Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 07-12-2016
Executado por administrador (administrador) em BACKUP (15-12-2016 14:03:19)
Executando a partir de C:\Users\administrador.ADVOANET\Downloads
Perfis Carregados: administrador (Perfis Disponíveis: administrador)
Platform: Windows Server 2012 R2 Datacenter (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
(Microsoft Corporation) C:\Windows\System32\dfsrs.exe
(Microsoft Corporation) C:\Windows\System32\dns.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Windows\System32\ismserv.exe
(Microsoft Corporation) C:\Windows\System32\dfssvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\ServerManager.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(Aestan Software) C:\wamp64\wampmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\R@1n-Hook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
IFEO\OSppSvc.exe: [Debugger] R@1n-Hook.exe
IFEO\SppExtComObj.exe: [Debugger] R@1n-Hook.exe
Lsa: [Notification Packages] rassfm scecli ClusAuthMgr
SecurityProviders: credssp.dll, pwdssp.dll
Startup: C:\Users\administrador.ADVOANET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 - Atalho.lnk [2016-06-28]
ShortcutTarget: Windows 7 - Atalho.lnk -> C:\Users\administrador.ADVOANET\Documents\Virtual Machines\Windows 7\Windows 7.vmx (Nenhum Arquivo)
BootExecute: autocheck autochk /q /v *
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 177.128.192.250 8.8.8.8
Tcpip\..\Interfaces\{02D63B6B-A1C7-4475-BBE5-11A921EAD99B}: [NameServer] 177.128.193.34,127.0.0.1
Tcpip\..\Interfaces\{02D63B6B-A1C7-4475-BBE5-11A921EAD99B}: [DhcpNameServer] 177.128.192.250 8.8.8.8
Tcpip\..\Interfaces\{1BA66699-B5CC-48A3-B3B6-159035F04CCE}: [NameServer] 177.128.193.34,177.128.192.250,127.0.0.1
Tcpip\..\Interfaces\{5E23B638-D2F7-44BE-9335-12C1B9F65C9D}: [DhcpNameServer] 177.128.192.250 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-159962782-3156468928-278545600-500\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-11-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [não assinado]
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default [2016-12-15]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-06]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-06]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-06]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-08]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-06]
CHR Extension: (Chrome Media Router) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-23]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ADWS; C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe [478720 2016-12-14] (Microsoft Corporation)
S4 ClusSvc; C:\Windows\Cluster\clussvc.exe [7389696 2016-07-09] (Microsoft Corporation)
R2 Dfs; C:\Windows\system32\dfssvc.exe [451072 2016-12-14] (Microsoft Corporation)
R2 DFSR; C:\Windows\system32\DFSRs.exe [3832832 2016-12-14] (Microsoft Corporation)
R2 DNS; C:\Windows\system32\dns.exe [1581056 2016-12-14] (Microsoft Corporation)
S3 DsRoleSvc; C:\Windows\system32\dsrolesrv.dll [279552 2016-12-14] (Microsoft Corporation)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [361888 2012-07-25] (HP)
R2 IsmServ; C:\Windows\System32\ismserv.exe [64512 2016-12-14] (Microsoft Corporation)
R2 Kdc; C:\Windows\system32\kdcsvc.dll [568320 2016-12-14] (Microsoft Corporation)
S3 KdsSvc; C:\Windows\system32\KdsSvc.dll [36352 2016-12-14] (Microsoft Corporation)
S4 KMS-R@1n; C:\Windows\KMS-R@1n.exe [22528 2016-08-07] () [Arquivo não assinado]
S3 KPSSVC; C:\Windows\system32\kpssvc.dll [173056 2013-08-22] (Microsoft Corporation)
R2 NTDS; C:\Windows\system32\ntdsa.dll [97280 2016-12-14] (Microsoft Corporation)
S4 NtFrs; C:\Windows\system32\ntfrs.exe [1001472 2016-12-14] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [85504 2013-08-22] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\SysWOW64\RSoPProv.exe [76288 2013-08-22] (Microsoft Corporation)
S3 sacsvr; C:\Windows\system32\sacsvr.dll [15872 2013-08-22] (Microsoft Corporation)
S3 SmbWitness; C:\Windows\System32\witness.dll [181760 2016-07-09] (Microsoft Corporation)
R2 UALSVC; C:\Windows\System32\ualsvc.dll [248832 2013-08-22] (Microsoft Corporation)
R3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [Arquivo não assinado]
R2 WinTarget; C:\Windows\System32\iSCSITgt.dll [1164288 2016-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S0 bfadfcoei; C:\Windows\System32\drivers\bfadfcoei.sys [2265440 2013-08-22] (Brocade Communications Systems, Inc.)
S0 bfadi; C:\Windows\System32\drivers\bfadi.sys [2265440 2013-08-22] (Brocade Communications Systems, Inc.)
S0 bxfcoe; C:\Windows\System32\drivers\bxfcoe.sys [187744 2013-08-22] (Broadcom Corporation)
S0 bxois; C:\Windows\System32\drivers\bxois.sys [560480 2013-08-22] (Broadcom Corporation)
R2 CCFFilter; C:\Windows\system32\drivers\CCFFilter.sys [33120 2016-07-09] (Microsoft Corporation)
R1 ClusDisk; C:\Windows\System32\drivers\ClusDisk.sys [67072 2013-08-22] (Microsoft Corporation)
S3 CsvFlt; C:\Windows\System32\drivers\CsvFlt.sys [210432 2016-07-09] (Microsoft Corporation)
S3 CsvFs; C:\Windows\System32\drivers\CsvFs.sys [650752 2016-07-09] (Microsoft Corporation)
S3 CsvNSFlt; C:\Windows\System32\drivers\CsvNSFlt.sys [66048 2016-07-09] (Microsoft Corporation)
R3 csvvbus; C:\Windows\System32\drivers\csvvbus.sys [153600 2013-11-14] (Microsoft Corporation)
R1 DfsDriver; C:\Windows\System32\drivers\dfs.sys [54624 2016-12-14] (Microsoft Corporation)
R0 DfsrRo; C:\Windows\System32\drivers\dfsrro.sys [66400 2016-12-14] (Microsoft Corporation)
S0 elxfcoe; C:\Windows\System32\drivers\elxfcoe.sys [712032 2013-08-22] (Emulex)
S3 MsLbfoProvider; C:\Windows\system32\DRIVERS\MsLbfoProvider.sys [115712 2013-11-14] (Microsoft Corporation)
R3 Netft; C:\Windows\system32\DRIVERS\netft.sys [98304 2013-08-22] (Microsoft Corporation)
S0 ql2300i; C:\Windows\System32\drivers\ql2300i.sys [1508704 2013-08-22] (QLogic Corporation)
S0 ql40xx2i; C:\Windows\System32\drivers\ql40xx2i.sys [475488 2013-08-22] (QLogic Corporation)
S0 qlfcoei; C:\Windows\System32\drivers\qlfcoei.sys [1300320 2013-08-22] (QLogic Corporation)
R2 ResumeKeyFilter; C:\Windows\system32\drivers\ResumeKeyFilter.sys [333152 2016-07-09] (Microsoft Corporation)
S3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
S0 sacdrv; C:\Windows\System32\DRIVERS\sacdrv.sys [94048 2013-08-22] (Microsoft Corporation)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [145920 2013-11-14] (Microsoft Corporation)
R2 svhdxflt; C:\Windows\System32\drivers\svhdxflt.sys [154624 2016-07-09] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [172544 2013-08-22] (Microsoft Corporation)
R3 wtlmdrv; C:\Windows\System32\drivers\wtlmdrv.sys [31232 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
NETSVC: sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-15 14:03 - 2016-12-15 14:03 - 02420224 _____ (Farbar) C:\Users\administrador.ADVOANET\Downloads\FRST64.exe
2016-12-15 14:03 - 2016-12-15 14:03 - 00011642 _____ C:\Users\administrador.ADVOANET\Downloads\FRST.txt
2016-12-15 14:03 - 2016-12-15 14:03 - 00000000 ____D C:\FRST
2016-12-15 14:02 - 2016-12-15 14:02 - 01761792 _____ (Farbar) C:\Users\administrador.ADVOANET\Downloads\FRST.exe
2016-12-15 14:00 - 2016-12-15 14:00 - 00011857 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-heap-l1-1-0.zip
2016-12-15 13:59 - 2016-12-15 13:59 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64 (3).msu
2016-12-15 13:49 - 2016-12-15 13:49 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64 (2).msu
2016-12-15 13:46 - 2016-12-15 13:46 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64 (3).exe
2016-12-15 13:46 - 2016-12-15 13:46 - 00007832 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-locale-l1-1-0.zip
2016-12-15 13:44 - 2016-12-15 13:44 - 00005217 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-math-l1-1-0.zip
2016-12-15 13:43 - 2016-12-15 13:43 - 00013807 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-string-l1-1-0.zip
2016-12-15 13:42 - 2016-12-15 13:42 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64 (1).msu
2016-12-15 13:41 - 2016-12-15 13:41 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64.msu
2016-12-15 13:34 - 2016-12-15 13:34 - 00004042 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-stdio-l1-1-0.zip
2016-12-15 13:32 - 2016-12-15 13:32 - 00003630 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-12-15 13:29 - 2016-12-15 13:29 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64 (2).exe
