Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 24.10.2018
Executado por FAMILIA DO FUTURO (administrador) em RAFAEL (05-11-2018 17:33:30)
Executando a partir de C:\Users\FAMILIA DO FUTURO\Downloads
Perfis Carregados: FAMILIA DO FUTURO (Perfis Disponíveis: FAMILIA DO FUTURO)
Platform: Windows 8.1 Pro (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-198353743-162609330-3266068508-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-198353743-162609330-3266068508-1001\...\MountPoints2: {9faf97ae-f3d5-11e6-826e-2025643740d8} - "E:\iLinker.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\autopico.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\kmseldi.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\uninshs.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\Winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-01-02]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shortcut to Primary output from Start (Active).lnk [2018-11-04]
ShortcutTarget: Shortcut to Primary output from Start (Active).lnk -> C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Microsoft\Installer\{205A0649-1314-4131-926C-86E8F69A2F32}\_943D12A50B232DA70D202B.exe ()
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6904E353-9F86-47C6-9204-30BA8E582D3F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-198353743-162609330-3266068508-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: vekk1i8x.default
FF ProfilePath: C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default [2018-11-05]
FF user.js: detected! => C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\user.js [2017-06-30]
FF Extension: (System Table) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\Extensions\383882@modext.tech.xpi [2018-08-22]
FF Extension: (Avast SafePrice) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\Extensions\sp@avast.com.xpi [2018-04-17]
FF Extension: (Avast Online Security) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\Extensions\wrc@avast.com.xpi [2018-10-25]
FF Extension: (Google Code Correction) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\features\{174d5c8b-8071-4a8e-85c9-e4a1b5c3a7ae}\google-code-correction@mozilla.org.xpi [2018-10-25] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\features\{174d5c8b-8071-4a8e-85c9-e4a1b5c3a7ae}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-25] [Legacy]
FF Extension: (Sem Nome) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{32082DD9-C536-43AA-AF48-D266049C6FDA}.xpi [2018-11-04] [não assinado]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-19] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-11-05]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\secure_cert.js [2018-11-04] <==== ATENÇÃO
Chrome:
=======
CHR Profile: C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default [2018-11-04]
CHR Extension: (Apresentações) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-22]
CHR Extension: (Documentos) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-22]
CHR Extension: (Google Drive) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-27]
CHR Extension: (YouTube) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Pesquisa do Google) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-10-27]
CHR Extension: (Avast SafePrice | Comparação, ofertas, cupons) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-23]
CHR Extension: (Planilhas) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-22]
CHR Extension: (Documentos Google off-line) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-23]
CHR Extension: (Avast Online Security) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-22]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-02]
CHR Extension: (System Table) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0 [2018-11-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [338632 2018-10-22] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9121248 2018-11-02] (AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S2 NGIzNzRiM; C:\Program Files\NGIzNzRiM\MWZjOT.exe [516952 2018-11-04] ()
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1083736 2018-10-01] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 MTY4ZD; rundll32.exe C:\Windows\tiktzoyonwdlzst.tizt FfzyWl [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) [Arquivo não assinado]
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-22] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-22] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [483384 2018-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-22] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2018-11-05] (SlimWare Utilities, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-10-25] (Basil Projects)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-10-29] (GAS Tecnologia)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [47576 2018-04-25] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-12-14] (GAS Tecnologia)
