Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11.11.2018 Executado por CAE Estagiario 2 (administrador) em TERMINAL_54 (13-11-2018 08:47:15) Executando a partir de C:\Users\CAE Estagiario 2\Desktop Perfis Carregados: CAE Estagiario 2 (Perfis Disponíveis: CAE Estagiario 2) Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINYE.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATILUE.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Autodesk, Inc.) C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Run: [EPLTarget\P0000000000000004] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATILUE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\...\Policies\Explorer: [] HKU\S-1-5-18\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10148352 2017-12-28] (FreeDownloadManager.org) Startup: C:\Users\CAE Estagiario 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2018-07-27] ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\CAE Estagiario 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2018-09-05] ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F4A468AB-19B1-4B18-A678-DA5517D6FDA3}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1163896442-2294502342-3331916392-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Sem Nome -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Nenhum Arquivo BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation) BHO-x32: Sem Nome -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Nenhum Arquivo BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-21] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: nyq0cejw.default FF ProfilePath: C:\Users\CAE Estagiario 2\AppData\Roaming\Mozilla\Firefox\Profiles\nyq0cejw.default [2018-11-09] FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-04-16] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2018-11-09] Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Profile: C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default [2018-11-13] CHR Extension: (Apresentações) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17] CHR Extension: (Documentos) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17] CHR Extension: (Google Drive) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21] CHR Extension: (YouTube) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21] CHR Extension: (Adblock Plus) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-09] CHR Extension: (Planilhas) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17] CHR Extension: (Documentos Google off-line) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-28] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16] CHR Extension: (Gmail) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21] CHR Extension: (Chrome Media Router) - C:\Users\CAE Estagiario 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-09] ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation) R2 hasplms; C:\Windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.) S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2896896 2017-09-29] (Microsoft Corporation) [Arquivo não assinado] R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [739520 2015-09-27] (@ByELDI) [Arquivo não assinado] R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-20] (GAS Tecnologia LTDA) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-24] (SafeNet Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [81368 2015-09-24] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [322560 2015-09-24] (SafeNet Inc.) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.) R1 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [92536 2017-06-05] (WinMount International Inc) S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2018-08-20] (GAS Tecnologia) R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [47064 2018-02-23] (GAS Tecnologia) S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44624 2017-11-29] (GAS Tecnologia) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-01-09] (GAS Tecnologia) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-11-13 08:47 - 2018-11-13 08:47 - 000014132 _____ C:\Users\CAE Estagiario 2\Desktop\FRST.txt 2018-11-13 08:46 - 2018-11-13 08:47 - 000000000 ____D C:\FRST 2018-11-13 08:45 - 2018-11-13 08:45 - 002415616 _____ (Farbar) C:\Users\CAE Estagiario 2\Desktop\FRST64.exe 2018-11-09 08:52 - 2018-11-09 08:52 - 000000000 ____D C:\Windows\SysWOW64\x64 2018-11-09 08:52 - 2009-09-23 19:30 - 001002008 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe 2018-11-09 08:47 - 2018-11-09 08:50 - 000000000 ____D C:\Windows\system32\MRT 2018-11-09 08:47 - 2018-11-09 08:47 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-11-09 08:43 - 2018-10-15 19:48 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2018-11-09 08:29 - 2018-11-09 08:35 - 014572000 _____ (Microsoft Corporation) C:\Users\CAE Estagiario 2\Desktop\vc_redist.x64.exe 2018-11-09 08:29 - 2018-11-09 08:30 - 001034556 _____ C:\Users\CAE Estagiario 2\Desktop\Windows6.1-KB2999226-x64.msu 2018-11-09 08:24 - 2016-06-25 14:03 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe 2018-11-09 08:18 - 2018-09-26 16:24 - 004928565 _____ C:\Users\CAE Estagiario 2\Desktop\Lagoa dos Patos.dwg 2018-11-06 16:40 - 2018-10-01 12:26 - 000393456 _____ C:\Users\CAE Estagiario 2\Desktop\32 37 38 41 43 44 45 46 47.dwg 2018-11-01 15:18 - 2018-11-01 19:04 - 000033280 _____ C:\Users\CAE Estagiario 2\Desktop\NEGOÇADO.xlt 2018-11-01 12:11 - 2018-11-01 12:59 - 039238075 _____ C:\Users\CAE Estagiario 2\Desktop\FRANCISCO SA - GERAL.xlsx ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2018-11-13 08:38 - 2009-07-14 02:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-11-13 08:38 - 2009-07-14 02:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-11-13 08:29 - 2018-03-26 16:29 - 000000913 _____ C:\Windows\Tasks\EPSON L365 Series Update {3D22E60E-A62D-4CD5-94FE-B31DB6628F7A}.job 2018-11-09 12:01 - 2017-03-21 11:45 - 000000000 ____D C:\Users\Todos os Usuários\Package Cache 2018-11-09 12:01 - 2017-03-21 11:45 - 000000000 ____D C:\ProgramData\Package Cache 2018-11-09 10:53 - 2017-09-12 09:15 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-11-09 10:52 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-11-09 10:39 - 2017-06-05 12:36 - 000784660 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-11-09 10:39 - 2009-07-14 15:55 - 000029408 _____ C:\Windows\system32\prfh0416.dat 2018-11-09 10:39 - 2009-07-14 15:55 - 000016298 _____ C:\Windows\system32\prfc0416.dat 2018-11-09 10:39 - 2009-07-14 01:20 - 000000000 ____D C:\Windows\inf 2018-11-09 10:38 - 2009-07-14 03:13 - 000784660 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-29 15:30 - 2017-03-21 11:33 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-10-23 13:29 - 2017-07-14 16:04 - 000000000 ____D C:\Users\CAE Estagiario 2\AppData\Local\ElevatedDiagnostics 2018-10-23 12:25 - 2017-03-21 11:31 - 000159968 _____ C:\Users\CAE Estagiario 2\AppData\Local\GDIPFONTCACHEV1.DAT ==================== Arquivos na raiz de alguns diretórios ======= 2017-06-27 16:50 - 2017-06-27 18:05 - 000000132 _____ () C:\Users\CAE Estagiario 2\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2017-06-28 18:19 - 2017-06-28 18:37 - 000000132 _____ () C:\Users\CAE Estagiario 2\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 Alguns arquivos em TEMP: ==================== 2017-03-21 11:36 - 2017-01-18 13:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\CAE Estagiario 2\AppData\Local\Temp\AcDeltree.exe 2017-03-21 11:44 - 2017-06-20 16:55 - 000000000 ____D () C:\Users\CAE Estagiario 2\AppData\Local\Temp\avgnt.exe 2013-10-03 15:05 - 2013-10-03 15:05 - 000303104 _____ (Borland International) C:\Users\CAE Estagiario 2\AppData\Local\Temp\cw3230.dll 2017-10-23 09:09 - 2017-10-23 09:09 - 001856576 _____ (Oracle Corporation) C:\Users\CAE Estagiario 2\AppData\Local\Temp\jre-8u151-windows-au.exe 2013-10-02 15:36 - 2013-10-02 15:36 - 001062400 _____ () C:\Users\CAE Estagiario 2\AppData\Local\Temp\testarhasp4Hydros.exe 2017-08-17 17:27 - 2017-08-17 17:49 - 000000000 _____ () C:\Users\CAE Estagiario 2\AppData\Local\Temp\{39DEDB31-119C-4CB9-B841-9BEDBFB2355A}-60.0.3112.101_60.0.3112.90_chrome_updater.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2018-11-06 16:11 ==================== Fim de FRST.txt ============================