Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-06-2016 01 Executado por user (administrador) em ALL-USER (21-06-2016 11:39:09) Executando a partir de C:\Users\user\Desktop Perfis Carregados: user (Perfis Disponíveis: user) Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: IE) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe (HP) C:\Windows\System32\HPSIsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe () C:\Windows\KMS-R@1nhook.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKU\S-1-5-21-3421025856-2253569183-1582983230-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation) IFEO\OSppSvc.exe: [Debugger] KMS-R@1nhook.exe IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nhook.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 208.67.220.220 8.8.4.4 208.67.222.222 Tcpip\..\Interfaces\{C215E109-A26B-4F4C-ACF1-2067623B8009}: [DhcpNameServer] 208.67.220.220 8.8.4.4 208.67.222.222 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation) Chrome: ======= CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\pdf.dll => Nenhum Arquivo CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\gcswf32.dll => Nenhum Arquivo CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Nenhum Arquivo CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-09] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-31] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-09] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP) S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-06-16] () [Arquivo não assinado] S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2010-04-28] () R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-23] (Basil Projects) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-21 11:38 - 2016-06-21 11:39 - 00008692 _____ C:\Users\user\Desktop\FRST.txt 2016-06-21 11:38 - 2016-06-21 11:38 - 00022453 _____ C:\Users\user\Desktop\Addition.txt 2016-06-21 11:38 - 2016-06-21 11:29 - 02387456 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe 2016-06-21 11:31 - 2016-06-21 11:34 - 00022288 _____ C:\Users\user\Downloads\Addition.txt 2016-06-21 11:30 - 2016-06-21 11:34 - 00035435 _____ C:\Users\user\Downloads\FRST.txt 2016-06-21 11:29 - 2016-06-21 11:39 - 00000000 ____D C:\FRST 2016-06-21 11:24 - 2016-06-21 11:29 - 02387456 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2016-06-21 11:15 - 2016-06-21 11:15 - 00002897 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk 2016-06-21 10:50 - 2016-06-21 10:50 - 00014788 _____ C:\Users\user\Downloads\Consulta 463040.pdf 2016-06-21 10:31 - 2016-06-21 11:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016 2016-06-21 10:31 - 2016-06-21 11:12 - 00002953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002833 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-06-21 10:31 - 2016-06-21 11:12 - 00002793 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-06-21 10:30 - 2016-06-21 10:30 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-06-21 10:29 - 2016-06-21 10:29 - 00000000 ____D C:\Windows\PCHEALTH 2016-06-21 10:29 - 2016-06-21 10:29 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2016-06-21 10:29 - 2016-06-21 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-21 10:29 - 2016-06-21 10:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2016-06-21 10:28 - 2016-06-21 10:28 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-06-21 10:28 - 2016-06-21 10:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-06-21 10:28 - 2016-06-21 10:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-06-21 10:23 - 2016-06-21 10:23 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics 2016-06-21 10:00 - 2016-06-21 10:16 - 00003866 _____ C:\Users\user\Downloads\api-ms-win-crt-stdio-l1-1-0.dll 2016-06-16 16:22 - 2016-06-16 16:22 - 00003730 _____ C:\Windows\System32\Tasks\KMSAutoNet 2016-06-16 16:22 - 2016-06-16 16:22 - 00000000 ____D C:\Users\Todos os Usuários\KMSAutoS 2016-06-16 16:22 - 2016-06-16 16:22 - 00000000 ____D C:\ProgramData\KMSAutoS 