S3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-04-10] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
R1 Yzg1YjJiNmJiMTRlY; \??\C:\Windows\system32\drivers\Yzg1YjJiNmJiMTRlY [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-05 17:33 - 2018-11-05 17:34 - 000018575 _____ C:\Users\FAMILIA DO FUTURO\Downloads\FRST.txt
2018-11-05 17:33 - 2018-11-05 17:33 - 000000000 ____D C:\FRST
2018-11-05 17:32 - 2018-11-05 17:32 - 002414592 _____ (Farbar) C:\Users\FAMILIA DO FUTURO\Downloads\FRST64.exe
2018-11-04 21:27 - 2018-11-04 21:27 - 000000286 __RSH C:\Users\FAMILIA DO FUTURO\ntuser.pol
2018-11-04 21:20 - 2018-11-04 21:20 - 008779416 _____ (FS) C:\Users\FAMILIA DO FUTURO\Downloads\gerenciador_de_aplicativos_[8AEB-CFC1-BEE3].exe
2018-11-04 21:15 - 2018-11-04 21:15 - 008779416 _____ (FS) C:\Users\FAMILIA DO FUTURO\Downloads\gerenciador_de_aplicativos_[6030-1238-0446](1).exe
2018-11-04 21:13 - 2018-11-04 21:13 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\FS
2018-11-04 21:08 - 2018-11-04 21:08 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-11-04 21:07 - 2018-11-04 21:07 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-04 21:05 - 2018-11-04 21:05 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\LocalLow\EmieUserList
2018-11-04 21:04 - 2018-11-04 21:26 - 000000502 _____ C:\Windows\Tasks\updater.exe.job
2018-11-04 21:04 - 2018-11-04 21:04 - 000003148 _____ C:\Windows\System32\Tasks\updater.exe
2018-11-04 21:04 - 2018-11-04 21:04 - 000000000 ____D C:\Program Files (x86)\FS
2018-11-04 21:03 - 2018-11-04 21:03 - 008779416 _____ (FS) C:\Users\FAMILIA DO FUTURO\Downloads\gerenciador_de_aplicativos_[6030-1238-0446].exe
2018-11-04 20:49 - 2018-11-04 20:49 - 000000654 __RSH C:\Users\Todos os Usuários\ntuser.pol
2018-11-04 20:49 - 2018-11-04 20:49 - 000000654 __RSH C:\ProgramData\ntuser.pol
2018-11-04 20:48 - 2018-11-05 17:20 - 000000326 _____ C:\Windows\Tasks\lKLHkisATsnNjPT.job
2018-11-04 20:48 - 2018-11-04 20:48 - 000002580 _____ C:\Windows\System32\Tasks\lKLHkisATsnNjPT
2018-11-04 20:48 - 2018-11-04 20:48 - 000000000 ____D C:\Program Files (x86)\VXIXCZnnU
2018-11-04 20:46 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\vjjec11i0ac
2018-11-04 20:46 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\e2kiktntlbu
2018-11-04 20:46 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\1tnolhtrk5b
2018-11-04 20:46 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\SV819BM3JR
2018-11-04 20:46 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\8PAF099Z0H
2018-11-04 20:46 - 2018-11-04 20:47 - 000000000 ____D C:\Program Files\NGIzNzRiM
2018-11-04 20:44 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\qjr2phpsenz
2018-11-04 20:44 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\mxfkf3gwyut
2018-11-04 20:44 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\XCD8QQUP83
2018-11-04 20:44 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\A5HZFQ97UO
2018-11-04 20:43 - 2018-11-04 20:43 - 000000000 ____D C:\Windows\system32\appmgmt
2018-11-04 19:42 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\x0p4u30twhf
2018-11-04 19:42 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\vdji3c34mxq
2018-11-04 19:42 - 2018-11-04 20:46 - 000000000 ____D C:\Users\Todos os Usuários\PrefsSecure
2018-11-04 19:42 - 2018-11-04 20:46 - 000000000 ____D C:\ProgramData\PrefsSecure
2018-11-04 19:42 - 2018-11-04 19:50 - 000000000 ____D C:\Program Files\R9P0B6CRSP
2018-11-04 19:42 - 2018-11-04 19:42 - 000000000 ____D C:\Program Files\8F0J8SNWCE
2018-11-04 19:41 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\bfypbdwmldj
2018-11-04 19:40 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\2buqiicm4x4
2018-11-04 19:40 - 2018-11-04 20:47 - 000000000 ____D C:\Windows\SysWOW64\SSL
2018-11-04 19:40 - 2018-11-04 20:40 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\WhiteClick
2018-11-04 19:40 - 2018-11-04 19:50 - 000000000 ____D C:\Program Files\UAIT894O3F
2018-11-04 19:40 - 2018-11-04 19:41 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\WidModule
2018-11-04 19:40 - 2018-11-04 19:40 - 001086976 _____ C:\Windows\tiktzoyonwdlzst.tizt
2018-11-04 19:39 - 2018-11-04 19:48 - 000000000 ____D C:\Program Files\WebDiscoverBrowser
2018-11-04 19:39 - 2018-11-04 19:43 - 000000000 ____D C:\Program Files\SASNWQV8K2
2018-11-04 19:39 - 2018-11-04 19:39 - 000000003 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\wbem.ini
2018-11-04 19:39 - 2018-11-04 19:39 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\WebDiscoverBrowser
2018-11-04 19:37 - 2018-11-04 20:46 - 000722944 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\sham.db
2018-11-04 19:37 - 2018-11-04 20:46 - 000016080 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\InstallationConfiguration.xml
2018-11-04 19:37 - 2018-11-04 19:37 - 000140800 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\installer.dat
2018-11-04 19:16 - 2018-11-04 19:16 - 000320096 _____ (Mozilla) C:\Users\FAMILIA DO FUTURO\Downloads\Firefox Installer.exe
