 - 2016-09-28 00:56 - 00189228 _____ C:\Users\ALEXSANDRO\Downloads\lei-de-ohm(1).pdf 2016-09-28 00:55 - 2016-09-28 00:55 - 03794253 _____ C:\Users\ALEXSANDRO\Downloads\circuito-eletrico(1).pdf 2016-09-28 00:55 - 2016-09-28 00:55 - 00847100 _____ C:\Users\ALEXSANDRO\Downloads\apostila-de-eletronica-basica(1).pdf 2016-09-28 00:55 - 2016-09-28 00:55 - 00804819 _____ C:\Users\ALEXSANDRO\Downloads\eletronica-basica(1).pdf 2016-09-28 00:11 - 2016-09-28 00:12 - 43299912 _____ (MSCad ) C:\Users\ALEXSANDRO\Downloads\Setup-MSCad-Profissional.exe 2016-09-26 18:19 - 2016-09-26 18:19 - 00197376 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys 2016-09-24 23:22 - 2016-09-24 23:22 - 00000046 ____H C:\Users\Public\Documents\msdrls.dat 2016-09-22 14:44 - 2016-09-22 14:44 - 00257792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys 2016-09-20 16:53 - 2016-09-20 16:53 - 00218880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys 2016-09-10 01:09 - 2016-09-10 01:09 - 00014779 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-1-RELATORIO-CONTRAPARTIDA-SOCIAL (11) (1).pdf 2016-09-10 01:09 - 2016-09-10 01:09 - 00008592 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-2-RELATORIO-CONTRAPARTIDA-SOCIAL (14) (1).pdf 2016-09-07 01:16 - 2016-09-07 01:16 - 00018929 _____ C:\Users\ALEXSANDRO\Downloads\boletim lotação.html 2016-09-07 01:16 - 2016-09-07 01:16 - 00000000 ____D C:\Users\ALEXSANDRO\Downloads\boletim lotação_files 2016-09-02 10:58 - 2016-09-02 10:58 - 00014779 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-1-RELATORIO-CONTRAPARTIDA-SOCIAL (11).pdf 2016-09-02 10:58 - 2016-09-02 10:58 - 00008592 _____ C:\Users\ALEXSANDRO\Downloads\PAGINA-2-RELATORIO-CONTRAPARTIDA-SOCIAL (14).pdf ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-11-09 23:37 - 2009-07-14 02:34 - 00005984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-09 23:37 - 2009-07-14 02:34 - 00005984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-09 23:33 - 2014-09-07 19:36 - 00000000 ____D C:\Users\ALEXSANDRO\AppData\Roaming\Skype 2016-11-09 23:20 - 2015-12-03 08:53 - 00000000 ____D C:\Users\Todos os Usuários\MFAData 2016-11-09 23:20 - 2015-12-03 08:53 - 00000000 ____D C:\ProgramData\MFAData 2016-11-09 23:20 - 2015-06-16 00:39 - 00000604 _____ C:\Windows\Tasks\{3B7FD029-D932-411b-AF15-C96CF8EF0C18}{19F8DB95-4D78-4ddb-AC71-C610654FE37F}.job 2016-11-09 23:16 - 2015-06-16 00:40 - 00000428 _____ C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job 2016-11-09 23:16 - 2015-06-16 00:40 - 00000000 ____D C:\Users\Todos os Usuários\ToolsUpdatePlatform 2016-11-09 23:16 - 2015-06-16 00:40 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform 2016-11-09 23:16 - 2015-06-16 00:39 - 00000000 ____D C:\Users\ALEXSANDRO\AppData\Roaming\WeatherTool 2016-11-09 23:16 - 2014-09-09 21:16 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-11-09 23:16 - 2014-09-07 20:44 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2320990107-4095518728-475931620-1000UA.job 2016-11-09 23:16 - 2014-09-07 20:44 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2320990107-4095518728-475931620-1000Core.job 2016-10-25 20:54 - 2014-09-07 20:53 - 00002400 _____ C:\Users\ALEXSANDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-20 01:56 - 2014-09-07 19:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI 2016-10-20 01:56 - 2009-07-29 16:46 - 00705268 _____ C:\Windows\system32\prfh0416.dat 2016-10-20 01:56 - 2009-07-29 16:46 - 00147108 _____ C:\Windows\system32\prfc0416.dat 2016-10-20 01:56 - 2009-07-14 00:37 - 00000000 ____D C:\Windows\inf 2016-10-20 01:51 - 2014-09-07 19:33 - 00141312 _____ C:\Users\ALEXSANDRO\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-20 01:50 - 2009-07-14 02:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-10-20 01:50 - 2009-07-14 02:33 - 00525688 _____ C:\Windows\system32\FNTCACHE.DAT 2016-10-20 01:06 - 2009-07-14 02:52 - 00000000 ____D C:\Windows\Downloaded Program Files 2016-10-20 00:32 - 2015-03-25 13:01 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-10-20 00:32 - 2015-03-25 13:01 - 00000000 ____D C:\ProgramData\Package Cache 2016-10-19 20:14 - 2015-12-03 08:56 - 00000906 _____ C:\Users\Public\Desktop\AVG Protection.lnk 2016-10-19 20:14 - 2015-12-03 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG ==================== Arquivos na raiz de alguns diretórios ======= 2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\ALEXSANDRO\AppData\Roaming\PONQSUIO 2015-04-03 22:39 - 2015-04-03 22:39 - 0014501 _____ () C:\ProgramData\Duplicaterecord.js 2015-08-27 11:18 - 2015-08-27 11:18 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\Duplicaterecord.js C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Todos os Usuários\Duplicaterecord.js C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Alguns arquivos em TEMP: ==================== C:\Users\ALEXSANDRO\AppData\Local\Temp\AcDeltree.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_081064634227.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_081382171199.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_081533421419.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_081692840875.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_081820419017.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_0819497799.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_08341051475.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_08354677487.exe C:\Users\ALEXSANDRO\AppData\Local\Temp\avguirn_08999875630.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll [2009-07-13 21:24] - [2009-07-13 23:16] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1 C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-07-02 11:31 ==================== Fim de FRST.txt ============================