2016-06-16 16:21 - 2016-06-16 16:21 - 00000000 ____D C:\Users\user\AppData\Local\MSfree Inc 2016-06-16 15:45 - 2016-06-16 15:45 - 00000000 ____D C:\Users\user\AppData\Local\mpress 2016-06-16 15:44 - 2016-06-16 16:25 - 00003314 _____ C:\Users\Public\Desktop\R@1n.txt 2016-06-16 15:44 - 2016-06-16 15:44 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS 2016-06-16 15:43 - 2016-06-16 16:24 - 00026112 _____ C:\Windows\KMS-R@1n.exe 2016-06-16 15:43 - 2016-06-16 16:24 - 00007168 _____ C:\Windows\KMS-QADhook.dll 2016-06-16 15:43 - 2016-06-16 16:24 - 00004608 _____ C:\Windows\KMS-R@1nhook.exe 2016-06-16 15:37 - 2016-06-21 11:11 - 00000000 ____D C:\Program Files\Microsoft Office 2016-06-15 14:39 - 2016-06-15 14:44 - 00130136 _____ C:\Users\user\Downloads\Outlook.com (4).zip.zw6m9vx.partial 2016-06-15 12:48 - 2016-06-15 12:51 - 00212156 _____ C:\Users\user\Downloads\Outlook.com (3).zip.9b38jny.partial 2016-06-13 19:09 - 2016-06-13 19:15 - 03480776 _____ (Microsoft Corporation) C:\Users\user\Downloads\Setup.x86.pt-br_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe 2016-06-13 13:08 - 2016-06-13 13:08 - 00211586 _____ C:\Users\user\Downloads\Outlook.com (2).zip 2016-06-10 07:08 - 2016-06-10 07:08 - 00000000 ___HD C:\$Windows.~WS 2016-06-10 05:20 - 2016-06-10 05:20 - 00000000 ____D C:\$WINDOWS.~BT 2016-06-10 05:19 - 2016-06-10 05:20 - 00003716 _____ C:\Windows\diagwrn.xml 2016-06-10 05:19 - 2016-06-10 05:20 - 00002492 _____ C:\Windows\diagerr.xml 2016-06-09 18:59 - 2016-06-10 07:07 - 19733696 _____ (Microsoft Corporation) C:\Users\user\Downloads\MediaCreationToolx64.exe 2016-06-09 18:06 - 2016-06-09 18:56 - 18277680 _____ (Microsoft Corporation) C:\Users\user\Downloads\MediaCreationTool.exe 2016-06-09 10:26 - 2016-06-08 12:30 - 03061248 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\user\Documents\UsbFix_2016_8.130.exe 2016-06-08 16:27 - 2016-06-08 16:27 - 00000000 ____D C:\Users\user\Documents\Meu Scanner 2016-06-03 10:43 - 2016-06-03 10:43 - 00305169 _____ C:\Users\user\Downloads\DuvidasFrequentes.pdf 2016-06-03 10:39 - 2016-06-03 10:41 - 01064020 _____ C:\Users\user\Downloads\KitDocumentos.pdf.tcmmobh.partial 2016-06-02 10:51 - 2014-10-30 19:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2016-06-02 10:51 - 2014-10-30 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-05-31 10:46 - 2014-04-19 08:15 - 21186352 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-05-31 10:46 - 2014-04-19 03:49 - 18644072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-05-27 12:10 - 2016-05-27 12:11 - 00669586 _____ C:\Users\user\Downloads\Outlook.com (1).zip 2016-05-26 10:36 - 2016-05-26 10:36 - 00000000 ____D C:\Users\user\AppData\Roaming\MPC-HC 2016-05-25 20:37 - 2016-05-25 20:43 - 00588989 _____ C:\Users\user\Downloads\Outlook.com.zip.jhkvl6a.partial 2016-05-23 10:29 - 2016-05-23 11:11 - 00020480 _____ C:\Users\user\Desktop\ficha de produçao - Copia.xls 2016-05-17 12:06 - 2016-05-17 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-05-17 12:06 - 2015-02-18 15:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll 2016-05-17 12:06 - 2014-12-21 10:58 - 03570688 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll 2016-05-17 12:06 - 2014-12-21 10:57 - 03588608 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll 2016-05-17 12:06 - 2014-12-04 19:56 - 00729088 _____ C:\Windows\system32\xvidcore.dll 2016-05-17 12:06 - 2014-12-04 19:55 - 00655872 _____ C:\Windows\SysWOW64\xvidcore.dll 2016-05-17 12:06 - 2014-11-14 11:12 - 00254976 _____ C:\Windows\system32\xvidvfw.dll 2016-05-17 12:06 - 2014-11-14 11:11 - 00240128 _____ C:\Windows\SysWOW64\xvidvfw.dll 2016-05-17 12:06 - 2012-07-21 08:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm 2016-05-17 12:06 - 2012-07-21 08:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm 2016-05-17 12:06 - 2011-12-07 15:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll 2016-05-17 12:06 - 2011-12-07 15:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll 2016-05-17 12:05 - 2016-05-17 12:06 