2018-11-04 11:02 - 2018-11-04 11:02 - 001324544 _____ C:\Windows\ZmQ2OTRlMDkwZDI4NGE3.exe
2018-11-04 11:02 - 2018-11-04 11:02 - 000202296 _____ C:\Windows\system32\Drivers\Yzg1YjJiNmJiMTRlY
2018-11-04 11:02 - 2018-11-04 11:02 - 000098210 _____ C:\Windows\uninstaller.dat
2018-11-02 17:03 - 2018-11-02 17:03 - 000001274 _____ C:\Users\FAMILIA DO FUTURO\Desktop\CrossFire.lnk
2018-11-02 17:03 - 2018-11-02 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2018-11-02 13:17 - 2018-11-02 13:18 - 000283712 _____ C:\Windows\Minidump\110218-14515-01.dmp
2018-11-02 12:22 - 2018-11-02 12:22 - 000283712 _____ C:\Windows\Minidump\110218-23281-01.dmp
2018-11-02 12:06 - 2018-11-02 12:06 - 000283712 _____ C:\Windows\Minidump\110218-23593-01.dmp
2018-11-02 11:43 - 2018-11-02 11:43 - 000283712 _____ C:\Windows\Minidump\110218-31828-01.dmp
2018-10-29 19:45 - 2018-10-29 19:47 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\Desktop\OBD II
2018-10-25 19:15 - 2018-11-05 17:23 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\LocalLow\Mozilla
2018-10-24 20:20 - 2018-10-24 20:20 - 000283712 _____ C:\Windows\Minidump\102418-17343-01.dmp
2018-10-24 20:06 - 2018-10-24 20:06 - 000283656 _____ C:\Windows\Minidump\102418-25984-01.dmp
2018-10-23 21:56 - 2018-11-05 17:24 - 000003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F1ED495F-3D26-47A4-ACA9-BAB648F57335}
2018-10-23 21:56 - 2018-10-23 21:56 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Macromedia
2018-10-23 21:55 - 2018-10-23 21:55 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\Local\EmieUserList
2018-10-23 21:55 - 2018-10-23 21:55 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\Local\EmieSiteList
2018-10-23 20:51 - 2018-11-02 17:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\Documents\Cross Fire
2018-10-23 20:51 - 2018-11-02 17:26 - 000000000 ____D C:\CFLog
2018-10-23 20:28 - 2018-10-23 20:28 - 000000000 ____D C:\Program Files (x86)\Z8Games
2018-10-23 19:58 - 2018-10-23 19:58 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Google
2018-10-23 19:49 - 2018-10-23 20:49 - 000000000 ____D C:\Users\Todos os Usuários\Solid State Networks
2018-10-23 19:49 - 2018-10-23 20:49 - 000000000 ____D C:\ProgramData\Solid State Networks
2018-10-23 19:49 - 2018-10-23 20:18 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\CrossFire Installer
2018-10-22 22:04 - 2018-10-22 22:04 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2018-10-22 21:47 - 2018-10-22 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2018-10-22 21:39 - 2018-10-22 21:38 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-22 21:39 - 2018-10-22 21:38 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-22 12:01 - 2018-10-22 12:01 - 000283656 _____ C:\Windows\Minidump\102218-18312-01.dmp
2018-10-22 11:46 - 2018-10-22 11:46 - 000283656 _____ C:\Windows\Minidump\102218-15843-01.dmp
2018-10-21 21:39 - 2018-10-21 21:39 - 000283656 _____ C:\Windows\Minidump\102118-19671-01.dmp
2018-10-21 19:52 - 2018-10-21 19:53 - 000283600 _____ C:\Windows\Minidump\102118-21531-01.dmp
2018-10-21 19:50 - 2018-10-21 19:50 - 000000000 ____D C:\Windows\%LOCALAPPDATA%
2018-08-08 06:35 - 2018-08-08 06:36 - 000283656 _____ C:\Windows\Minidump\080818-16546-01.dmp
2018-08-07 05:05 - 2018-08-07 05:05 - 000283656 _____ C:\Windows\Minidump\080718-19125-01.dmp
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-05 17:24 - 2016-10-25 13:35 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-198353743-162609330-3266068508-1001
2018-11-05 17:23 - 2018-01-05 19:25 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\AVAST Software
2018-11-05 17:22 - 2018-01-05 19:25 - 000000524 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2018-11-05 17:20 - 2018-01-05 19:25 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2018-11-05 17:20 - 2017-10-12 09:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-05 17:19 - 2016-10-25 19:57 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\IntelGraphicsProfiles
2018-11-04 21:34 - 2013-09-30 02:15 - 001797106 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-04 21:34 - 2013-09-30 01:56 - 000774702 _____ C:\Windows\system32\prfh0416.dat
2018-11-04 21:34 - 2013-09-30 01:56 - 000158296 _____ C:\Windows\system32\prfc0416.dat
2018-11-04 21:34 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\Inf
2018-11-04 21:27 - 2016-10-25 13:30 - 000000000 ____D C:\Users\FAMILIA DO FUTURO
2018-11-04 21:26 - 2016-10-27 18:08 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-04 21:26 - 2016-10-27 16:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-04 21:26 - 2013-08-22 12:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-04 21:25 - 2017-10-29 11:53 - 000000000 _____ C:\Windows\system32\last.dump
2018-11-04 21:25 - 2013-08-22 11:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-11-04 21:11 - 2016-10-27 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-04 21:05 - 2018-07-01 17:09 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\LocalLow\EmieSiteList