2016-12-15 13:29 - 2016-12-15 13:29 - 07186992 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vcredist_x64 (1).exe
2016-12-15 13:28 - 2016-12-15 13:28 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64 (1).exe
2016-12-15 13:27 - 2016-12-15 13:27 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64.exe
2016-12-15 13:25 - 2016-12-15 13:25 - 00049273 _____ C:\Users\administrador.ADVOANET\Downloads\vcruntime140.zip
2016-12-15 13:22 - 2016-12-15 13:23 - 00001453 _____ C:\Users\Public\Desktop\Wampserver64.lnk
2016-12-15 13:22 - 2016-12-15 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64
2016-12-15 13:20 - 2016-12-15 13:21 - 00000000 ____D C:\wamp64
2016-12-15 13:19 - 2016-12-15 13:29 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-15 13:19 - 2016-12-15 13:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-15 13:19 - 2016-12-15 13:20 - 219506793 _____ (Dominique Ottello aka Otomatic ) C:\Users\administrador.ADVOANET\Downloads\wampserver3.0.6_x64_apache2.4.23_mysql5.7.14_php5.6.25-7.0.10.exe
2016-12-15 13:19 - 2016-12-15 13:19 - 07186992 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vcredist_x64.exe
2016-12-14 15:35 - 2016-12-14 15:35 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-14 15:32 - 2016-12-14 15:32 - 00002075 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2016-12-14 15:32 - 2016-12-14 15:32 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY
2016-12-14 15:32 - 2016-12-14 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-14 15:32 - 2016-12-14 15:32 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2016-12-14 15:31 - 2016-12-14 15:32 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-14 15:30 - 2016-12-14 15:30 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-12-14 15:30 - 2016-12-14 15:30 - 00000000 ____D C:\ProgramData\HP
2016-12-14 15:30 - 2016-12-14 15:30 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-14 15:30 - 2012-11-08 01:00 - 00081920 _____ C:\Windows\SysWOW64\mvusbews.dll
2016-12-14 15:30 - 2012-09-29 13:26 - 01366528 _____ C:\Windows\system32\HPM1210SM.exe
2016-12-14 15:30 - 2012-09-29 13:25 - 00409088 _____ C:\Windows\system32\HPM1210LM.DLL
2016-12-14 15:30 - 2012-09-29 13:05 - 00350720 _____ C:\Windows\system32\mvhlewsi.DLL
2016-12-14 15:29 - 2016-12-14 15:29 - 00000000 ____D C:\Program Files\HP
2016-12-14 15:29 - 2012-11-08 08:32 - 00126856 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2016-12-14 15:28 - 2012-11-08 01:00 - 00213504 _____ C:\Windows\system32\m1210wia.dll
2016-12-14 15:28 - 2012-11-08 01:00 - 00091648 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\m1210nwia2.dll
2016-12-14 15:28 - 2012-11-08 01:00 - 00052224 _____ C:\Windows\system32\HPM1210SMs.dll
2016-12-14 15:28 - 2012-11-08 01:00 - 00038912 _____ C:\Windows\system32\HPImgFlt.dll
2016-12-14 15:19 - 2016-12-14 15:27 - 222998632 _____ C:\Users\administrador.ADVOANET\Downloads\LJM1130_M1210_MFP_Full_Solution.exe
2016-12-14 14:24 - 2016-12-14 14:24 - 60781368 _____ C:\Users\administrador.ADVOANET\Downloads\Setup_IP4[192_168_40_24]_H[NPIB04764] (1).exe
2016-12-14 14:19 - 2016-12-14 14:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-12-14 14:19 - 2016-12-14 14:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2016-12-14 14:19 - 2016-12-14 14:19 - 00146389 _____ C:\Windows\system32\printmanagement.msc
2016-12-14 14:19 - 2016-12-14 14:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2016-12-14 14:13 - 2016-12-14 14:13 - 00001171 _____ C:\Users\administrador.ADVOANET\Desktop\HP LaserJet Professional M1212nf MFP - Atalho (2).lnk
2016-12-14 13:28 - 2016-12-14 13:28 - 00000000 ____D C:\ManageEngineServerMonitor
2016-12-14 12:57 - 2016-12-14 12:57 - 00001171 _____ C:\Users\administrador.ADVOANET\Desktop\HP LaserJet Professional M1212nf MFP - Atalho.lnk
2016-12-14 12:52 - 2016-12-14 12:52 - 60781368 _____ C:\Users\administrador.ADVOANET\Downloads\Setup_IP4[192_168_40_24]_H[NPIB04764].exe
2016-12-14 12:52 - 2011-04-15 14:14 - 00222720 _____ C:\Windows\system32\m1210nwia.dll
2016-12-14 11:19 - 2016-02-23 18:16 - 67707084 _____ C:\Users\administrador.ADVOANET\Desktop\Integrator (2).exe
2016-12-14 10:35 - 2016-12-15 13:51 - 00000000 ____D C:\Windows\system32\dns
2016-12-14 10:35 - 2016-12-15 13:51 - 00000000 ____D C:\Windows\NTDS
2016-12-14 10:35 - 2016-12-14 10:35 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\dnsmgr.dll
2016-12-14 10:35 - 2016-12-14 10:35 - 01581056 _____ (Microsoft Corporation) C:\Windows\system32\dns.exe
2016-12-14 10:35 - 2016-12-14 10:35 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\dnscmd.exe
2016-12-14 10:35 - 2016-12-14 10:35 - 00145867 _____ C:\Windows\system32\dnsmgmt.msc
2016-12-14 10:35 - 2016-12-14 10:35 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\dnsperf.dll
2016-12-14 10:35 - 2016-12-14 10:35 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsperf.dll
2016-12-14 10:35 - 2016-12-14 09:34 - 00000000 ____D C:\Windows\SYSVOL
2016-12-14 10:00 - 2016-04-14 17:17 - 00934080 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2016-12-14 10:00 - 2016-04-14 17:17 - 00392896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2016-12-14 10:00 - 2016-04-14 17:17 - 00358080 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2016-12-14 10:00 - 2016-04-14 17:17 - 00066752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2016-12-14 10:00 - 2016-04-14 16:53 - 00026816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2016-12-14 10:00 - 2016-03-10 08:03 - 00057536 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2016-12-14 10:00 - 2015-11-05 19:25 - 00075512 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2016-12-14 10:00 - 2015-11-05 19:25 - 00068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2016-12-14 10:00 - 2015-11-05 19:25 - 00064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 12599296 _____ C:\Windows\system32\ntds.dit
2016-12-14 09:59 - 2016-12-14 09:59 - 05411328 _____ (Microsoft Corporation) C:\Windows\system32\gppref.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 05023232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gppref.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 04198400 _____ (Microsoft Corporation) C:\Windows\system32\dsac.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 03653632 _____ (Microsoft Corporation) C:\Windows\system32\ntdsai.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 03214848 _____ (Microsoft Corporation) C:\Windows\system32\propshts.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 02411008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propshts.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\dfsrmig.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\gpmgmt.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 01678336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpmgmt.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dcpromocmd.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 01241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcpromoui.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00823808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprop.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00759808 _____ (Microsoft Corporation) C:\Windows\system32\adsiedit.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00756224 _____ (Microsoft Corporation) C:\Windows\system32\gpprefbr.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\adprep.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpme.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00577024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefbr.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DfsrHelper.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00494080 _____ (Microsoft Corporation) C:\Windows\system32\GPRSoP.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00470528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPRSoP.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\dfssvc.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcdiag.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schmmgmt.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\gpregistrybrowser.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00268640 _____ C:\Windows\SysWOW64\dfsrHealthReport.xsl