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2016-05-11 17:02 - 2016-05-25 21:36 - 00057078 _____ C:\Users\user\Downloads\perfil-govsaude---ciclo-2016---secretarias-municipais-de-sade-91.pdf 2016-05-11 16:28 - 2016-05-11 16:28 - 00000000 ____D C:\Users\user\Desktop\Sertanejo♡♡ 2016-05-11 16:08 - 2016-05-11 16:08 - 00061498 _____ C:\Users\user\Downloads\csociais-ETNOLOGIA-DA-AMAZNIA.pdf 2016-05-09 15:42 - 2016-05-09 15:44 - 00042701 _____ C:\Users\user\Downloads\perfil-govsaude---ciclo-2016---conselhos-de-sade-766873.pdf 2016-05-06 08:55 - 2016-05-06 08:55 - 00000000 ____D C:\Users\user\aTubeCatcher 2016-05-04 10:10 - 2013-11-27 12:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-05-04 10:10 - 2013-11-27 08:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe 2016-05-04 10:10 - 2013-11-27 07:34 - 00138240 _____ C:\Windows\system32\OEMLicense.dll 2016-05-04 10:10 - 2013-11-27 06:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll 2016-05-04 10:10 - 2013-11-27 05:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-05-04 10:10 - 2013-11-27 05:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2016-05-04 10:10 - 2013-11-27 05:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-05-04 10:10 - 2013-11-27 05:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2016-05-04 10:10 - 2013-11-27 05:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2016-05-04 10:10 - 2013-11-27 05:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2016-05-03 11:44 - 2016-05-03 11:44 - 00249298 _____ C:\Users\user\Downloads\normas_montar_centro_.pdf 2016-05-03 11:27 - 2016-05-03 11:27 - 00935122 _____ C:\Users\user\Desktop\manual_odontologico.pdf 2016-05-02 16:41 - 2016-05-02 16:41 - 00122480 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT 2016-04-29 09:57 - 2014-02-11 00:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-04-29 09:46 - 2012-01-13 16:56 - 00088956 _____ C:\Users\user\Desktop\rdc_63_nov_2011_boas_prat_serv_saude.pdf 2016-04-28 15:32 - 2016-04-28 15:32 - 01864060 _____ C:\Users\user\Downloads\access.pdf 2016-04-28 15:32 - 2016-04-28 15:32 - 00938991 _____ C:\Users\user\Downloads\access (1).pdf 2016-04-28 15:27 - 2016-04-28 15:27 - 00125721 _____ C:\Users\user\Downloads\Aula6.pdf 2016-04-28 15:23 - 2016-04-28 15:23 - 00385659 _____ C:\Users\user\Downloads\Apostila1.pdf 2016-04-28 15:12 - 2016-04-28 15:17 - 02959069 _____ C:\Users\user\Downloads\ATIVADOR Of2013.zip 2016-04-28 15:11 - 2016-04-28 15:11 - 01083784 _____ (WinZip) C:\Users\user\Downloads\wz20-mf.exe 2016-04-28 15:06 - 2016-04-28 15:06 - 00001242 _____ C:\Users\Public\Desktop\aTube Catcher.lnk 2016-04-28 15:06 - 2016-04-28 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2016-04-28 15:06 - 2016-04-28 15:06 - 00000000 ____D C:\Program Files (x86)\DsNET Corp 2016-04-28 15:06 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL 2016-04-28 15:02 - 2016-04-28 15:03 - 00307200 _____ C:\Users\user\Documents\Banco de Dados3.accdb 2016-04-28 14:52 - 2016-04-28 14:53 - 00294912 _____ C:\Users\user\Documents\Banco de Dados2.accdb 2016-04-28 14:48 - 2016-04-28 15:05 - 17172816 _____ (DsNET Corp ) C:\Users\user\Downloads\atube-catcher-3-8-8007-multi-win.exe 2016-04-28 14:47 - 2016-04-28 15:20 - 00520342 _____ C:\Users\user\Downloads\apostila-access-2007-basico.pdf 2016-04-28 10:44 - 2016-05-04 12:35 - 01564672 _____ C:\Users\user\Desktop\cadastro de estabelecimentos.mdb 2016-04-27 18:06 - 2010-01-31 23:12 - 00219117 _____ C:\Users\user\Desktop\Apresentação1.pptx 2016-04-27 12:51 - 2016-04-27 12:55 - 00000000 ____D C:\Users\user\Desktop\ROCK 90 CLIPES 2016-04-27 12:51 - 2016-04-27 12:54 - 00000000 ____D C:\Users\user\Desktop\MP3 ROCK BRASIL 2016-04-27 12:50 - 2016-04-27 12:53 - 00000000 ____D C:\Users\user\Desktop\ROCK DIVERSOS 2016-04-27 12:27 - 2016-04-27 12:27 - 305314873 _____ C:\Windows\MEMORY.DMP 2016-04-27 12:27 - 2016-04-27 12:27 - 00280824 _____ C:\Windows\Minidump\042716-25859-01.dmp 2016-04-27 12:27 - 2016-04-27 12:27 - 00000000 ____D C:\Windows\Minidump 2016-04-27 