cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por servidor (administrador) em SERVIDOR-PC (23-03-2016 13:52:58)
Executando a partir de D:\Users\servidor\Downloads
Perfis Carregados: servidor (Perfis Disponíveis: servidor)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
() C:\Windows\KMS-R@1n.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKU\S-1-5-21-144161649-183276882-885017022-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-144161649-183276882-885017022-1000\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036736 2016-03-23] ()
IFEO\OSPPSVC.EXE: [Debugger] KMS-R@1nhook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nhook.exe
Startup: C:\Users\servidor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\csqbskecej..vbs [2013-08-03] ()
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5EAD86B5-66BC-491C-8941-0FEF868B440C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\servidor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\servidor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-23]
CHR Extension: (Ad Block - Chega de Publicidade) - C:\Users\servidor\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdkfeeffbfcoanbnkeedjccphcmpehm [2016-03-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\servidor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-23]
CHR HKU\S-1-5-21-144161649-183276882-885017022-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Arquivo não assinado]
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1592888 2016-03-15] ()
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2015-11-03] () [Arquivo não assinado]
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-03-23] (DotC United Inc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2372080 2016-03-12] (IBM Corp.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [306736 2016-03-15] ()
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-03-23] (DotC United Inc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 RapportCerberus_1609031; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609031.sys [1156256 2016-03-22] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544456 2016-03-12] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-03-12] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [470056 2016-03-12] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [523112 2016-03-12] (IBM Corp.)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-23 13:50 - 2016-03-23 13:52 - 00000000 ____D C:\FRST
2016-03-23 13:30 - 2016-03-23 13:30 - 00001736 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-03-23 13:30 - 2016-03-23 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-03-23 13:29 - 2016-03-23 13:29 - 00000000 ____D C:\Windows\pss
2016-03-23 12:50 - 2016-03-23 12:50 - 00000000 ____D C:\Users\servidor\AppData\Local\app
2016-03-23 12:47 - 2016-03-23 12:48 - 00000898 _____ C:\Windows\SysWOW64\${LOGFILE}
2016-03-23 12:46 - 2016-03-23 12:47 - 00000000 ____D C:\Users\servidor\AppData\Roaming\GoldenGate
2016-03-23 12:46 - 2016-03-23 12:47 - 00000000 ____D C:\Users\servidor\AppData\Local\Gameo
2016-03-23 12:46 - 2016-03-23 12:46 - 00003996 _____ C:\Windows\System32\Tasks\LaunchPreSignup
2016-03-23 12:46 - 2016-03-23 12:46 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-03-23 12:46 - 2016-03-23 12:46 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-03-23 12:46 - 2016-03-23 12:46 - 00000176 _____ C:\Users\servidor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2016-03-23 12:46 - 2016-03-23 12:46 - 00000000 ____D C:\Users\servidor\AppData\Local\{07CC3190-2364-5D28-4EFC-78C06A948458}
2016-03-23 12:45 - 2016-03-23 12:45 - 00000000 ____D C:\Users\servidor\AppData\Local\Setup619386
2016-03-23 12:45 - 2016-03-23 12:45 - 00000000 ____D C:\Users\servidor\AppData\Local\cene
2016-03-23 12:41 - 2016-03-23 12:41 - 00000000 ____D C:\Users\servidor\AppData\Roaming\MCorp
2016-03-23 12:39 - 2016-03-23 12:39 - 00002499 _____ C:\Windows\patsearch.bin
2016-03-23 12:39 - 2016-03-23 12:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2016-03-23 12:39 - 2016-03-23 12:39 - 00000000 ____D C:\Program Files (x86)\Primary Color
2016-03-23 12:33 - 2016-03-23 12:39 - 00001964 _____ C:\Users\servidor\Desktop\MixVideoPlayer.lnk
2016-03-23 12:30 - 2016-03-23 12:36 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-03-23 12:30 - 2016-03-23 12:30 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-03-23 12:29 - 2016-03-23 12:29 - 00000000 ____D C:\Users\Todos os Usuários\6fd24fcc-4005-0
2016-03-23 12:29 - 2016-03-23 12:29 - 00000000 ____D C:\ProgramData\6fd24fcc-4005-0
2016-03-23 12:26 - 2016-03-23 12:50 - 00000000 ____D C:\Users\servidor\AppData\Local\Setup Wizard
2016-03-23 12:26 - 2016-03-23 12:26 - 00000000 ____D C:\Users\Todos os Usuários\6fd24fcc-7a01-1
2016-03-23 12:26 - 2016-03-23 12:26 - 00000000 ____D C:\ProgramData\6fd24fcc-7a01-1
2016-03-23 12:25 - 2016-03-23 12:48 - 00000000 ____D C:\Users\servidor\AppData\Roaming\Nosibay
2016-03-23 12:24 - 2016-03-23 12:24 - 00002926 _____ C:\Windows\System32\Tasks\osTip
2016-03-23 12:24 - 2016-03-23 12:24 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-03-23 12:24 - 2016-03-23 12:24 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-03-23 12:23 - 2016-03-23 13:30 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-03-23 12:23 - 2016-03-23 12:34 - 00000000 ____D C:\Users\servidor\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-23 12:23 - 2016-03-23 12:23 - 00015160 _____ C:\Windows\System32\Tasks\WinTaske
2016-03-23 12:23 - 2016-03-23 12:23 - 00000000 ____D C:\Program Files (x86)\WinTaske
2016-03-23 12:23 - 2016-03-23 12:23 - 00000000 ____D C:\Program Files (x86)\Winsere
2016-03-23 12:23 - 2016-03-23 12:23 - 00000000 ____D C:\extensions
2016-03-23 11:39 - 2015-02-25 14:38 - 00089600 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll
2016-03-04 13:30 - 2016-03-04 13:30 - 00002178 _____ C:\Users\servidor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-04 13:30 - 2016-03-04 13:30 - 00002109 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-04 13:30 - 2016-03-04 13:30 - 00002109 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-04 13:30 - 2016-03-04 13:30 - 00002109 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-04 13:30 - 2016-03-04 13:30 - 00000000 ___RD C:\Users\servidor\OneDrive
2016-03-04 13:30 - 2016-03-04 13:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-03-04 13:30 - 2016-03-04 13:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-03-04 13:30 - 2016-03-04 13:30 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-03-23 13:37 - 2009-07-14 01:45 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-23 13:37 - 2009-07-14 01:45 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-23 13:36 - 2009-07-29 12:58 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-03-23 13:36 - 2009-07-29 12:58 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-03-23 13:36 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-23 13:36 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-03-23 13:30 - 2015-11-03 10:03 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-23 13:30 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-23 13:15 - 2015-11-03 10:03 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-23 12:49 - 2015-11-03 10:04 - 00002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-23 12:49 - 2015-11-03 10:04 - 00002059 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-23 12:46 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-03-23 12:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-03-23 12:37 - 2015-11-05 10:19 - 00000000 ____D C:\Nex
2016-03-23 12:34 - 2015-11-02 21:02 - 00004334 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1A379E33-E4FC-4E0E-80BD-55E9FE135E8F}
2016-03-23 12:33 - 2015-11-02 20:26 - 00000000 ____D C:\Users\servidor
2016-03-23 12:16 - 2015-11-03 10:19 - 00000000 ____D C:\Users\servidor\AppData\Local\ElevatedDiagnostics
2016-03-23 11:38 - 2015-11-09 11:49 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-03-23 08:40 - 2009-07-14 02:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-22 18:38 - 2015-11-02 20:38 - 00401792 _____ C:\Users\servidor\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-22 18:37 - 2015-11-12 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer
2016-03-22 18:35 - 2009-07-14 01:45 - 05896480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-22 17:20 - 2015-11-04 09:02 - 00231335 _____ C:\Windows\FontData.fdb
2016-03-12 13:19 - 2015-11-12 10:15 - 00470056 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2016-03-12 13:19 - 2015-11-12 10:15 - 00215560 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2016-03-10 09:33 - 2015-11-03 14:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-07 12:55 - 2015-11-03 10:18 - 00000000 ____D C:\Users\servidor\AppData\Roaming\ControlCenter4
2016-03-07 09:08 - 2015-11-03 10:14 - 00000000 ____D C:\Users\Todos os Usuários\ControlCenter4
2016-03-07 09:08 - 2015-11-03 10:14 - 00000000 ____D C:\ProgramData\ControlCenter4
2016-03-07 09:08 - 2015-11-03 10:14 - 00000000 ____D C:\Program Files (x86)\ControlCenter4