2018-11-04 20:57 - 2016-10-27 19:24 - 000002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-04 20:48 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-11-04 20:47 - 2018-07-30 18:46 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\CrashDumps
2018-11-04 19:31 - 2016-10-27 16:59 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-04 19:15 - 2016-10-27 17:00 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla
2018-11-02 21:23 - 2016-10-27 17:02 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-02 16:51 - 2016-10-28 10:51 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\musicas mp3
2018-11-02 16:13 - 2016-10-27 17:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-02 13:17 - 2018-07-01 19:14 - 580925794 _____ C:\Windows\MEMORY.DMP
2018-11-02 13:17 - 2016-10-25 19:56 - 000000000 ____D C:\Windows\Minidump
2018-11-02 11:34 - 2018-04-17 12:01 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-02 11:34 - 2018-04-17 12:01 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-02 11:34 - 2018-04-17 12:01 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-02 11:34 - 2018-04-17 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-10-24 20:35 - 2017-04-03 18:40 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-10-24 20:06 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\AppReadiness
2018-10-24 14:49 - 2013-08-22 13:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-22 22:15 - 2016-11-23 17:53 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\AVAST Software
2018-10-22 22:04 - 2017-09-30 19:29 - 000002235 _____ C:\Users\FAMILIA DO FUTURO\Desktop\Itaú.lnk
2018-10-22 22:04 - 2017-09-30 19:29 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\Aplicativo Itau
2018-10-22 21:47 - 2018-01-05 19:11 - 000002517 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2018-10-22 21:47 - 2018-01-05 19:11 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2018-10-22 21:47 - 2018-01-05 19:11 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2018-10-22 21:39 - 2017-04-08 13:27 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-10-22 21:38 - 2017-11-20 18:52 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-10-22 21:37 - 2016-11-23 17:52 - 000483384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-10-22 12:10 - 2018-01-02 17:04 - 000004194 _____ C:\Windows\System32\Tasks\Avast TUNEUP Update
2018-10-21 21:35 - 2016-10-25 13:44 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\vlc
2018-10-21 19:56 - 2016-10-28 11:03 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\kit escola
==================== Arquivos na raiz de alguns diretórios =======
2018-11-04 19:37 - 2018-11-04 20:46 - 000016080 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\InstallationConfiguration.xml
2018-11-04 19:37 - 2018-11-04 19:37 - 000140800 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\installer.dat
2018-11-04 19:37 - 2018-11-04 20:46 - 000722944 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\sham.db
2018-11-04 19:39 - 2018-11-04 19:39 - 000000003 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\wbem.ini
2018-01-02 10:05 - 2018-01-02 10:05 - 000000000 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\{2294B84F-5FF6-4DB3-AE21-B3AFEA6EB94C}
Alguns arquivos em TEMP:
====================
2018-10-23 20:50 - 2018-11-02 17:32 - 000000000 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll
2018-10-23 20:51 - 2018-11-02 17:15 - 000000088 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\8e706a2b6115c8a49b0d126f3c1e8a12.dll
2018-11-04 19:38 - 2018-11-04 19:38 - 000000000 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\Ativador_Windows_8_1.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 000854235 _____ (FYBsyhgI9sJcZNmahRXO ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\installer.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 001683456 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\installer_mi.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 000599884 _____ (ZRFXRD ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\pixel.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 008498073 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\s2s.exe
2018-11-04 19:37 - 2018-11-04 19:37 - 001995264 _____ (TODO:) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\setup.exe
2018-11-04 19:37 - 2018-11-04 19:39 - 048903224 _____ (WebDiscover Media ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\WebDiscover-4.28.2.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 001134284 _____ (WhiteLLC ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\whiteclick.exe
Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\ext-ms-win-globalization-input-l1-1-0.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-10-21 21:35
==================== Fim de FRST.txt ============================
Executado por FAMILIA DO FUTURO (administrador) em RAFAEL (05-11-2018 17:33:30)
Executando a partir de C:\Users\FAMILIA DO FUTURO\Downloads
Perfis Carregados: FAMILIA DO FUTURO (Perfis Disponíveis: FAMILIA DO FUTURO)
Platform: Windows 8.1 Pro (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-198353743-162609330-3266068508-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-198353743-162609330-3266068508-1001\...\MountPoints2: {9faf97ae-f3d5-11e6-826e-2025643740d8} - "E:\iLinker.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\autopico.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\kmseldi.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\uninshs.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\Winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-01-02]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shortcut to Primary output from Start (Active).lnk [2018-11-04]
ShortcutTarget: Shortcut to Primary output from Start (Active).lnk -> C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Microsoft\Installer\{205A0649-1314-4131-926C-86E8F69A2F32}\_943D12A50B232DA70D202B.exe ()
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6904E353-9F86-47C6-9204-30BA8E582D3F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-198353743-162609330-3266068508-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: vekk1i8x.default
FF ProfilePath: C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default [2018-11-05]
FF user.js: detected! => C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\user.js [2017-06-30]
FF Extension: (System Table) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\Extensions\383882@modext.tech.xpi [2018-08-22]
FF Extension: (Avast SafePrice) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\Extensions\sp@avast.com.xpi [2018-04-17]
FF Extension: (Avast Online Security) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\Extensions\wrc@avast.com.xpi [2018-10-25]
FF Extension: (Google Code Correction) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\features\{174d5c8b-8071-4a8e-85c9-e4a1b5c3a7ae}\google-code-correction@mozilla.org.xpi [2018-10-25] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla\Firefox\Profiles\vekk1i8x.default\features\{174d5c8b-8071-4a8e-85c9-e4a1b5c3a7ae}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-25] [Legacy]
FF Extension: (Sem Nome) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{32082DD9-C536-43AA-AF48-D266049C6FDA}.xpi [2018-11-04] [não assinado]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-19] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-11-05]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\secure_cert.js [2018-11-04] <==== ATENÇÃO
Chrome:
=======
CHR Profile: C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default [2018-11-04]
CHR Extension: (Apresentações) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-22]
CHR Extension: (Documentos) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-22]
CHR Extension: (Google Drive) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-27]
CHR Extension: (YouTube) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-28]
CHR Extension: (Pesquisa do Google) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-10-27]
CHR Extension: (Avast SafePrice | Comparação, ofertas, cupons) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-23]
CHR Extension: (Planilhas) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-22]
CHR Extension: (Documentos Google off-line) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-23]
CHR Extension: (Avast Online Security) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-22]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-02]
CHR Extension: (System Table) - C:\Users\FAMILIA DO FUTURO\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0 [2018-11-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [338632 2018-10-22] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9121248 2018-11-02] (AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S2 NGIzNzRiM; C:\Program Files\NGIzNzRiM\MWZjOT.exe [516952 2018-11-04] ()
S4 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1083736 2018-10-01] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 GbpSv; C:\PROGRA~2\GbPlugin\GbpSv.exe [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
R2 MTY4ZD; rundll32.exe C:\Windows\tiktzoyonwdlzst.tizt FfzyWl [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) [Arquivo não assinado]
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-22] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-22] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [483384 2018-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-22] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2018-11-05] (SlimWare Utilities, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-10-25] (Basil Projects)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-10-29] (GAS Tecnologia)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [47576 2018-04-25] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-12-14] (GAS Tecnologia)