2016-12-14 09:59 - 2016-12-14 09:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\repadmin.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\dsdbutil.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpregistrybrowser.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsdbutil.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiwiz.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\ntdskcc.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dfsncimprov.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\ntdsetup.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcn.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00155741 _____ C:\Windows\SysWOW64\dfsrPropagationReport.xsl
2016-12-14 09:59 - 2016-12-14 09:59 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\domadmin.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcn.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00144951 _____ C:\Windows\SysWOW64\domain.msc
2016-12-14 09:59 - 2016-12-14 09:59 - 00144380 _____ C:\Windows\system32\adsiedit.msc
2016-12-14 09:59 - 2016-12-14 09:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\rendom.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dsget.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\dsquery.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\mtedit.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\DfsRes.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\ldifde.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dsadd.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntfrsapi.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\dsmod.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ldifde.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsget.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsquery.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsrro.sys
2016-12-14 09:59 - 2016-12-14 09:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\ntdsbsrv.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsadd.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsmod.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\gpfixup.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ntdsatq.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csvde.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\csvde.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\dsrm.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\dsmove.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsrm.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\NTFRSPRF.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsmove.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfsfrsHost.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TransformationRulesParser.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntfrsutl.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\redirusr.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\redircmp.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\dsamain.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ntdsmsg.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00001164 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2016-12-14 09:59 - 2016-12-14 09:59 - 00000764 _____ C:\Windows\system32\dsac.exe.config
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Windows\system32\adprep
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Windows\system32\ADDSDeployment_Internal
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Windows\ADWS
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Program Files\Common Files\VMware
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Program Files (x86)\VMware
2016-12-14 09:58 - 2016-12-14 09:58 - 03832832 _____ (Microsoft Corporation) C:\Windows\system32\dfsrs.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 01806336 _____ (Microsoft Corporation) C:\Windows\system32\GPOAdmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01707085 _____ C:\Windows\system32\schema.ini
2016-12-14 09:58 - 2016-12-14 09:58 - 01659904 _____ (Microsoft Corporation) C:\Windows\system32\dcpromoui.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01426432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPOAdmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01197568 _____ (Microsoft Corporation) C:\Windows\system32\GPOAdminCustom.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01093632 _____ (Microsoft Corporation) C:\Windows\system32\dsadmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\ntfrs.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\adprop.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00951296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcpromocmd.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00926208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPOAdminCustom.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsadmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00763392 _____ (Microsoft Corporation) C:\Windows\system32\gpme.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00753152 _____ (Microsoft Corporation) C:\Windows\system32\DfsrHelper.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00643584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsiedit.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\dcdiag.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\kdcsvc.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\ntdsutil.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ldp.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdsutil.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\repadmin.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\schmmgmt.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ldp.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dsrolesrv.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00268640 _____ C:\Windows\system32\dfsrHealthReport.xsl
2016-12-14 09:58 - 2016-12-14 09:58 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\dsmgmt.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\dsuiwiz.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\dfsrapi.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\DfsDiag.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\lsadb.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\dfsutil.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\domadmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsmgmt.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00155741 _____ C:\Windows\system32\dfsrPropagationReport.xsl
2016-12-14 09:58 - 2016-12-14 09:58 - 00146712 _____ C:\Windows\SysWOW64\gpme.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146712 _____ C:\Windows\system32\gpme.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146446 _____ C:\Windows\SysWOW64\gpmc.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146446 _____ C:\Windows\system32\gpmc.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146019 _____ C:\Windows\SysWOW64\gptedit.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146019 _____ C:\Windows\system32\gptedit.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00145017 _____ C:\Windows\SysWOW64\dsa.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00145017 _____ C:\Windows\system32\dsa.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144951 _____ C:\Windows\system32\domain.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144646 _____ C:\Windows\SysWOW64\dssite.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144646 _____ C:\Windows\system32\dssite.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144380 _____ C:\Windows\SysWOW64\adsiedit.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\GPOAdminCommon.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendom.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\ntdsa.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPOAdminCommon.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ntfrsapi.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DfsRes.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ldifde.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\replprov.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\ismserv.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00054624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfs.sys
2016-12-14 09:58 - 2016-12-14 09:58 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpfixup.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\dsacls.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\ismip.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\dsacn.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsacls.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00040774 _____ C:\Windows\system32\ntfrsrep.ini
2016-12-14 09:58 - 2016-12-14 09:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\csvde.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\KdsSvc.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\dfsfrsHost.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NTFRSPRF.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\ntdsperf.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\kdcpw.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdsperf.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00018236 _____ C:\Windows\system32\replprov.mof
2016-12-14 09:58 - 2016-12-14 09:58 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\PwdSSP.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\dfscmd.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00014674 _____ C:\Windows\system32\DefaultDCCloneAllowList.XML
2016-12-14 09:58 - 2016-12-14 09:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\redirusr.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\redircmp.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00011196 _____ C:\Windows\system32\ntfrscon.ini
2016-12-14 09:58 - 2016-12-14 09:58 - 00006738 _____ C:\Windows\system32\ntfrsrep.h
2016-12-14 09:58 - 2016-12-14 09:58 - 00004239 _____ C:\Windows\system32\DCCloneConfigSchema.xsd
2016-12-14 09:38 - 2016-12-15 13:59 - 00009240 _____ C:\Windows\system32\config\netlogon.dnb
2016-12-14 09:38 - 2016-12-15 13:59 - 00002918 _____ C:\Windows\system32\config\netlogon.dns
2016-12-01 16:08 - 2016-12-01 16:08 - 00002256 ____H C:\Users\administrador.ADVOANET\Documents\Default.rdp
2016-11-24 17:55 - 2016-11-24 17:55 - 00000007 _____ C:\Users\administrador.ADVOANET\Downloads\download (1)
2016-11-24 17:54 - 2016-11-24 17:54 - 00000007 _____ C:\Users\administrador.ADVOANET\Downloads\download
2016-11-24 17:47 - 2016-11-24 17:47 - 34154109 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.20161124.174339.mp4
2016-11-24 16:31 - 2016-11-24 16:31 - 00036832 _____ C:\Users\administrador.ADVOANET\Downloads\airvision-20161124-1631.supp
2016-11-24 16:28 - 2016-11-24 16:28 - 00834882 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.20161124.162747.mp4
2016-11-24 16:17 - 2016-11-24 16:17 - 05957084 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.v1.2.17961.130609.0103 (1).bin
2016-11-24 16:15 - 2016-11-24 19:13 - 00000089 _____ C:\Users\administrador.ADVOANET\.ubnt-discovery.properties
2016-11-24 16:15 - 2016-11-24 16:15 - 00144375 _____ C:\Users\administrador.ADVOANET\Downloads\ubnt-discovery-v2.4.1.zip
2016-11-24 16:15 - 2016-11-24 16:15 - 00000000 ____D C:\Users\administrador.ADVOANET\Downloads\ubnt-discovery-v2.4.1
2016-11-24 16:09 - 2016-11-24 18:07 - 00000000 ____D C:\Users\Todos os Usuários\airVision2
2016-11-24 16:09 - 2016-11-24 18:07 - 00000000 ____D C:\ProgramData\airVision2
2016-11-24 16:09 - 2016-11-24 18:07 - 00000000 ____D C:\Program Files (x86)\NTP
2016-11-24 16:09 - 2016-11-24 16:09 - 36012121 _____ (Ubiquiti Networks, Inc.) C:\Users\administrador.ADVOANET\Downloads\airVision2-v2.1.3-x64-installer.exe
2016-11-24 16:07 - 2016-11-24 16:07 - 00002692 _____ C:\Users\administrador.ADVOANET\Downloads\aircam-playlist.xspf
2016-11-24 16:03 - 2016-11-24 16:03 - 05957084 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.v1.2.17961.130609.0103.bin
2016-11-24 15:58 - 2016-11-24 15:58 - 91546631 _____ (Ubiquiti Networks, Inc.) C:\Users\administrador.ADVOANET\Downloads\unifi-video-v3.5.1-x64-installer.exe
2016-11-24 15:51 - 2016-11-24 15:51 - 29819288 _____ C:\Users\administrador.ADVOANET\Downloads\UVC.gen2.v3.5.0.62.db3e2d4.161013.0214 (1).bin
2016-11-24 15:45 - 2016-11-24 15:45 - 30040631 _____ C:\Users\administrador.ADVOANET\Downloads\UVC.gen3l.v3.5.0.62.db3e2d4.161013.0235.bin
2016-11-24 15:41 - 2016-11-24 15:41 - 29819288 _____ C:\Users\administrador.ADVOANET\Downloads\UVC.gen2.v3.5.0.62.db3e2d4.161013.0214.bin
2016-11-24 15:32 - 2016-11-24 18:08 - 00000000 ____D C:\Users\Todos os Usuários\unifi-video
2016-11-24 15:32 - 2016-11-24 18:08 - 00000000 ____D C:\ProgramData\unifi-video
2016-11-24 15:32 - 2016-11-24 15:32 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-11-24 15:32 - 2016-11-24 15:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2016-11-24 15:32 - 2016-11-24 15:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2016-11-24 15:32 - 2016-11-24 15:32 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-11-24 15:32 - 2016-11-24 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-24 15:32 - 2016-11-24 15:32 - 00000000 ____D C:\Program Files\Java
2016-11-24 15:28 - 2016-11-24 15:28 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\LocalLow\Sun
2016-11-24 15:27 - 2016-11-24 15:32 - 91546631 _____ (Ubiquiti Networks, Inc.) C:\Users\administrador.ADVOANET\Desktop\unifi-video-v3.5.1-x64-installer.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-15 14:00 - 2016-10-21 14:09 - 00019648 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-15 13:58 - 2016-08-08 18:18 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-159962782-3156468928-278545600-500
2016-12-15 13:55 - 2013-11-14 05:26 - 01789592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 13:55 - 2013-11-14 05:15 - 00767158 _____ C:\Windows\system32\prfh0416.dat
2016-12-15 13:55 - 2013-11-14 05:15 - 00162774 _____ C:\Windows\system32\prfc0416.dat
2016-12-15 13:55 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-12-15 13:54 - 2016-05-17 18:56 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-15 13:51 - 2013-08-22 12:48 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-15 13:46 - 2016-10-21 14:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-15 13:45 - 2016-08-10 13:05 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-15 13:44 - 2016-10-21 14:09 - 00024768 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-15 13:34 - 2016-08-10 12:13 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-15 13:32 - 2016-08-10 16:27 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-15 13:25 - 2016-08-10 11:07 - 00088248 _____ (Microsoft Corporation) C:\Windows\vcruntime140.dll
2016-12-15 13:19 - 2016-08-08 21:01 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\Local\VMware
2016-12-15 13:12 - 2016-05-17 18:56 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-15 13:01 - 2016-03-10 19:55 - 00003088 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-15 13:01 - 2016-03-10 19:55 - 00003088 __RSH C:\ProgramData\ntuser.pol
2016-12-14 23:14 - 2016-05-17 18:57 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 23:14 - 2016-05-17 18:57 - 00002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 15:37 - 2016-08-08 21:01 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\Roaming\VMware
2016-12-14 14:20 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2016-12-14 13:04 - 2016-08-08 20:58 - 00000000 ____D C:\Users\Todos os Usuários\VMware
2016-12-14 13:04 - 2016-08-08 20:58 - 00000000 ____D C:\ProgramData\VMware
2016-12-14 13:03 - 2013-08-22 11:25 - 00008192 ___SH C:\Windows\system32\config\BBI
2016-12-14 11:56 - 2016-09-04 17:06 - 00000000 ____D C:\Users\administrador.ADVOANET\Documents\Virtual Machines
2016-12-14 10:16 - 2016-03-10 19:53 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2016-12-14 10:00 - 2013-08-22 13:39 - 00000000 ____D C:\Windows\security
2016-12-14 09:59 - 2016-08-08 20:58 - 01798280 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 09:37 - 2013-08-22 12:47 - 00336632 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-03 11:41 - 2016-03-16 17:09 - 00000000 ____D C:\Users\administrador.ADVOANET
2016-11-28 18:06 - 2016-07-05 17:26 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\Local\Google
Alguns arquivos em TEMP:
====================
C:\Users\administrador.ADVOANET\AppData\Local\Temp\siuninst.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe ESTÁ AUSENTE <==== ATENÇÃO
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-14 13:29
==================== Fim de FRST.txt ============================
Executado por administrador (administrador) em BACKUP (15-12-2016 14:03:19)
Executando a partir de C:\Users\administrador.ADVOANET\Downloads
Perfis Carregados: administrador (Perfis Disponíveis: administrador)