10:03 - 2016-04-27 10:44 - 00307200 _____ C:\Users\user\Documents\Banco de Dados1.accdb 2016-04-27 09:54 - 2016-04-27 09:54 - 00000000 ___SD C:\Users\user\Documents\Minhas fontes de dados 2016-04-27 09:17 - 2016-04-27 09:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-04-26 14:27 - 2016-04-26 14:27 - 00000000 ____D C:\Users\user\Desktop\{09316835-3188-481c-a359-0f8d2a937ac8} 6a4c722f 2016-04-26 11:00 - 2013-12-20 07:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-26 11:00 - 2013-12-20 07:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-04-26 11:00 - 2013-10-30 21:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-26 11:00 - 2013-10-30 21:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-04-26 10:57 - 2013-12-08 21:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2016-04-26 10:57 - 2013-12-08 20:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2016-04-25 17:34 - 2013-10-11 10:24 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2016-04-25 17:34 - 2013-10-11 10:03 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2016-04-25 17:00 - 2013-10-19 05:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2016-04-25 17:00 - 2013-10-19 04:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2016-04-25 13:06 - 2014-03-06 06:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-04-25 13:06 - 2014-03-06 06:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-25 13:06 - 2014-03-06 03:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-25 13:06 - 2014-03-06 03:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-04-25 13:06 - 2013-12-08 21:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-25 13:06 - 2013-12-08 20:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-25 13:06 - 2013-10-12 23:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2016-04-25 13:06 - 2013-10-12 18:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2016-04-25 13:06 - 2013-10-12 18:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-04-25 11:42 - 2016-04-25 11:42 - 00626408 _____ C:\Users\user\Downloads\Relatorio mensal mes de janeiro de 2016.pdf 2016-04-25 11:37 - 2016-04-25 11:38 - 00405870 _____ C:\Users\user\Downloads\Relatorio mensal mes de Novembro de 2015 - Cópia.pdf 2016-04-25 11:32 - 2013-11-23 01:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2016-04-25 11:32 - 2013-11-23 01:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2016-04-25 11:22 - 2013-10-05 11:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-04-25 11:22 - 2013-10-05 05:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-04-25 11:19 - 2014-01-07 02:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-04-25 11:19 - 2014-01-07 01:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-04-25 11:19 - 2013-11-21 03:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2016-04-25 11:19 - 2013-11-21 02:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2016-04-25 11:14 - 2014-03-10 07:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2016-04-25 11:14 - 2014-03-10 07:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2016-04-25 09:49 - 2014-02-10 23:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-04-25 09:49 - 2014-02-10 23:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-04-25 09:48 - 2016-04-25 12:47 - 00020480 _____ C:\Users\user\Desktop\ficha de produçao.xls 2016-04-25 09:46 - 2013-10-15 05:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2016-04-25 09:46 - 2013-10-15 05:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2016-04-25 09:41 - 2013-10-16 12:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-04-25 09:41 - 2013-10-16 10:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-04-25 09:25 - 2014-01-07 04:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe 2016-04-25 09:25 - 2014-01-07 02:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe 2016-04-25 00:36 - 2016-04-25 00:36 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudserd.sys 2016-04-25 00:35 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2016-04-25 