S3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-04-10] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
R1 Yzg1YjJiNmJiMTRlY; \??\C:\Windows\system32\drivers\Yzg1YjJiNmJiMTRlY [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-05 17:33 - 2018-11-05 17:34 - 000018575 _____ C:\Users\FAMILIA DO FUTURO\Downloads\FRST.txt
2018-11-05 17:33 - 2018-11-05 17:33 - 000000000 ____D C:\FRST
2018-11-05 17:32 - 2018-11-05 17:32 - 002414592 _____ (Farbar) C:\Users\FAMILIA DO FUTURO\Downloads\FRST64.exe
2018-11-04 21:27 - 2018-11-04 21:27 - 000000286 __RSH C:\Users\FAMILIA DO FUTURO\ntuser.pol
2018-11-04 21:20 - 2018-11-04 21:20 - 008779416 _____ (FS) C:\Users\FAMILIA DO FUTURO\Downloads\gerenciador_de_aplicativos_[8AEB-CFC1-BEE3].exe
2018-11-04 21:15 - 2018-11-04 21:15 - 008779416 _____ (FS) C:\Users\FAMILIA DO FUTURO\Downloads\gerenciador_de_aplicativos_[6030-1238-0446](1).exe
2018-11-04 21:13 - 2018-11-04 21:13 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\FS
2018-11-04 21:08 - 2018-11-04 21:08 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-11-04 21:07 - 2018-11-04 21:07 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-04 21:05 - 2018-11-04 21:05 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\LocalLow\EmieUserList
2018-11-04 21:04 - 2018-11-04 21:26 - 000000502 _____ C:\Windows\Tasks\updater.exe.job
2018-11-04 21:04 - 2018-11-04 21:04 - 000003148 _____ C:\Windows\System32\Tasks\updater.exe
2018-11-04 21:04 - 2018-11-04 21:04 - 000000000 ____D C:\Program Files (x86)\FS
2018-11-04 21:03 - 2018-11-04 21:03 - 008779416 _____ (FS) C:\Users\FAMILIA DO FUTURO\Downloads\gerenciador_de_aplicativos_[6030-1238-0446].exe
2018-11-04 20:49 - 2018-11-04 20:49 - 000000654 __RSH C:\Users\Todos os Usuários\ntuser.pol
2018-11-04 20:49 - 2018-11-04 20:49 - 000000654 __RSH C:\ProgramData\ntuser.pol
2018-11-04 20:48 - 2018-11-05 17:20 - 000000326 _____ C:\Windows\Tasks\lKLHkisATsnNjPT.job
2018-11-04 20:48 - 2018-11-04 20:48 - 000002580 _____ C:\Windows\System32\Tasks\lKLHkisATsnNjPT
2018-11-04 20:48 - 2018-11-04 20:48 - 000000000 ____D C:\Program Files (x86)\VXIXCZnnU
2018-11-04 20:46 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\vjjec11i0ac
2018-11-04 20:46 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\e2kiktntlbu
2018-11-04 20:46 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\1tnolhtrk5b
2018-11-04 20:46 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\SV819BM3JR
2018-11-04 20:46 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\8PAF099Z0H
2018-11-04 20:46 - 2018-11-04 20:47 - 000000000 ____D C:\Program Files\NGIzNzRiM
2018-11-04 20:44 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\qjr2phpsenz
2018-11-04 20:44 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\mxfkf3gwyut
2018-11-04 20:44 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\XCD8QQUP83
2018-11-04 20:44 - 2018-11-04 21:08 - 000000000 ____D C:\Program Files\A5HZFQ97UO
2018-11-04 20:43 - 2018-11-04 20:43 - 000000000 ____D C:\Windows\system32\appmgmt
2018-11-04 19:42 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\x0p4u30twhf
2018-11-04 19:42 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\vdji3c34mxq
2018-11-04 19:42 - 2018-11-04 20:46 - 000000000 ____D C:\Users\Todos os Usuários\PrefsSecure
2018-11-04 19:42 - 2018-11-04 20:46 - 000000000 ____D C:\ProgramData\PrefsSecure
2018-11-04 19:42 - 2018-11-04 19:50 - 000000000 ____D C:\Program Files\R9P0B6CRSP
2018-11-04 19:42 - 2018-11-04 19:42 - 000000000 ____D C:\Program Files\8F0J8SNWCE
2018-11-04 19:41 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\bfypbdwmldj
2018-11-04 19:40 - 2018-11-04 21:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\2buqiicm4x4
2018-11-04 19:40 - 2018-11-04 20:47 - 000000000 ____D C:\Windows\SysWOW64\SSL
2018-11-04 19:40 - 2018-11-04 20:40 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\WhiteClick
2018-11-04 19:40 - 2018-11-04 19:50 - 000000000 ____D C:\Program Files\UAIT894O3F
2018-11-04 19:40 - 2018-11-04 19:41 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\WidModule
2018-11-04 19:40 - 2018-11-04 19:40 - 001086976 _____ C:\Windows\tiktzoyonwdlzst.tizt
2018-11-04 19:39 - 2018-11-04 19:48 - 000000000 ____D C:\Program Files\WebDiscoverBrowser
2018-11-04 19:39 - 2018-11-04 19:43 - 000000000 ____D C:\Program Files\SASNWQV8K2
2018-11-04 19:39 - 2018-11-04 19:39 - 000000003 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\wbem.ini
2018-11-04 19:39 - 2018-11-04 19:39 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\WebDiscoverBrowser
2018-11-04 19:37 - 2018-11-04 20:46 - 000722944 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\sham.db
2018-11-04 19:37 - 2018-11-04 20:46 - 000016080 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\InstallationConfiguration.xml
2018-11-04 19:37 - 2018-11-04 19:37 - 000140800 _____ C:\Users\FAMILIA DO FUTURO\AppData\Local\installer.dat
2018-11-04 19:16 - 2018-11-04 19:16 - 000320096 _____ (Mozilla) C:\Users\FAMILIA DO FUTURO\Downloads\Firefox Installer.exe