Platform: Windows Server 2012 R2 Datacenter (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe
(Microsoft Corporation) C:\Windows\System32\dfsrs.exe
(Microsoft Corporation) C:\Windows\System32\dns.exe
(HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Windows\System32\ismserv.exe
(Microsoft Corporation) C:\Windows\System32\dfssvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\ServerManager.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(Aestan Software) C:\wamp64\wampmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\R@1n-Hook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
IFEO\OSppSvc.exe: [Debugger] R@1n-Hook.exe
IFEO\SppExtComObj.exe: [Debugger] R@1n-Hook.exe
Lsa: [Notification Packages] rassfm scecli ClusAuthMgr
SecurityProviders: credssp.dll, pwdssp.dll
Startup: C:\Users\administrador.ADVOANET\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows 7 - Atalho.lnk [2016-06-28]
ShortcutTarget: Windows 7 - Atalho.lnk -> C:\Users\administrador.ADVOANET\Documents\Virtual Machines\Windows 7\Windows 7.vmx (Nenhum Arquivo)
BootExecute: autocheck autochk /q /v *
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 177.128.192.250 8.8.8.8
Tcpip\..\Interfaces\{02D63B6B-A1C7-4475-BBE5-11A921EAD99B}: [NameServer] 177.128.193.34,127.0.0.1
Tcpip\..\Interfaces\{02D63B6B-A1C7-4475-BBE5-11A921EAD99B}: [DhcpNameServer] 177.128.192.250 8.8.8.8
Tcpip\..\Interfaces\{1BA66699-B5CC-48A3-B3B6-159035F04CCE}: [NameServer] 177.128.193.34,177.128.192.250,127.0.0.1
Tcpip\..\Interfaces\{5E23B638-D2F7-44BE-9335-12C1B9F65C9D}: [DhcpNameServer] 177.128.192.250 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-159962782-3156468928-278545600-500\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/HardAdmin.htm
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-11-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [não assinado]
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default [2016-12-15]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-06]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-06]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-06]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-08]
CHR Extension: (Sem Nome) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-06]
CHR Extension: (Chrome Media Router) - C:\Users\administrador.ADVOANET\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-23]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ADWS; C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe [478720 2016-12-14] (Microsoft Corporation)
S4 ClusSvc; C:\Windows\Cluster\clussvc.exe [7389696 2016-07-09] (Microsoft Corporation)
R2 Dfs; C:\Windows\system32\dfssvc.exe [451072 2016-12-14] (Microsoft Corporation)
R2 DFSR; C:\Windows\system32\DFSRs.exe [3832832 2016-12-14] (Microsoft Corporation)
R2 DNS; C:\Windows\system32\dns.exe [1581056 2016-12-14] (Microsoft Corporation)
S3 DsRoleSvc; C:\Windows\system32\dsrolesrv.dll [279552 2016-12-14] (Microsoft Corporation)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [361888 2012-07-25] (HP)
R2 IsmServ; C:\Windows\System32\ismserv.exe [64512 2016-12-14] (Microsoft Corporation)
R2 Kdc; C:\Windows\system32\kdcsvc.dll [568320 2016-12-14] (Microsoft Corporation)
S3 KdsSvc; C:\Windows\system32\KdsSvc.dll [36352 2016-12-14] (Microsoft Corporation)
S4 KMS-R@1n; C:\Windows\KMS-R@1n.exe [22528 2016-08-07] () [Arquivo não assinado]
S3 KPSSVC; C:\Windows\system32\kpssvc.dll [173056 2013-08-22] (Microsoft Corporation)
R2 NTDS; C:\Windows\system32\ntdsa.dll [97280 2016-12-14] (Microsoft Corporation)
S4 NtFrs; C:\Windows\system32\ntfrs.exe [1001472 2016-12-14] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [85504 2013-08-22] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\SysWOW64\RSoPProv.exe [76288 2013-08-22] (Microsoft Corporation)
S3 sacsvr; C:\Windows\system32\sacsvr.dll [15872 2013-08-22] (Microsoft Corporation)
S3 SmbWitness; C:\Windows\System32\witness.dll [181760 2016-07-09] (Microsoft Corporation)
R2 UALSVC; C:\Windows\System32\ualsvc.dll [248832 2013-08-22] (Microsoft Corporation)
R3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [Arquivo não assinado]
R2 WinTarget; C:\Windows\System32\iSCSITgt.dll [1164288 2016-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S0 bfadfcoei; C:\Windows\System32\drivers\bfadfcoei.sys [2265440 2013-08-22] (Brocade Communications Systems, Inc.)
S0 bfadi; C:\Windows\System32\drivers\bfadi.sys [2265440 2013-08-22] (Brocade Communications Systems, Inc.)
S0 bxfcoe; C:\Windows\System32\drivers\bxfcoe.sys [187744 2013-08-22] (Broadcom Corporation)
S0 bxois; C:\Windows\System32\drivers\bxois.sys [560480 2013-08-22] (Broadcom Corporation)
R2 CCFFilter; C:\Windows\system32\drivers\CCFFilter.sys [33120 2016-07-09] (Microsoft Corporation)
R1 ClusDisk; C:\Windows\System32\drivers\ClusDisk.sys [67072 2013-08-22] (Microsoft Corporation)
S3 CsvFlt; C:\Windows\System32\drivers\CsvFlt.sys [210432 2016-07-09] (Microsoft Corporation)
S3 CsvFs; C:\Windows\System32\drivers\CsvFs.sys [650752 2016-07-09] (Microsoft Corporation)
S3 CsvNSFlt; C:\Windows\System32\drivers\CsvNSFlt.sys [66048 2016-07-09] (Microsoft Corporation)
R3 csvvbus; C:\Windows\System32\drivers\csvvbus.sys [153600 2013-11-14] (Microsoft Corporation)
R1 DfsDriver; C:\Windows\System32\drivers\dfs.sys [54624 2016-12-14] (Microsoft Corporation)
R0 DfsrRo; C:\Windows\System32\drivers\dfsrro.sys [66400 2016-12-14] (Microsoft Corporation)
S0 elxfcoe; C:\Windows\System32\drivers\elxfcoe.sys [712032 2013-08-22] (Emulex)
S3 MsLbfoProvider; C:\Windows\system32\DRIVERS\MsLbfoProvider.sys [115712 2013-11-14] (Microsoft Corporation)
R3 Netft; C:\Windows\system32\DRIVERS\netft.sys [98304 2013-08-22] (Microsoft Corporation)
S0 ql2300i; C:\Windows\System32\drivers\ql2300i.sys [1508704 2013-08-22] (QLogic Corporation)
S0 ql40xx2i; C:\Windows\System32\drivers\ql40xx2i.sys [475488 2013-08-22] (QLogic Corporation)
S0 qlfcoei; C:\Windows\System32\drivers\qlfcoei.sys [1300320 2013-08-22] (QLogic Corporation)
R2 ResumeKeyFilter; C:\Windows\system32\drivers\ResumeKeyFilter.sys [333152 2016-07-09] (Microsoft Corporation)
S3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
S0 sacdrv; C:\Windows\System32\DRIVERS\sacdrv.sys [94048 2013-08-22] (Microsoft Corporation)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [145920 2013-11-14] (Microsoft Corporation)
R2 svhdxflt; C:\Windows\System32\drivers\svhdxflt.sys [154624 2016-07-09] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [172544 2013-08-22] (Microsoft Corporation)
R3 wtlmdrv; C:\Windows\System32\drivers\wtlmdrv.sys [31232 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
NETSVC: sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-15 14:03 - 2016-12-15 14:03 - 02420224 _____ (Farbar) C:\Users\administrador.ADVOANET\Downloads\FRST64.exe
2016-12-15 14:03 - 2016-12-15 14:03 - 00011642 _____ C:\Users\administrador.ADVOANET\Downloads\FRST.txt
2016-12-15 14:03 - 2016-12-15 14:03 - 00000000 ____D C:\FRST
2016-12-15 14:02 - 2016-12-15 14:02 - 01761792 _____ (Farbar) C:\Users\administrador.ADVOANET\Downloads\FRST.exe
2016-12-15 14:00 - 2016-12-15 14:00 - 00011857 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-heap-l1-1-0.zip
2016-12-15 13:59 - 2016-12-15 13:59 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64 (3).msu
2016-12-15 13:49 - 2016-12-15 13:49 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64 (2).msu
2016-12-15 13:46 - 2016-12-15 13:46 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64 (3).exe
2016-12-15 13:46 - 2016-12-15 13:46 - 00007832 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-locale-l1-1-0.zip
2016-12-15 13:44 - 2016-12-15 13:44 - 00005217 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-math-l1-1-0.zip
2016-12-15 13:43 - 2016-12-15 13:43 - 00013807 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-string-l1-1-0.zip
2016-12-15 13:42 - 2016-12-15 13:42 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64 (1).msu
2016-12-15 13:41 - 2016-12-15 13:41 - 01005170 _____ C:\Users\administrador.ADVOANET\Downloads\Windows8.1-KB2999226-x64.msu
2016-12-15 13:34 - 2016-12-15 13:34 - 00004042 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-stdio-l1-1-0.zip
2016-12-15 13:32 - 2016-12-15 13:32 - 00003630 _____ C:\Users\administrador.ADVOANET\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-12-15 13:29 - 2016-12-15 13:29 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64 (2).exe
2016-12-15 13:29 - 2016-12-15 13:29 - 07186992 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vcredist_x64 (1).exe
2016-12-15 13:28 - 2016-12-15 13:28 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64 (1).exe
2016-12-15 13:27 - 2016-12-15 13:27 - 14749120 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vc_redist.x64.exe
2016-12-15 13:25 - 2016-12-15 13:25 - 00049273 _____ C:\Users\administrador.ADVOANET\Downloads\vcruntime140.zip
2016-12-15 13:22 - 2016-12-15 13:23 - 00001453 _____ C:\Users\Public\Desktop\Wampserver64.lnk
2016-12-15 13:22 - 2016-12-15 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64
2016-12-15 13:20 - 2016-12-15 13:21 - 00000000 ____D C:\wamp64
2016-12-15 13:19 - 2016-12-15 13:29 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-15 13:19 - 2016-12-15 13:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-15 13:19 - 2016-12-15 13:20 - 219506793 _____ (Dominique Ottello aka Otomatic ) C:\Users\administrador.ADVOANET\Downloads\wampserver3.0.6_x64_apache2.4.23_mysql5.7.14_php5.6.25-7.0.10.exe
2016-12-15 13:19 - 2016-12-15 13:19 - 07186992 _____ (Microsoft Corporation) C:\Users\administrador.ADVOANET\Downloads\vcredist_x64.exe
2016-12-14 15:35 - 2016-12-14 15:35 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-14 15:32 - 2016-12-14 15:32 - 00002075 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2016-12-14 15:32 - 2016-12-14 15:32 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY
2016-12-14 15:32 - 2016-12-14 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-14 15:32 - 2016-12-14 15:32 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2016-12-14 15:31 - 2016-12-14 15:32 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-14 15:30 - 2016-12-14 15:30 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-12-14 15:30 - 2016-12-14 15:30 - 00000000 ____D C:\ProgramData\HP
2016-12-14 15:30 - 2016-12-14 15:30 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-14 15:30 - 2012-11-08 01:00 - 00081920 _____ C:\Windows\SysWOW64\mvusbews.dll
2016-12-14 15:30 - 2012-09-29 13:26 - 01366528 _____ C:\Windows\system32\HPM1210SM.exe
2016-12-14 15:30 - 2012-09-29 13:25 - 00409088 _____ C:\Windows\system32\HPM1210LM.DLL
2016-12-14 15:30 - 2012-09-29 13:05 - 00350720 _____ C:\Windows\system32\mvhlewsi.DLL
2016-12-14 15:29 - 2016-12-14 15:29 - 00000000 ____D C:\Program Files\HP
2016-12-14 15:29 - 2012-11-08 08:32 - 00126856 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2016-12-14 15:28 - 2012-11-08 01:00 - 00213504 _____ C:\Windows\system32\m1210wia.dll
2016-12-14 15:28 - 2012-11-08 01:00 - 00091648 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\m1210nwia2.dll
2016-12-14 15:28 - 2012-11-08 01:00 - 00052224 _____ C:\Windows\system32\HPM1210SMs.dll
2016-12-14 15:28 - 2012-11-08 01:00 - 00038912 _____ C:\Windows\system32\HPImgFlt.dll
2016-12-14 15:19 - 2016-12-14 15:27 - 222998632 _____ C:\Users\administrador.ADVOANET\Downloads\LJM1130_M1210_MFP_Full_Solution.exe
2016-12-14 14:24 - 2016-12-14 14:24 - 60781368 _____ C:\Users\administrador.ADVOANET\Downloads\Setup_IP4[192_168_40_24]_H[NPIB04764] (1).exe
2016-12-14 14:19 - 2016-12-14 14:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-12-14 14:19 - 2016-12-14 14:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2016-12-14 14:19 - 2016-12-14 14:19 - 00146389 _____ C:\Windows\system32\printmanagement.msc
2016-12-14 14:19 - 2016-12-14 14:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2016-12-14 14:13 - 2016-12-14 14:13 - 00001171 _____ C:\Users\administrador.ADVOANET\Desktop\HP LaserJet Professional M1212nf MFP - Atalho (2).lnk
2016-12-14 13:28 - 2016-12-14 13:28 - 00000000 ____D C:\ManageEngineServerMonitor
2016-12-14 12:57 - 2016-12-14 12:57 - 00001171 _____ C:\Users\administrador.ADVOANET\Desktop\HP LaserJet Professional M1212nf MFP - Atalho.lnk
2016-12-14 12:52 - 2016-12-14 12:52 - 60781368 _____ C:\Users\administrador.ADVOANET\Downloads\Setup_IP4[192_168_40_24]_H[NPIB04764].exe
2016-12-14 12:52 - 2011-04-15 14:14 - 00222720 _____ C:\Windows\system32\m1210nwia.dll
2016-12-14 11:19 - 2016-02-23 18:16 - 67707084 _____ C:\Users\administrador.ADVOANET\Desktop\Integrator (2).exe
2016-12-14 10:35 - 2016-12-15 13:51 - 00000000 ____D C:\Windows\system32\dns
2016-12-14 10:35 - 2016-12-15 13:51 - 00000000 ____D C:\Windows\NTDS
2016-12-14 10:35 - 2016-12-14 10:35 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\dnsmgr.dll
2016-12-14 10:35 - 2016-12-14 10:35 - 01581056 _____ (Microsoft Corporation) C:\Windows\system32\dns.exe
2016-12-14 10:35 - 2016-12-14 10:35 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\dnscmd.exe
2016-12-14 10:35 - 2016-12-14 10:35 - 00145867 _____ C:\Windows\system32\dnsmgmt.msc
2016-12-14 10:35 - 2016-12-14 10:35 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\dnsperf.dll
2016-12-14 10:35 - 2016-12-14 10:35 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsperf.dll
2016-12-14 10:35 - 2016-12-14 09:34 - 00000000 ____D C:\Windows\SYSVOL
2016-12-14 10:00 - 2016-04-14 17:17 - 00934080 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2016-12-14 10:00 - 2016-04-14 17:17 - 00392896 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2016-12-14 10:00 - 2016-04-14 17:17 - 00358080 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2016-12-14 10:00 - 2016-04-14 17:17 - 00066752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2016-12-14 10:00 - 2016-04-14 16:53 - 00026816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2016-12-14 10:00 - 2016-03-10 08:03 - 00057536 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2016-12-14 10:00 - 2015-11-05 19:25 - 00075512 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2016-12-14 10:00 - 2015-11-05 19:25 - 00068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2016-12-14 10:00 - 2015-11-05 19:25 - 00064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 12599296 _____ C:\Windows\system32\ntds.dit
2016-12-14 09:59 - 2016-12-14 09:59 - 05411328 _____ (Microsoft Corporation) C:\Windows\system32\gppref.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 05023232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gppref.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 04198400 _____ (Microsoft Corporation) C:\Windows\system32\dsac.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 03653632 _____ (Microsoft Corporation) C:\Windows\system32\ntdsai.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 03214848 _____ (Microsoft Corporation) C:\Windows\system32\propshts.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 02411008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propshts.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\dfsrmig.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\gpmgmt.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 01678336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpmgmt.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dcpromocmd.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 01241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcpromoui.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00823808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprop.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00759808 _____ (Microsoft Corporation) C:\Windows\system32\adsiedit.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00756224 _____ (Microsoft Corporation) C:\Windows\system32\gpprefbr.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\adprep.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpme.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00577024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefbr.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DfsrHelper.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00494080 _____ (Microsoft Corporation) C:\Windows\system32\GPRSoP.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00470528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPRSoP.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\dfssvc.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcdiag.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schmmgmt.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\gpregistrybrowser.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00268640 _____ C:\Windows\SysWOW64\dfsrHealthReport.xsl
2016-12-14 09:59 - 2016-12-14 09:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\repadmin.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\dsdbutil.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpregistrybrowser.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsdbutil.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00196096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiwiz.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\ntdskcc.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dfsncimprov.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\ntdsetup.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcn.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00155741 _____ C:\Windows\SysWOW64\dfsrPropagationReport.xsl
2016-12-14 09:59 - 2016-12-14 09:59 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\domadmin.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcn.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00144951 _____ C:\Windows\SysWOW64\domain.msc
2016-12-14 09:59 - 2016-12-14 09:59 - 00144380 _____ C:\Windows\system32\adsiedit.msc
2016-12-14 09:59 - 2016-12-14 09:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\rendom.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dsget.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\dsquery.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\mtedit.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\DfsRes.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\ldifde.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dsadd.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntfrsapi.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\dsmod.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ldifde.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsget.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsquery.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsrro.sys
2016-12-14 09:59 - 2016-12-14 09:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\ntdsbsrv.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsadd.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsmod.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\gpfixup.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ntdsatq.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csvde.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\csvde.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\dsrm.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\dsmove.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsrm.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\NTFRSPRF.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsmove.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfsfrsHost.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TransformationRulesParser.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntfrsutl.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\redirusr.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\redircmp.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\dsamain.exe
2016-12-14 09:59 - 2016-12-14 09:59 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ntdsmsg.dll
2016-12-14 09:59 - 2016-12-14 09:59 - 00001164 _____ C:\Users\Public\Desktop\VMware Workstation 12 Player.lnk
2016-12-14 09:59 - 2016-12-14 09:59 - 00000764 _____ C:\Windows\system32\dsac.exe.config
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Windows\system32\adprep
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Windows\system32\ADDSDeployment_Internal
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Windows\ADWS
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Program Files\Common Files\VMware
2016-12-14 09:59 - 2016-12-14 09:59 - 00000000 ____D C:\Program Files (x86)\VMware
2016-12-14 09:58 - 2016-12-14 09:58 - 03832832 _____ (Microsoft Corporation) C:\Windows\system32\dfsrs.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 01806336 _____ (Microsoft Corporation) C:\Windows\system32\GPOAdmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01707085 _____ C:\Windows\system32\schema.ini
2016-12-14 09:58 - 2016-12-14 09:58 - 01659904 _____ (Microsoft Corporation) C:\Windows\system32\dcpromoui.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01426432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPOAdmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01197568 _____ (Microsoft Corporation) C:\Windows\system32\GPOAdminCustom.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01093632 _____ (Microsoft Corporation) C:\Windows\system32\dsadmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 01001472 _____ (Microsoft Corporation) C:\Windows\system32\ntfrs.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\adprop.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00951296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcpromocmd.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00926208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPOAdminCustom.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsadmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00763392 _____ (Microsoft Corporation) C:\Windows\system32\gpme.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00753152 _____ (Microsoft Corporation) C:\Windows\system32\DfsrHelper.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00643584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsiedit.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\dcdiag.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\kdcsvc.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\ntdsutil.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ldp.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdsutil.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\repadmin.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\schmmgmt.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ldp.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dsrolesrv.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00268640 _____ C:\Windows\system32\dfsrHealthReport.xsl
2016-12-14 09:58 - 2016-12-14 09:58 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\dsmgmt.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\dsuiwiz.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\dfsrapi.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\DfsDiag.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\lsadb.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\dfsutil.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\domadmin.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsmgmt.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00155741 _____ C:\Windows\system32\dfsrPropagationReport.xsl
2016-12-14 09:58 - 2016-12-14 09:58 - 00146712 _____ C:\Windows\SysWOW64\gpme.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146712 _____ C:\Windows\system32\gpme.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146446 _____ C:\Windows\SysWOW64\gpmc.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146446 _____ C:\Windows\system32\gpmc.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146019 _____ C:\Windows\SysWOW64\gptedit.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00146019 _____ C:\Windows\system32\gptedit.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00145017 _____ C:\Windows\SysWOW64\dsa.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00145017 _____ C:\Windows\system32\dsa.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144951 _____ C:\Windows\system32\domain.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144646 _____ C:\Windows\SysWOW64\dssite.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144646 _____ C:\Windows\system32\dssite.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00144380 _____ C:\Windows\SysWOW64\adsiedit.msc
2016-12-14 09:58 - 2016-12-14 09:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\GPOAdminCommon.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendom.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\ntdsa.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GPOAdminCommon.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ntfrsapi.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DfsRes.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ldifde.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\replprov.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\ismserv.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00054624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfs.sys