00:35 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2016-04-24 11:07 - 2013-12-08 21:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2016-04-24 11:07 - 2013-11-09 03:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe 2016-04-24 11:07 - 2013-11-09 03:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll 2016-04-24 11:07 - 2013-11-09 02:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll 2016-04-19 13:12 - 2016-06-15 15:21 - 00000000 ____D C:\Users\user\Desktop\arquivo area de trabalho 2016-04-19 12:45 - 2016-04-19 12:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2016-04-19 12:42 - 2016-06-21 11:15 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-04-19 12:42 - 2016-06-08 10:55 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help 2016-04-19 10:47 - 2016-04-19 10:47 - 00000735 _____ C:\Users\Public\Desktop\SmartRecovery2.exe.lnk 2016-04-19 10:47 - 2016-04-19 10:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-19 10:47 - 2016-04-19 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2016-04-19 10:47 - 2016-04-19 10:47 - 00000000 ____D C:\Program Files\Gigabyte 2016-04-19 10:46 - 2016-06-21 11:14 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-19 10:46 - 2016-06-21 11:04 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-19 10:46 - 2016-05-25 21:12 - 00002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-19 10:46 - 2016-05-25 21:12 - 00002237 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-19 10:46 - 2016-05-25 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-04-19 10:46 - 2016-05-15 12:06 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-04-19 10:46 - 2016-05-15 12:06 - 00003830 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-04-19 10:46 - 2016-04-19 10:52 - 00000000 ____D C:\Users\user\AppData\Local\Google 2016-04-19 10:46 - 2016-04-19 10:46 - 00000000 ____D C:\Program Files (x86)\Google 2016-04-19 10:44 - 2016-04-19 11:37 - 00000010 _____ C:\Windows\GSetup.ini 2016-04-19 10:44 - 2009-08-27 04:04 - 00207400 ____R () C:\Windows\GSetup.exe 2016-04-19 10:09 - 2016-04-19 10:09 - 00000000 __RHD C:\MSOCache 2016-04-19 09:59 - 2016-04-19 09:59 - 00006966 _____ C:\Users\user\Downloads\comprovanteEmail.html 2016-04-19 09:47 - 2016-04-19 10:45 - 00000000 ____D C:\Users\user\AppData\Local\Adobe 2016-04-19 09:47 - 2016-04-19 09:47 - 00000000 ____D C:\Users\user\AppData\LocalLow\Adobe 2016-04-18 10:31 - 2016-04-18 10:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-04-18 10:31 - 2016-04-18 10:31 - 00002075 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2016-04-18 10:30 - 2016-04-24 10:36 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-04-18 10:30 - 2016-04-24 10:36 - 00000000 ____D C:\ProgramData\Adobe 2016-04-18 10:30 - 2016-04-18 10:30 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-04-18 10:27 - 2016-04-19 09:07 - 00000000 ____D C:\Users\user\AppData\Roaming\WinRAR 2016-04-18 10:27 - 2016-04-18 10:27 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-04-18 10:27 - 2016-04-18 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-04-18 10:27 - 2016-04-18 10:27 - 00000000 ____D C:\Program Files (x86)\WinRAR 2016-04-15 12:34 - 2016-04-15 12:36 - 00147486 _____ C:\Users\user\Downloads\Encaminha certificados do Curso de Processo Administrativo 21 a 25.09.2015.zip 2016-04-15 10:03 - 2016-04-15 10:03 - 00000000 ____D C:\Users\user\Desktop\DAVI SACER_Toque no Altar 2016-04-15 10:03 - 2016-04-15 10:03 - 00000000 ____D C:\Users\user\Desktop\Damares Ao Vivo 2016-04-13 12:26 - 2016-04-13 12:26 - 00000000 __SHD C:\Windows\ftpcache 2016-04-13 12:26 - 2016-04-13 12:26 - 00000000 ____D C:\Users\user\AppData\Roaming\Macromedia 2016-04-13 12:26 - 2016-04-13 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-04-13 12:26 - 2010-04-29 14:10 - 00127800 _____ (HP) C:\Windows\system32\HPSIsvc.exe 2016-04-13 12:26 - 2010-03-31 11:52 - 01366016 _____ C:\Windows\system32\HPM1210SM.exe 2016-04-13 12:26 - 2010-03-31 11:51 - 00407040 _____ C:\Windows\system32\HPM1210LM.DLL 