2018-11-04 11:02 - 2018-11-04 11:02 - 001324544 _____ C:\Windows\ZmQ2OTRlMDkwZDI4NGE3.exe
2018-11-04 11:02 - 2018-11-04 11:02 - 000202296 _____ C:\Windows\system32\Drivers\Yzg1YjJiNmJiMTRlY
2018-11-04 11:02 - 2018-11-04 11:02 - 000098210 _____ C:\Windows\uninstaller.dat
2018-11-02 17:03 - 2018-11-02 17:03 - 000001274 _____ C:\Users\FAMILIA DO FUTURO\Desktop\CrossFire.lnk
2018-11-02 17:03 - 2018-11-02 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2018-11-02 13:17 - 2018-11-02 13:18 - 000283712 _____ C:\Windows\Minidump\110218-14515-01.dmp
2018-11-02 12:22 - 2018-11-02 12:22 - 000283712 _____ C:\Windows\Minidump\110218-23281-01.dmp
2018-11-02 12:06 - 2018-11-02 12:06 - 000283712 _____ C:\Windows\Minidump\110218-23593-01.dmp
2018-11-02 11:43 - 2018-11-02 11:43 - 000283712 _____ C:\Windows\Minidump\110218-31828-01.dmp
2018-10-29 19:45 - 2018-10-29 19:47 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\Desktop\OBD II
2018-10-25 19:15 - 2018-11-05 17:23 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\LocalLow\Mozilla
2018-10-24 20:20 - 2018-10-24 20:20 - 000283712 _____ C:\Windows\Minidump\102418-17343-01.dmp
2018-10-24 20:06 - 2018-10-24 20:06 - 000283656 _____ C:\Windows\Minidump\102418-25984-01.dmp
2018-10-23 21:56 - 2018-11-05 17:24 - 000003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F1ED495F-3D26-47A4-ACA9-BAB648F57335}
2018-10-23 21:56 - 2018-10-23 21:56 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Macromedia
2018-10-23 21:55 - 2018-10-23 21:55 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\Local\EmieUserList
2018-10-23 21:55 - 2018-10-23 21:55 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\Local\EmieSiteList
2018-10-23 20:51 - 2018-11-02 17:26 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\Documents\Cross Fire
2018-10-23 20:51 - 2018-11-02 17:26 - 000000000 ____D C:\CFLog
2018-10-23 20:28 - 2018-10-23 20:28 - 000000000 ____D C:\Program Files (x86)\Z8Games
2018-10-23 19:58 - 2018-10-23 19:58 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Google
2018-10-23 19:49 - 2018-10-23 20:49 - 000000000 ____D C:\Users\Todos os Usuários\Solid State Networks
2018-10-23 19:49 - 2018-10-23 20:49 - 000000000 ____D C:\ProgramData\Solid State Networks
2018-10-23 19:49 - 2018-10-23 20:18 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\CrossFire Installer
2018-10-22 22:04 - 2018-10-22 22:04 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2018-10-22 21:47 - 2018-10-22 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2018-10-22 21:39 - 2018-10-22 21:38 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-22 21:39 - 2018-10-22 21:38 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-22 12:01 - 2018-10-22 12:01 - 000283656 _____ C:\Windows\Minidump\102218-18312-01.dmp
2018-10-22 11:46 - 2018-10-22 11:46 - 000283656 _____ C:\Windows\Minidump\102218-15843-01.dmp
2018-10-21 21:39 - 2018-10-21 21:39 - 000283656 _____ C:\Windows\Minidump\102118-19671-01.dmp
2018-10-21 19:52 - 2018-10-21 19:53 - 000283600 _____ C:\Windows\Minidump\102118-21531-01.dmp
2018-10-21 19:50 - 2018-10-21 19:50 - 000000000 ____D C:\Windows\%LOCALAPPDATA%
2018-08-08 06:35 - 2018-08-08 06:36 - 000283656 _____ C:\Windows\Minidump\080818-16546-01.dmp
2018-08-07 05:05 - 2018-08-07 05:05 - 000283656 _____ C:\Windows\Minidump\080718-19125-01.dmp
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-11-05 17:24 - 2016-10-25 13:35 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-198353743-162609330-3266068508-1001
2018-11-05 17:23 - 2018-01-05 19:25 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\AVAST Software
2018-11-05 17:22 - 2018-01-05 19:25 - 000000524 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2018-11-05 17:20 - 2018-01-05 19:25 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2018-11-05 17:20 - 2017-10-12 09:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-05 17:19 - 2016-10-25 19:57 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\IntelGraphicsProfiles
2018-11-04 21:34 - 2013-09-30 02:15 - 001797106 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-04 21:34 - 2013-09-30 01:56 - 000774702 _____ C:\Windows\system32\prfh0416.dat
2018-11-04 21:34 - 2013-09-30 01:56 - 000158296 _____ C:\Windows\system32\prfc0416.dat
2018-11-04 21:34 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\Inf
2018-11-04 21:27 - 2016-10-25 13:30 - 000000000 ____D C:\Users\FAMILIA DO FUTURO
2018-11-04 21:26 - 2016-10-27 18:08 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-04 21:26 - 2016-10-27 16:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-04 21:26 - 2013-08-22 12:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-04 21:25 - 2017-10-29 11:53 - 000000000 _____ C:\Windows\system32\last.dump
2018-11-04 21:25 - 2013-08-22 11:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-11-04 21:11 - 2016-10-27 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-04 21:05 - 2018-07-01 17:09 - 000000000 __SHD C:\Users\FAMILIA DO FUTURO\AppData\LocalLow\EmieSiteList