2016-12-14 09:58 - 2016-12-14 09:58 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpfixup.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\dsacls.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\ismip.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\dsacn.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsacls.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00040774 _____ C:\Windows\system32\ntfrsrep.ini
2016-12-14 09:58 - 2016-12-14 09:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\csvde.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\KdsSvc.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\dfsfrsHost.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NTFRSPRF.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\ntdsperf.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\kdcpw.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdsperf.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00018236 _____ C:\Windows\system32\replprov.mof
2016-12-14 09:58 - 2016-12-14 09:58 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\PwdSSP.dll
2016-12-14 09:58 - 2016-12-14 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\dfscmd.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00014674 _____ C:\Windows\system32\DefaultDCCloneAllowList.XML
2016-12-14 09:58 - 2016-12-14 09:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\redirusr.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\redircmp.exe
2016-12-14 09:58 - 2016-12-14 09:58 - 00011196 _____ C:\Windows\system32\ntfrscon.ini
2016-12-14 09:58 - 2016-12-14 09:58 - 00006738 _____ C:\Windows\system32\ntfrsrep.h
2016-12-14 09:58 - 2016-12-14 09:58 - 00004239 _____ C:\Windows\system32\DCCloneConfigSchema.xsd
2016-12-14 09:38 - 2016-12-15 13:59 - 00009240 _____ C:\Windows\system32\config\netlogon.dnb
2016-12-14 09:38 - 2016-12-15 13:59 - 00002918 _____ C:\Windows\system32\config\netlogon.dns
2016-12-01 16:08 - 2016-12-01 16:08 - 00002256 ____H C:\Users\administrador.ADVOANET\Documents\Default.rdp
2016-11-24 17:55 - 2016-11-24 17:55 - 00000007 _____ C:\Users\administrador.ADVOANET\Downloads\download (1)
2016-11-24 17:54 - 2016-11-24 17:54 - 00000007 _____ C:\Users\administrador.ADVOANET\Downloads\download
2016-11-24 17:47 - 2016-11-24 17:47 - 34154109 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.20161124.174339.mp4
2016-11-24 16:31 - 2016-11-24 16:31 - 00036832 _____ C:\Users\administrador.ADVOANET\Downloads\airvision-20161124-1631.supp
2016-11-24 16:28 - 2016-11-24 16:28 - 00834882 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.20161124.162747.mp4
2016-11-24 16:17 - 2016-11-24 16:17 - 05957084 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.v1.2.17961.130609.0103 (1).bin
2016-11-24 16:15 - 2016-11-24 19:13 - 00000089 _____ C:\Users\administrador.ADVOANET\.ubnt-discovery.properties
2016-11-24 16:15 - 2016-11-24 16:15 - 00144375 _____ C:\Users\administrador.ADVOANET\Downloads\ubnt-discovery-v2.4.1.zip
2016-11-24 16:15 - 2016-11-24 16:15 - 00000000 ____D C:\Users\administrador.ADVOANET\Downloads\ubnt-discovery-v2.4.1
2016-11-24 16:09 - 2016-11-24 18:07 - 00000000 ____D C:\Users\Todos os Usuários\airVision2
2016-11-24 16:09 - 2016-11-24 18:07 - 00000000 ____D C:\ProgramData\airVision2
2016-11-24 16:09 - 2016-11-24 18:07 - 00000000 ____D C:\Program Files (x86)\NTP
2016-11-24 16:09 - 2016-11-24 16:09 - 36012121 _____ (Ubiquiti Networks, Inc.) C:\Users\administrador.ADVOANET\Downloads\airVision2-v2.1.3-x64-installer.exe
2016-11-24 16:07 - 2016-11-24 16:07 - 00002692 _____ C:\Users\administrador.ADVOANET\Downloads\aircam-playlist.xspf
2016-11-24 16:03 - 2016-11-24 16:03 - 05957084 _____ C:\Users\administrador.ADVOANET\Downloads\AirCam.v1.2.17961.130609.0103.bin
2016-11-24 15:58 - 2016-11-24 15:58 - 91546631 _____ (Ubiquiti Networks, Inc.) C:\Users\administrador.ADVOANET\Downloads\unifi-video-v3.5.1-x64-installer.exe
2016-11-24 15:51 - 2016-11-24 15:51 - 29819288 _____ C:\Users\administrador.ADVOANET\Downloads\UVC.gen2.v3.5.0.62.db3e2d4.161013.0214 (1).bin
2016-11-24 15:45 - 2016-11-24 15:45 - 30040631 _____ C:\Users\administrador.ADVOANET\Downloads\UVC.gen3l.v3.5.0.62.db3e2d4.161013.0235.bin
2016-11-24 15:41 - 2016-11-24 15:41 - 29819288 _____ C:\Users\administrador.ADVOANET\Downloads\UVC.gen2.v3.5.0.62.db3e2d4.161013.0214.bin
2016-11-24 15:32 - 2016-11-24 18:08 - 00000000 ____D C:\Users\Todos os Usuários\unifi-video
2016-11-24 15:32 - 2016-11-24 18:08 - 00000000 ____D C:\ProgramData\unifi-video
2016-11-24 15:32 - 2016-11-24 15:32 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-11-24 15:32 - 2016-11-24 15:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2016-11-24 15:32 - 2016-11-24 15:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2016-11-24 15:32 - 2016-11-24 15:32 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-11-24 15:32 - 2016-11-24 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-24 15:32 - 2016-11-24 15:32 - 00000000 ____D C:\Program Files\Java
2016-11-24 15:28 - 2016-11-24 15:28 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\LocalLow\Sun
2016-11-24 15:27 - 2016-11-24 15:32 - 91546631 _____ (Ubiquiti Networks, Inc.) C:\Users\administrador.ADVOANET\Desktop\unifi-video-v3.5.1-x64-installer.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-15 14:00 - 2016-10-21 14:09 - 00019648 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-12-15 13:58 - 2016-08-08 18:18 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-159962782-3156468928-278545600-500
2016-12-15 13:55 - 2013-11-14 05:26 - 01789592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-15 13:55 - 2013-11-14 05:15 - 00767158 _____ C:\Windows\system32\prfh0416.dat
2016-12-15 13:55 - 2013-11-14 05:15 - 00162774 _____ C:\Windows\system32\prfc0416.dat
2016-12-15 13:55 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-12-15 13:54 - 2016-05-17 18:56 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-15 13:51 - 2013-08-22 12:48 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-15 13:46 - 2016-10-21 14:09 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-12-15 13:45 - 2016-08-10 13:05 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-12-15 13:44 - 2016-10-21 14:09 - 00024768 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-12-15 13:34 - 2016-08-10 12:13 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-12-15 13:32 - 2016-08-10 16:27 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-12-15 13:25 - 2016-08-10 11:07 - 00088248 _____ (Microsoft Corporation) C:\Windows\vcruntime140.dll
2016-12-15 13:19 - 2016-08-08 21:01 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\Local\VMware
2016-12-15 13:12 - 2016-05-17 18:56 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-15 13:01 - 2016-03-10 19:55 - 00003088 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-12-15 13:01 - 2016-03-10 19:55 - 00003088 __RSH C:\ProgramData\ntuser.pol
2016-12-14 23:14 - 2016-05-17 18:57 - 00002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 23:14 - 2016-05-17 18:57 - 00002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 15:37 - 2016-08-08 21:01 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\Roaming\VMware
2016-12-14 14:20 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2016-12-14 13:04 - 2016-08-08 20:58 - 00000000 ____D C:\Users\Todos os Usuários\VMware
2016-12-14 13:04 - 2016-08-08 20:58 - 00000000 ____D C:\ProgramData\VMware
2016-12-14 13:03 - 2013-08-22 11:25 - 00008192 ___SH C:\Windows\system32\config\BBI
2016-12-14 11:56 - 2016-09-04 17:06 - 00000000 ____D C:\Users\administrador.ADVOANET\Documents\Virtual Machines
2016-12-14 10:16 - 2016-03-10 19:53 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2016-12-14 10:00 - 2013-08-22 13:39 - 00000000 ____D C:\Windows\security
2016-12-14 09:59 - 2016-08-08 20:58 - 01798280 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 09:37 - 2013-08-22 12:47 - 00336632 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-03 11:41 - 2016-03-16 17:09 - 00000000 ____D C:\Users\administrador.ADVOANET
2016-11-28 18:06 - 2016-07-05 17:26 - 00000000 ____D C:\Users\administrador.ADVOANET\AppData\Local\Google
Alguns arquivos em TEMP:
====================
C:\Users\administrador.ADVOANET\AppData\Local\Temp\siuninst.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe ESTÁ AUSENTE <==== ATENÇÃO
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-14 13:29
==================== Fim de FRST.txt ============================