2016-04-13 12:25 - 2016-04-13 12:25 - 00000000 ____D C:\Users\Todos os Usuários\HP 2016-04-13 12:25 - 2016-04-13 12:25 - 00000000 ____D C:\ProgramData\HP 2016-04-13 12:25 - 2016-04-13 12:25 - 00000000 ____D C:\Program Files\HP 2016-04-13 12:25 - 2010-04-28 12:49 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01007.dll 2016-04-13 12:25 - 2010-04-28 12:49 - 00082432 _____ C:\Windows\system32\mvusbews.dll 2016-04-13 12:25 - 2010-04-28 12:49 - 00020480 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys 2016-04-13 12:25 - 2010-04-28 12:49 - 00016384 _____ C:\Windows\system32\Drivers\HPM1210FAX.sys 2016-04-13 12:25 - 2010-03-31 14:49 - 00350720 _____ C:\Windows\system32\mvhlewsi.dll 2016-04-13 12:24 - 2010-04-28 12:49 - 00212992 _____ C:\Windows\system32\m1210wia.dll 2016-04-13 12:24 - 2010-04-28 12:49 - 00052224 _____ C:\Windows\system32\HPM1210SMs.dll 2016-04-13 12:02 - 2016-06-21 09:58 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BE5F97F7-371D-483D-ABD8-7C3F1A0A667D} 2016-04-13 11:56 - 2016-06-21 11:17 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3421025856-2253569183-1582983230-1001 ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-21 11:38 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp 2016-06-21 11:35 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness 2016-06-21 11:15 - 2013-08-22 12:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft 2016-06-21 11:15 - 2013-08-22 12:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-06-21 11:14 - 2013-09-30 00:59 - 00000000 ____D C:\Windows\ShellNew 2016-06-21 11:11 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\System 2016-06-21 11:11 - 2013-08-22 10:25 - 00000167 _____ C:\Windows\win.ini 2016-06-21 11:10 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-06-21 11:03 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-21 11:03 - 2013-08-22 11:44 - 00481592 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-21 10:25 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF 2016-06-16 15:42 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf 2016-06-16 15:31 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-06-13 09:29 - 2013-09-30 01:15 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-13 09:29 - 2013-09-30 00:56 - 00737880 _____ C:\Windows\system32\prfh0416.dat 2016-06-13 09:29 - 2013-09-30 00:56 - 00150516 _____ C:\Windows\system32\prfc0416.dat 2016-06-09 23:13 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-06-02 10:06 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData Alguns arquivos em TEMP: ==================== C:\Users\user\AppData\Local\Temp\ose00000.exe C:\Users\user\AppData\Local\Temp\ose00002.exe C:\Users\user\AppData\Local\Temp\ose00003.exe C:\Users\user\AppData\Local\Temp\ose00005.exe C:\Users\user\AppData\Local\Temp\ose00006.exe C:\Users\user\AppData\Local\Temp\siinst.exe C:\Users\user\AppData\Local\Temp\strings.dll C:\Users\user\AppData\Local\Temp\{1872B28F-1A12-4DAE-A924-25AB3D01D426}-50.0.2661.102_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{254B18CC-F9AB-491D-B613-92144E360DC8}-50.0.2661.94_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{42183769-07EA-4363-9448-AEEF37CD423E}-49.0.2623.112_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{705ED19C-8AE1-40AA-8E67-A721AEEB9D8E}-50.0.2661.87_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{7B43226D-E760-48B7-B5E4-735C6AF3FEAC}-50.0.2661.94_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{AB1E6B39-5596-4C09-B602-291CE511488B}-50.0.2661.94_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{CC10C5D1-82B4-4C22-8BBD-5AD957CBC3E5}-51.0.2704.103_50.0.2661.102_chrome_updater.exe C:\Users\user\AppData\Local\Temp\{E20B6ECD-9363-4951-A504-8B2A3A7E7E58}-50.0.2661.102_chrome_installer.exe C:\Users\user\AppData\Local\Temp\{FF22FD0E-D26B-41B9-903E-0E47B939CA40}-51.0.2704.84_50.0.2661.102_chrome_updater.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-06-20 10:40 ==================== Fim de FRST.txt ============================