2018-11-04 20:57 - 2016-10-27 19:24 - 000002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-04 20:48 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-11-04 20:47 - 2018-07-30 18:46 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\CrashDumps
2018-11-04 19:31 - 2016-10-27 16:59 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-04 19:15 - 2016-10-27 17:00 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\Mozilla
2018-11-02 21:23 - 2016-10-27 17:02 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-02 16:51 - 2016-10-28 10:51 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\musicas mp3
2018-11-02 16:13 - 2016-10-27 17:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-02 13:17 - 2018-07-01 19:14 - 580925794 _____ C:\Windows\MEMORY.DMP
2018-11-02 13:17 - 2016-10-25 19:56 - 000000000 ____D C:\Windows\Minidump
2018-11-02 11:34 - 2018-04-17 12:01 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-11-02 11:34 - 2018-04-17 12:01 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-11-02 11:34 - 2018-04-17 12:01 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-11-02 11:34 - 2018-04-17 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-10-24 20:35 - 2017-04-03 18:40 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-10-24 20:06 - 2013-08-22 13:36 - 000000000 ____D C:\Windows\AppReadiness
2018-10-24 14:49 - 2013-08-22 13:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-22 22:15 - 2016-11-23 17:53 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\AVAST Software
2018-10-22 22:04 - 2017-09-30 19:29 - 000002235 _____ C:\Users\FAMILIA DO FUTURO\Desktop\Itaú.lnk
2018-10-22 22:04 - 2017-09-30 19:29 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Local\Aplicativo Itau
2018-10-22 21:47 - 2018-01-05 19:11 - 000002517 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2018-10-22 21:47 - 2018-01-05 19:11 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2018-10-22 21:47 - 2018-01-05 19:11 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2018-10-22 21:39 - 2017-04-08 13:27 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-10-22 21:38 - 2017-11-20 18:52 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-22 21:38 - 2016-11-23 17:52 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-10-22 21:37 - 2017-04-08 13:27 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-10-22 21:37 - 2016-11-23 17:52 - 000483384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-10-22 12:10 - 2018-01-02 17:04 - 000004194 _____ C:\Windows\System32\Tasks\Avast TUNEUP Update
2018-10-21 21:35 - 2016-10-25 13:44 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\AppData\Roaming\vlc
2018-10-21 19:56 - 2016-10-28 11:03 - 000000000 ____D C:\Users\FAMILIA DO FUTURO\kit escola
==================== Arquivos na raiz de alguns diretórios =======
2018-11-04 19:37 - 2018-11-04 20:46 - 000016080 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\InstallationConfiguration.xml
2018-11-04 19:37 - 2018-11-04 19:37 - 000140800 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\installer.dat
2018-11-04 19:37 - 2018-11-04 20:46 - 000722944 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\sham.db
2018-11-04 19:39 - 2018-11-04 19:39 - 000000003 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\wbem.ini
2018-01-02 10:05 - 2018-01-02 10:05 - 000000000 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\{2294B84F-5FF6-4DB3-AE21-B3AFEA6EB94C}
Alguns arquivos em TEMP:
====================
2018-10-23 20:50 - 2018-11-02 17:32 - 000000000 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll
2018-10-23 20:51 - 2018-11-02 17:15 - 000000088 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\8e706a2b6115c8a49b0d126f3c1e8a12.dll
2018-11-04 19:38 - 2018-11-04 19:38 - 000000000 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\Ativador_Windows_8_1.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 000854235 _____ (FYBsyhgI9sJcZNmahRXO ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\installer.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 001683456 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\installer_mi.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 000599884 _____ (ZRFXRD ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\pixel.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 008498073 _____ () C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\s2s.exe
2018-11-04 19:37 - 2018-11-04 19:37 - 001995264 _____ (TODO:
2018-11-04 19:37 - 2018-11-04 19:39 - 048903224 _____ (WebDiscover Media ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\WebDiscover-4.28.2.exe
2018-11-04 19:39 - 2018-11-04 19:39 - 001134284 _____ (WhiteLLC ) C:\Users\FAMILIA DO FUTURO\AppData\Local\Temp\whiteclick.exe
Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\ext-ms-win-globalization-input-l1-1-0.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-10-21 21:35
==================== Fim de FRST.txt ============================