Start::
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3906829491-772124867-3683219445-1000\...\MountPoints2: {c2249fc7-be87-11e4-a4f8-806e6f6e6963} - D:\autorun.exe /d index.htm
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Task: {2F1F815B-D912-41A9-967D-2840DDD73501} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3906829491-772124867-3683219445-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /scheduledcheck (Nenhum Arquivo)
Task: {4702D105-E2A1-4A73-94CB-AFCABE36A435} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3906829491-772124867-3683219445-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe /logoncheck (Nenhum Arquivo)
Task: {49C1D814-9DEC-4741-A38E-DCD12AD37482} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3906829491-772124867-3683219445-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent (Nenhum Arquivo)
Task: {850C87A4-8446-4605-B3AB-B1286791A314} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Neves\Desktop\esetonlinescanner.exe LOGON (Nenhum Arquivo)
Task: {9807AC21-EB2F-467C-A85E-0FDF0972D98A} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (Nenhum Arquivo)
Task: {E0DE7C3D-075A-4308-9354-F4FDEB7C52B2} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Neves\Desktop\esetonlinescanner.exe SCHED (Nenhum Arquivo)
FF Plugin HKU\S-1-5-21-3906829491-772124867-3683219445-1000: gastecnologia.com.br/sf/abn -> C:\Users\Neves\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-3906829491-772124867-3683219445-1000: gastecnologia.com.br/sf/abn64 -> C:\Users\Neves\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [Nenhum Arquivo]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Nenhum Arquivo
SearchScopes: HKU\S-1-5-21-3906829491-772124867-3683219445-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CMD: ipconfig /flushdns

EmptyTemp:
End::