==================== Arquivos na raiz de alguns diretórios =======

2016-03-23 12:25 - 2016-03-23 12:26 - 0001300 _____ () C:\Users\servidor\AppData\Roaming\Bubble Dock.boostrap.log
2016-03-23 12:25 - 2016-03-23 12:32 - 0010737 _____ () C:\Users\servidor\AppData\Roaming\Bubble Dock.installation.log
2016-03-23 12:25 - 2016-03-23 12:25 - 0000097 _____ () C:\Users\servidor\AppData\Roaming\WindApp.boostrap.log
2015-11-02 20:30 - 2015-11-02 20:30 - 0007606 _____ () C:\Users\servidor\AppData\Local\Resmon.ResmonCfg
2015-11-05 10:19 - 2015-11-05 10:19 - 0000047 _____ () C:\ProgramData\nex.ini

Alguns arquivos em TEMP:
====================
C:\Users\servidor\AppData\Local\Temp\94492374-D784-9438-D90A-88FF9BFD79E8.exe
C:\Users\servidor\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.dll
C:\Users\servidor\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.exe
C:\Users\servidor\AppData\Local\Temp\nsvE6D.tmp.exe
C:\Users\servidor\AppData\Local\Temp\ose00000.exe
C:\Users\servidor\AppData\Local\Temp\setup_nexcafe_.exe
C:\Users\servidor\AppData\Local\Temp\setup_nex_.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-03-22 12:33

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité