FRST.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:07-02-2016
Executado por helderisa (administrador) em HELDERISA (08-02-2016 07:48:36)
Executando a partir de C:\Users\helderisa\Desktop
Perfis Carregados: helderisa (Perfis Disponíveis: helderisa)
Platform: Windows 10 Home Single Language Versão 1511 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\t_201601182044\201601182044\lsas.exe
(Google Inc.) C:\Users\helderisa\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\ProgramData\WindowsMsg\osmsg.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
( ) C:\Program Files (x86)\t_201601182044\201601182044\auds.exe
() C:\Program Files (x86)\t_201601182044\201601182044\tslog.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(AVG) C:\Users\helderisa\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\AVG PC Tuneup 2013 - 12.0.4020.3.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUInstallHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2010-09-28] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [sun7] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5357856 2016-01-19] (IObit)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\...\Run: [lsas] => C:\Program Files (x86)\t_201601182044\201601182044\lsas.exe [557184 2016-01-18] ()
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\...\Run: [Google Update] => C:\Users\helderisa\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-04] (Google Inc.)
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\...\Run: [osmsg] => C:\ProgramData\WindowsMsg\osmsg.exe [2036224 2016-02-04] ()
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\...\Run: [GoogleChromeAutoLaunch_1AFBFA91965BAE4C199ABCC4F136D231] => C:\Users\helderisa\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\...\RunOnce: [Uninstall C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-18\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
AppInit_DLLs: C:\ProgramData\Ecois\Inchity.dll => Nenhum Arquivo
AppInit_DLLs-x32: _C:\PROGRA~3\Ecois\TRUSTO~1.DLL => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\helderisa\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-05] (Microsoft Corporation)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50124;https=127.0.0.1:50124
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.50 8.8.8.8
Tcpip\..\Interfaces\{2854f460-e7d2-4f3d-8ff5-59cab4ced1d8}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{299a475e-ac02-4517-b6c7-056688fc55a7}: [DhcpNameServer] 192.168.0.50 8.8.8.8
Tcpip\..\Interfaces\{2b0fd2be-a217-11e5-84bc-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{8a68859a-0bfb-4ede-a2b5-5700d7e9c731}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{8a98e69c-f077-4334-bcf8-f6057a8a3de5}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{8ecc939f-a69c-4776-a172-efeba18f3ff1}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{950dc86e-9a8c-4bef-aedd-b609799c04ba}: [NameServer] 104.197.191.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSdgpZVAFARRhAeV8MTA0TQ1EOeF0IBxRERVQXdlsKUwlIEQcFIk0FA1ADB0VXfVBdFElXTwhwJVxqBEoETUFQCExa
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nwmeddnld_16_05¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0C0AzytDyE0D0EtAtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyCzz0D0BtC0D0FtGtByEzzzytGyByCyB0FtGtC0FtDyBtG0ByC0DyBtD0CtB0D0FtBtAzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtD0FyC0F0BtGtD0FtDyEtGyEtB0E0AtGzztC0BtCtG0D0F0F0A0DtDyDtAyEzyyD0D2QtN0A0LzuyE%26cr%3D1710384877%26a%3Dwncy_nwmeddnld_16_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pt&pid=NS&pvid=22.5.4.24
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pt&pid=NS&pvid=22.5.4.24
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pt&pid=NS&pvid=22.5.4.24
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.ibyte.com.br
HKU\S-1-5-21-4195741489-3349442942-2711558040-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ibyte.com.br
SearchScopes: HKLM -> DefaultScope {6BE7BB49-059D-485E-9E04-8287A38EC5DF} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgOUlhEGQRHbVoBBw1cFVdBJBQABQkXDABHIQ0OAwtDEQwTch9aFQQTSEcFME0FCFwEURNNfWpdBGsUUkBPNEpwFFs=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0C0AzytDyE0D0EtAtN0D0Tzu0StCyEzyyCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyB0E0EtB0E0DtCzztGtBtAtByBtG0AtBtB0EtGyB0B0AyCtGtDyD0CyCyC0ByBtD0Bzz0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtD0FyC0F0BtGtD0FtDyEtGyEtB0E0AtGzztC0BtCtG0D0F0F0A0DtDyDtAyEzyyD0D2QtN0A0LzuyE%26cr%3D593882937%26a%3Dwbf_nwmeddnld_16_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nwmeddnld_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0C0AzytDyE0D0EtAtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyCzz0D0BtC0D0FtGtByEzzzytGyByCyB0FtGtC0FtDyBtG0ByC0DyBtD0CtB0D0FtBtAzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtD0FyC0F0BtGtD0FtDyEtGyEtB0E0AtGzztC0BtCtG0D0F0F0A0DtDyDtAyEzyyD0D2QtN0A0LzuyE%26cr%3D1710384877%26a%3Dwncy_nwmeddnld_16_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKLM -> {6BE7BB49-059D-485E-9E04-8287A38EC5DF} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQgOUlhEGQRHbVoBBw1cFVdBJBQABQkXDABHIQ0OAwtDEQwTch9aFQQTSEcFME0FCFwEURNNfWpdBGsUUkBPNEpwFFs=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-4195741489-3349442942-2711558040-1001 -> OldSearch URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0C0AzytDyE0D0EtAtN0D0Tzu0StCyEzyyCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyB0E0EtB0E0DtCzztGtBtAtByBtG0AtBtB0EtGyB0B0AyCtGtDyD0CyCyC0ByBtD0Bzz0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtD0FyC0F0BtGtD0FtDyEtGyEtB0E0AtGzztC0BtCtG0D0F0F0A0DtDyDtAyEzyyD0D2QtN0A0LzuyE%26cr%3D593882937%26a%3Dwbf_nwmeddnld_16_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4195741489-3349442942-2711558040-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_nwmeddnld_16_05¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0C0AzytDyE0D0EtAtN0D0Tzu0StCyEzyyBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyCyCzz0D0BtC0D0FtGtByEzzzytGyByCyB0FtGtC0FtDyBtG0ByC0DyBtD0CtB0D0FtBtAzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0DtBtD0FyC0F0BtGtD0FtDyEtGyEtB0E0AtGzztC0BtCtG0D0F0F0A0DtDyDtAyEzyyD0D2QtN0A0LzuyE%26cr%3D1710384877%26a%3Dwncy_nwmeddnld_16_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome%2BSingle%2BLanguage&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4195741489-3349442942-2711558040-1001 -> {E59DE005-DE44-431F-BFC6-1A7F6028B524} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Sem Nome -> {16FA30C6-5333-4C7B-a199-367B6FD8EAC6} -> Nenhum Arquivo
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Sem Nome -> {16FA30C6-5333-4C7B-a199-367B6FD8EAC6} -> Nenhum Arquivo
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-23] (Oracle Corporation)
Toolbar: HKLM-x32 - Sem Nome - {D4027C7F-154A-4066-A1AD-4243D8127440} - Nenhum Arquivo

FireFox:
========
FF ProfilePath: C:\Users\helderisa\AppData\Roaming\Mozilla\Firefox\Profiles\3prdgf9x.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4195741489-3349442942-2711558040-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\helderisa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4195741489-3349442942-2711558040-1001: @talk.google.com/O1DPlugin -> C:\Users\helderisa\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4195741489-3349442942-2711558040-1001: @tools.google.com/Google Update;version=3 -> C:\Users\helderisa\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4195741489-3349442942-2711558040-1001: @tools.google.com/Google Update;version=9 -> C:\Users\helderisa\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF user.js: detected! => C:\Users\helderisa\AppData\Roaming\Mozilla\Firefox\Profiles\3prdgf9x.default\user.js [2016-02-08]
FF Plugin ProgramFiles/Appdata: C:\Users\helderisa\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\helderisa\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\helderisa\AppData\Roaming\Mozilla\Firefox\Profiles\3prdgf9x.default\searchplugins\norton-safe-search.xml [2016-02-07]
FF SearchPlugin: C:\Users\helderisa\AppData\Roaming\Mozilla\Firefox\Profiles\3prdgf9x.default\searchplugins\Search Provided by Yahoo.xml [2016-02-06]
FF Extension: Sem Nome - C:\Users\helderisa\AppData\Roaming\Mozilla\Firefox\Profiles\3prdgf9x.default\extensions\ascsurfingprotection@iobit.com [não encontrado (a)]
FF Extension: Sem Nome - C:\Program Files (x86)\IObit Apps Toolbar\FF [não encontrado (a)]
FF Extension: See Results Hub - C:\Users\helderisa\AppData\Roaming\Mozilla\Firefox\Profiles\3prdgf9x.default\Extensions\{2540267d-aa11-44c0-a126-5e639d7e2139}.xpi [2016-02-06] [não assinado]
FF Extension: New Tab by Yahoo - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-23] [não assinado]
FF HKLM\...\Firefox\Extensions: [{16FA30C6-5333-4C7B-a199-367B6FD8EAC6}] - C:\Program Files\shopperz300120160126\Firefox\{16FA30C6-5333-4C7B-a199-367B6FD8EAC6}.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [{77A3C874-6E3D-4183-82B0-17550BCB7346}] - C:\Program Files\shopperz030220160056\Firefox\{77A3C874-6E3D-4183-82B0-17550BCB7346}.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [{22581CF3-CE91-460D-8F4C-398487F1E439}] - C:\Program Files\shopperz040220161607\Firefox\{22581CF3-CE91-460D-8F4C-398487F1E439}.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon [2016-02-06] [não assinado]
FF HKLM\...\Firefox\Extensions: [{C67024ED-599D-461C-98DB-2A16640D86DE}] - C:\Program Files\shopperz070220161141\Firefox\{C67024ED-599D-461C-98DB-2A16640D86DE}.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [{37599D29-12D6-459C-80EC-10663B8C53A8}] - C:\Program Files\shopperz080220160029\Firefox\{37599D29-12D6-459C-80EC-10663B8C53A8}.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [{37599D29-12D6-459C-80EC-10663B8C53A8}] - C:\Program Files\shopperz080220160029\Firefox\{37599D29-12D6-459C-80EC-10663B8C53A8}.xpi => não encontrado (a)

Chrome:
=======
CHR Profile: C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-05]
CHR Extension: (Google Drive) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-02-06]
CHR Extension: (Google Search) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Google Sheets) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-05]
CHR Extension: (Sem Nome) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hobeooccbjcojgfopmkpkfloljgdpekm [2016-02-05]
CHR Extension: (Norton Identity Safe) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-02-06]
CHR Extension: (See Results Hub) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhmmjhokmklmflbcccbmpalngknjlef [2016-02-07] [UpdateUrl: hxxp://cdn.seeresultshub.com/update] <==== ATENÇÃO
CHR Extension: (Chrome Web Store Payments) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-30]
CHR Extension: (Gmail) - C:\Users\helderisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2016-02-06]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - chrome.exe

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [956192 2016-01-18] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-02-07] (Enigma Software Group USA, LLC.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2015-11-19] (Microsoft Corporation) [Arquivo não assinado]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S4 6C2AC548-088D-4356-9491-4B132853D88D; não ImagePath
S2 EraserSvc11520; "C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe" /h ccCommon [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160125.001\BHDrvx64.sys [1665608 2016-01-25] (Symantec Corporation)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34712 2016-02-07] ()
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605050.00F\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2016-02-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2016-02-05] (Symantec Corporation)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto) [Arquivo não assinado]
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160205.001\IDSvia64.sys [767224 2016-02-05] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160206.002\ENG64.SYS [138488 2016-02-05] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160206.002\EX64.SYS [2148080 2016-02-05] (Symantec Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605050.00F\SRTSP64.SYS [928496 2015-11-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605050.00F\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-11] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NSx64\1605050.00F\SymELAM.sys [24192 2015-09-23] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-02-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605050.00F\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605050.00F\SYMNETS.SYS [577768 2015-11-11] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 {5e399338-5cac-41fc-91a7-455ee6632d3f}Gw64; C:\Windows\System32\drivers\{5e399338-5cac-41fc-91a7-455ee6632d3f}Gw64.sys [48456 2016-02-05] (StdLib)
S3 EraserUtilDrv11511; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11511.sys [X]
S3 EraserUtilDrv11520; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11520.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-08 07:48 - 2016-02-08 07:48 - 00028605 _____ C:\Users\helderisa\Desktop\FRST.txt
2016-02-08 07:48 - 2016-02-08 07:48 - 00000000 ____D C:\FRST
2016-02-08 07:46 - 2016-02-08 07:48 - 02370560 _____ (Farbar) C:\Users\helderisa\Desktop\FRST64.exe
2016-02-08 07:35 - 2016-02-08 07:35 - 00002506 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_helderisa
2016-02-08 07:35 - 2016-02-08 07:35 - 00001363 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-02-08 07:35 - 2016-02-08 07:35 - 00000308 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_helderisa.job
2016-02-08 07:35 - 2016-02-08 07:35 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-02-08 07:35 - 2016-02-08 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-02-08 07:34 - 2016-02-08 07:40 - 00002172 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-02-08 07:34 - 2016-02-08 07:34 - 00002448 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_SISTEMA
2016-02-08 07:34 - 2016-02-08 07:34 - 00000268 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_SISTEMA.job
2016-02-08 07:34 - 2016-02-08 07:34 - 00000000 ____D C:\Users\Todos os Usuários\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-08 07:34 - 2016-02-08 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-02-08 07:34 - 2016-02-08 07:34 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-02-08 07:28 - 2016-02-08 07:28 - 00001179 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2016-02-08 07:28 - 2016-02-08 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2016-02-08 07:28 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\SysWOW64\IObitSmartDefragExtension.dll
2016-02-08 07:28 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2016-02-08 07:28 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2016-02-08 07:28 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2016-02-08 06:52 - 2016-02-08 06:52 - 00001258 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-02-08 06:52 - 2016-02-08 06:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-02-08 06:41 - 2016-02-08 06:41 - 00000000 ____D C:\Users\helderisa\Downloads\IOBTMP40217
2016-02-08 06:25 - 2016-02-08 06:38 - 41211971 _____ C:\Users\helderisa\Downloads\IOBTMP40217.rar
2016-02-08 06:15 - 2016-02-08 06:15 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\AVG
2016-02-08 06:15 - 2016-02-08 06:15 - 00000000 ____D C:\Program Files (x86)\AVG
2016-02-08 06:14 - 2016-02-08 06:14 - 00000000 __SHD C:\Users\Todos os Usuários\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2016-02-08 06:14 - 2016-02-08 06:14 - 00000000 __SHD C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2016-02-08 06:14 - 2016-02-08 06:14 - 00000000 ____D C:\Users\Todos os Usuários\AVG
2016-02-08 06:14 - 2016-02-08 06:14 - 00000000 ____D C:\ProgramData\AVG
2016-02-08 06:07 - 2016-02-08 06:07 - 00001140 _____ C:\Users\helderisa\Desktop\SpyHunter.lnk
2016-02-08 06:07 - 2016-02-08 06:07 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Enigma Software Group
2016-02-08 06:05 - 2016-02-08 06:07 - 00000000 ____D C:\sh4ldr
2016-02-08 06:05 - 2016-02-07 21:35 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-02-08 06:04 - 2016-02-08 06:04 - 00000000 ___HD C:\OneDriveTemp
2016-02-07 21:34 - 2016-02-07 21:34 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-07 21:33 - 2016-02-07 21:34 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\helderisa\Downloads\SpyHunter-Installer.exe
2016-02-07 21:29 - 2016-02-07 21:29 - 00000000 ____D C:\Users\helderisa\Downloads\SPYHNT
2016-02-07 20:52 - 2016-02-07 20:52 - 00000000 ____D C:\WINDOWS\system32\oxup
2016-02-07 20:52 - 2016-02-07 20:52 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\JabliTeijne
2016-02-07 20:51 - 2016-02-07 21:07 - 00002356 _____ C:\WINDOWS\System32\Tasks\Tuhdufu
2016-02-07 20:45 - 2016-02-08 07:40 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-02-07 20:45 - 2016-02-07 20:47 - 00000000 ____D C:\Users\Todos os Usuários\3a65b31f-fd78-451b-b99b-7557d173b95d
2016-02-07 20:45 - 2016-02-07 20:47 - 00000000 ____D C:\ProgramData\3a65b31f-fd78-451b-b99b-7557d173b95d
2016-02-07 20:45 - 2016-02-07 20:46 - 00000000 ____D C:\Program Files (x86)\See Results Hub
2016-02-07 20:45 - 2016-02-07 20:45 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\ASPackage
2016-02-07 20:45 - 2016-02-07 20:45 - 00000000 ____D C:\Program Files (x86)\12EDE002-1454888756-E111-B238-DC0EA1C7CA90
2016-02-07 19:32 - 2016-02-07 20:51 - 00061336 _____ (Cherimoya Ltd) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-02-07 17:57 - 2016-02-07 21:07 - 00162884 _____ C:\spyhunter.fix
2016-02-07 17:57 - 2016-02-07 21:07 - 00000000 ___HD C:\0QtWPEmJ2UDHOdFp
2016-02-07 16:54 - 2016-02-07 16:54 - 00000000 _____ C:\autoexec.bat
2016-02-07 16:21 - 2016-02-07 16:44 - 69740618 _____ C:\Users\helderisa\Downloads\SPYHNT.rar
2016-02-07 16:07 - 2016-02-07 16:07 - 00000000 ____D C:\Program Files (x86)\12EDE002-1454872046-E111-B238-DC0EA1C7CA90
2016-02-07 16:05 - 2016-02-07 16:05 - 00000008 _____ C:\END
2016-02-07 16:04 - 2016-02-07 16:04 - 00000000 ____D C:\Users\helderisa\AppData\Local\ElevatedDiagnostics
2016-02-07 16:01 - 2016-02-07 17:57 - 00002768 _____ C:\WINDOWS\System32\Tasks\{A29F25FD-B2E0-4CA4-82AD-BB8376D4D3A0}
2016-02-07 15:55 - 2016-02-07 15:55 - 00003420 _____ C:\WINDOWS\System32\Tasks\Pakrujr
2016-02-07 15:49 - 2016-02-07 15:49 - 00000000 ____D C:\Users\helderisa\AppData\Local\macpromosoft
2016-02-07 15:29 - 2016-02-07 15:38 - 00000000 ____D C:\Program Files (x86)\12EDE002-1454869797-E111-B238-DC0EA1C7CA90
2016-02-07 15:21 - 2016-02-07 15:27 - 00000000 ____D C:\Users\helderisa\Desktop\Organizar
2016-02-06 20:14 - 2016-02-08 06:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2016-02-06 20:09 - 2016-02-06 20:09 - 00003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-02-06 16:54 - 2016-02-06 20:05 - 00067632 _____ (Symantec Corporation) C:\WINDOWS\system32\msln.exe
2016-02-06 09:41 - 2016-02-06 09:41 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-02-06 09:40 - 2016-02-06 09:41 - 00000000 ____D C:\Users\helderisa\AppData\Local\Chromium
2016-02-06 08:03 - 2016-02-06 20:09 - 00002389 _____ C:\Users\Public\Desktop\Norton Security.LNK
2016-02-06 08:03 - 2016-02-06 08:03 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2016-02-06 08:03 - 2016-02-06 08:03 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2016-02-06 08:03 - 2016-02-06 08:03 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-02-06 08:02 - 2016-02-07 15:43 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2016-02-06 08:02 - 2016-02-06 20:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2016-02-06 08:02 - 2016-02-06 08:02 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-02-06 08:02 - 2016-02-06 08:02 - 00000000 ____D C:\Program Files (x86)\Norton Security
2016-02-06 07:54 - 2016-02-07 17:57 - 00000000 ____D C:\Users\Todos os Usuários\Browser
2016-02-06 07:54 - 2016-02-07 17:57 - 00000000 ____D C:\ProgramData\Browser
2016-02-06 07:53 - 2016-02-06 07:53 - 00000000 ____D C:\WebShield
2016-02-05 21:32 - 2016-02-05 21:32 - 00000000 ____D C:\Users\helderisa\AppData\Local\Setup589796
2016-02-05 21:22 - 2016-02-05 21:22 - 00000000 ____D C:\WINDOWS\system32\ojet
2016-02-05 21:08 - 2016-02-05 21:08 - 00000000 ____D C:\Users\helderisa\AppData\Local\Setup48121078
2016-02-05 20:14 - 2016-02-06 17:00 - 00000000 ____D C:\Users\helderisa\AppData\Local\{F937CF6B-DD9F-A3D3-B007-863B946F7AA3}
2016-02-05 18:30 - 2016-02-05 18:30 - 00000045 _____ C:\Users\helderisa\AppData\Roaming\WB.CFG
2016-02-05 17:43 - 2016-02-05 17:44 - 00014077 _____ C:\Users\helderisa\Downloads\AUTORIZAÇAO ENTRADA - Fernando Corretor.odt
2016-02-05 17:43 - 2016-02-05 17:43 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-05 17:42 - 2016-02-05 17:42 - 00114851 _____ C:\Users\helderisa\Downloads\Novo Documento 22(1).pdf
2016-02-05 17:34 - 2016-02-05 17:34 - 00002475 _____ C:\WINDOWS\patsearch.bin
2016-02-05 17:34 - 2016-02-05 17:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2016-02-05 17:33 - 2016-02-05 08:35 - 00048456 _____ (StdLib) C:\WINDOWS\system32\Drivers\{5e399338-5cac-41fc-91a7-455ee6632d3f}Gw64.sys
2016-02-05 17:29 - 2016-02-05 17:29 - 00000000 ____D C:\Users\Todos os Usuários\bb3c5f55-3783-1
2016-02-05 17:29 - 2016-02-05 17:29 - 00000000 ____D C:\Users\Todos os Usuários\bb3c5f55-0ef5-0
2016-02-05 17:29 - 2016-02-05 17:29 - 00000000 ____D C:\ProgramData\bb3c5f55-3783-1
2016-02-05 17:29 - 2016-02-05 17:29 - 00000000 ____D C:\ProgramData\bb3c5f55-0ef5-0
2016-02-05 17:28 - 2016-02-07 17:57 - 00000000 ____D C:\Users\Todos os Usuários\Ecoiss
2016-02-05 17:28 - 2016-02-07 17:57 - 00000000 ____D C:\ProgramData\Ecoiss
2016-02-05 17:28 - 2016-02-06 17:38 - 00000000 ____D C:\Users\Todos os Usuários\Ecois
2016-02-05 17:28 - 2016-02-06 17:38 - 00000000 ____D C:\ProgramData\Ecois
2016-02-05 17:23 - 2016-02-05 17:23 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\UG
2016-02-05 17:22 - 2016-02-06 07:54 - 00003526 _____ C:\WINDOWS\System32\Tasks\Ovirrumuuln
2016-02-05 17:22 - 2016-02-05 17:22 - 00000000 ____D C:\Users\Todos os Usuários\Ovirrumuuln
2016-02-05 17:22 - 2016-02-05 17:22 - 00000000 ____D C:\ProgramData\Ovirrumuuln
2016-02-05 08:24 - 2016-02-06 16:54 - 00000000 ____D C:\Users\helderisa\AppData\Local\BrowserHelper
2016-02-05 08:22 - 2016-02-06 20:43 - 00000000 ____D C:\Users\Todos os Usuários\KgRtLGRqonw
2016-02-05 08:22 - 2016-02-06 20:43 - 00000000 ____D C:\ProgramData\KgRtLGRqonw
2016-02-05 08:22 - 2016-02-06 20:07 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Uniblue
2016-02-05 08:22 - 2016-02-06 20:07 - 00000000 ____D C:\Program Files (x86)\Uniblue
2016-02-05 08:22 - 2016-02-05 08:22 - 00631808 _____ C:\WINDOWS\qyr.dat
2016-02-05 08:21 - 2016-02-05 08:21 - 00004102 _____ C:\WINDOWS\System32\Tasks\LaunchPreSignup
2016-02-05 08:20 - 2016-02-06 08:03 - 00000000 ____D C:\Users\helderisa\AppData\Local\Setup Wizard
2016-02-05 08:20 - 2016-02-05 08:20 - 00003118 _____ C:\WINDOWS\System32\Tasks\ttwifi
2016-02-05 08:20 - 2016-02-05 08:20 - 00003012 _____ C:\WINDOWS\System32\Tasks\osTip
2016-02-05 08:19 - 2016-02-07 17:57 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-05 08:19 - 2016-02-06 07:48 - 00003652 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-02-05 08:19 - 2016-02-05 08:20 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-05 08:19 - 2016-02-05 08:20 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-05 08:19 - 2016-02-05 08:19 - 00060136 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-02-05 08:19 - 2016-02-05 08:19 - 00003420 _____ C:\WINDOWS\System32\Tasks\Aneboeh
2016-02-05 08:19 - 2016-02-05 08:19 - 00003056 _____ C:\WINDOWS\System32\Tasks\Pritc
2016-02-05 08:19 - 2016-02-05 08:19 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\gplyra
2016-02-05 08:03 - 2016-02-05 08:03 - 00003306 _____ C:\WINDOWS\System32\Tasks\crash_service
2016-02-05 08:03 - 2016-02-05 08:03 - 00003282 _____ C:\WINDOWS\System32\Tasks\Run_Bobby_Browser
2016-02-05 08:00 - 2016-02-05 08:00 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-05 08:00 - 2016-02-05 08:00 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-02-05 08:00 - 2016-02-05 08:00 - 00000000 ____D C:\Program Files (x86)\CalendarTool
2016-02-04 14:56 - 2016-02-04 14:57 - 00000000 ____D C:\Users\helderisa\Desktop\Vendas
2016-02-04 14:35 - 2016-02-04 14:36 - 00496973 _____ C:\Users\helderisa\Downloads\Novo Documento 15_1.pdf
2016-02-04 13:31 - 2016-02-04 13:31 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2016-02-04 13:31 - 2016-02-04 13:31 - 00000000 ____D C:\ProgramData\Samsung
2016-02-04 13:31 - 2016-02-04 13:31 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2016-02-04 13:31 - 2016-02-04 13:31 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2016-02-04 12:25 - 2016-02-04 12:25 - 00475371 _____ C:\Users\helderisa\Downloads\Novo Documento 14_1.pdf
2016-02-04 12:06 - 2016-02-04 12:06 - 00004278 _____ C:\Users\helderisa\Downloads\Tabela de custas 2016.pdf
2016-02-04 09:36 - 2016-02-04 09:36 - 00234987 _____ C:\Users\helderisa\Downloads\ORÇAMENTO CONTRATO DE LOCAÇÃO(1).pdf
2016-02-03 17:23 - 2016-02-03 17:23 - 00119393 _____ C:\Users\helderisa\Downloads\ANNA KAROLINNE BRITO DE SOUZA - spc.pdf
2016-02-03 17:23 - 2016-02-03 17:23 - 00100081 _____ C:\Users\helderisa\Downloads\PETIÇÃO DE CUMPRIMENTO - OF.pdf
2016-02-03 17:23 - 2016-02-03 17:23 - 00054916 _____ C:\Users\helderisa\Downloads\ANNA KAROLINNE BRITO DE SOUZA - serasa.pdf
2016-02-03 15:32 - 2016-02-03 15:33 - 02882220 _____ C:\Users\helderisa\Downloads\15ª Alteração CS IREP_Final (03 02 14).pdf
2016-02-03 15:31 - 2016-02-03 15:31 - 00829443 _____ C:\Users\helderisa\Downloads\SUBSTABELECIMENTO ESTÁCIO.pdf
2016-02-03 15:27 - 2016-02-03 15:27 - 00443427 _____ C:\Users\helderisa\Downloads\SUBSTABELECIMENTO CE - JANEIRO 2016.pdf
2016-02-03 15:24 - 2016-02-03 15:24 - 00491986 _____ C:\Users\helderisa\Downloads\ATOS.pdf
2016-02-03 15:21 - 2016-02-03 15:22 - 00669497 _____ C:\Users\helderisa\Downloads\PROCURAÇÃO.pdf
2016-02-03 15:21 - 2016-02-03 15:21 - 00451615 ____T C:\Users\helderisa\Downloads\uio.pdf
2016-02-03 15:18 - 2016-02-03 15:19 - 00311599 _____ C:\Users\helderisa\Downloads\CARTA DE PREPOSIÇÃO.pdf
2016-02-03 15:15 - 2016-02-03 15:15 - 00325922 _____ C:\Users\helderisa\Downloads\SUBSTABELECIMENTO FERNANDA.pdf
2016-02-03 15:04 - 2016-02-03 15:04 - 00421958 _____ C:\Users\helderisa\Downloads\CONTESTAÇÃO (FRAUDE -MATRÍCULA) - ANA KAROLINNE BRITO DE SOUZA.pdf
2016-02-03 14:54 - 2016-02-03 14:54 - 00472319 _____ C:\Users\helderisa\Downloads\CONTRATO.pdf
2016-02-03 14:52 - 2016-02-03 14:53 - 00238069 _____ C:\Users\helderisa\Downloads\Estatuto de 28.4.2011 - Banco Bradesco Financiamentos S.A..pdf
2016-02-03 14:49 - 2016-02-03 14:49 - 00287507 _____ C:\Users\helderisa\Downloads\ATA - Banco Bradesco Financiamentos S.A..pdf
2016-02-03 14:46 - 2016-02-03 14:46 - 00618377 _____ C:\Users\helderisa\Downloads\CONTESTAÇÃO 15652.pdf
2016-02-03 14:45 - 2016-02-03 14:45 - 00072107 _____ C:\Users\helderisa\Downloads\SUBSTABELECIMENTO 15652.pdf
2016-02-03 14:43 - 2016-02-03 14:43 - 00576105 _____ C:\Users\helderisa\Downloads\PROCURACAO - GRUPO BRADESCO - SAMPAIO.PDF
2016-02-03 14:42 - 2016-02-03 14:43 - 00084256 _____ C:\Users\helderisa\Downloads\CARTA DE PREPOSIÇÃO 15652.pdf
2016-02-03 14:42 - 2016-02-03 14:42 - 01092538 _____ C:\Users\helderisa\Downloads\inicial.pdf
2016-02-03 14:35 - 2016-02-03 14:35 - 02293823 _____ C:\Users\helderisa\Downloads\sentença(1).pdf
2016-02-03 12:08 - 2016-02-03 12:08 - 00053140 _____ C:\Users\helderisa\Downloads\Planilha atualizada - 02.02.15.ods
2016-02-03 11:06 - 2016-02-03 11:07 - 00234987 _____ C:\Users\helderisa\Downloads\ORÇAMENTO CONTRATO DE LOCAÇÃO.pdf
2016-02-03 09:12 - 2016-02-03 09:12 - 00001224 _____ C:\Users\helderisa\Downloads\comprovante(2).pdf
2016-02-03 09:08 - 2016-02-03 09:08 - 00001372 _____ C:\Users\helderisa\Downloads\comprovante(1).pdf
2016-02-02 21:47 - 2016-02-07 20:51 - 00034712 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2016-02-02 21:47 - 2016-02-02 21:47 - 00003418 _____ C:\WINDOWS\System32\Tasks\Awuzuke
2016-02-02 20:55 - 2016-02-02 20:55 - 00053854 _____ C:\Users\helderisa\Downloads\Planilha atualizada - 20.11.15.ods
2016-02-02 18:13 - 2016-02-02 18:14 - 01155588 _____ C:\Users\helderisa\Downloads\Novo Documento 13.pdf
2016-02-02 17:48 - 2016-02-02 17:48 - 00284883 _____ C:\Users\helderisa\Downloads\Novo Documento 12_1.pdf
2016-02-02 14:40 - 2016-02-02 14:40 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4195741489-3349442942-2711558040-1001Core1d15de0dcd33f39.job
2016-02-02 12:26 - 2016-02-02 12:27 - 01092027 _____ C:\Users\helderisa\Downloads\073116.PDF
2016-02-02 10:24 - 2016-02-02 10:24 - 00053605 _____ C:\Users\helderisa\Downloads\Telefones-Atualizados.ods
2016-02-01 16:36 - 2016-02-01 16:37 - 00001198 _____ C:\Users\helderisa\Downloads\comprovante.pdf
2016-02-01 10:42 - 2016-02-01 10:42 - 00040756 _____ C:\Users\helderisa\Downloads\PAUTA.odt
2016-02-01 10:16 - 2016-02-01 10:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-02-01 10:16 - 2016-02-01 10:16 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Samsung
2016-02-01 10:16 - 2016-02-01 10:16 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-02-01 10:10 - 2016-02-01 10:16 - 41702008 _____ (Samsung Electronics Co., Ltd.) C:\Users\helderisa\Downloads\EPM_V1.05.81.00.exe
2016-02-01 10:07 - 2016-02-01 10:07 - 00145518 _____ C:\Users\helderisa\Documents\cc_20160201_100706.reg
2016-02-01 10:01 - 2016-02-01 10:03 - 15377311 _____ C:\Users\helderisa\Downloads\uld_v1.00.36_00.91.tar.gz
2016-02-01 09:38 - 2016-02-01 09:39 - 04316280 _____ (Piriform Ltd) C:\Users\helderisa\Downloads\ccsetup400.exe
2016-01-31 20:29 - 2016-01-31 20:29 - 00073216 _____ C:\Users\helderisa\Downloads\PlanilhaOrcamentoPessoalEdu.xls
2016-01-31 15:46 - 2016-01-31 15:46 - 00016096 _____ C:\Users\helderisa\Downloads\A ATUAÇÃO DO JUIZ LEIGO - FECHAMENTO.odt
2016-01-31 14:49 - 2016-01-31 14:49 - 00027867 _____ C:\Users\helderisa\Downloads\PELICULAS - 23.01.16 Para ver.ods
2016-01-31 08:03 - 2016-01-31 08:03 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\TeamViewer
2016-01-30 22:58 - 2016-01-30 22:58 - 00000162 ____H C:\Users\helderisa\Desktop\~$norários Advocatícios - final - 2.odt
2016-01-30 17:30 - 2016-01-30 17:30 - 00001259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2016-01-30 17:30 - 2016-01-30 17:30 - 00001247 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2016-01-30 17:30 - 2016-01-30 17:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-30 17:30 - 2013-06-06 03:24 - 00035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2016-01-30 17:24 - 2016-01-30 17:26 - 06982400 _____ (TeamViewer GmbH) C:\Users\helderisa\Downloads\TeamViewer_Setup.exe
2016-01-30 02:01 - 2016-01-30 02:01 - 00000000 ____D C:\WINDOWS\system32\lon
2016-01-29 21:46 - 2016-01-30 14:14 - 00000000 ____D C:\Users\helderisa\AppData\Local\12EDE002-1454104019-E111-B238-DC0EA1C7CA90
2016-01-29 21:37 - 2016-02-06 08:21 - 00000000 ____D C:\Program Files (x86)\12EDE002-1454114255-E111-B238-DC0EA1C7CA90
2016-01-29 21:36 - 2016-02-07 15:51 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-29 21:36 - 2016-02-07 15:51 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-01-29 21:35 - 2016-02-07 20:53 - 00000000 ____D C:\Users\helderisa\AppData\Local\Tempfolder
2016-01-29 21:34 - 2016-02-07 20:51 - 00000000 ____D C:\uninst
2016-01-29 21:34 - 2016-02-07 17:57 - 00002358 _____ C:\WINDOWS\System32\Tasks\Xuolagi
2016-01-29 21:34 - 2016-01-29 21:34 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-01-29 21:34 - 2016-01-29 21:34 - 00000000 ____D C:\Users\helderisa\AppData\LocalLow\Company
2016-01-27 18:09 - 2016-01-16 03:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-27 18:09 - 2016-01-16 03:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-27 18:09 - 2016-01-16 03:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-27 18:09 - 2016-01-16 03:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-27 18:09 - 2016-01-16 03:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-27 18:09 - 2016-01-16 03:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-27 18:09 - 2016-01-16 03:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-27 18:09 - 2016-01-16 03:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-27 18:09 - 2016-01-16 03:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-27 18:09 - 2016-01-16 03:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-27 18:09 - 2016-01-16 03:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-27 18:09 - 2016-01-16 03:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-27 18:09 - 2016-01-16 03:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-27 18:09 - 2016-01-16 03:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-27 18:09 - 2016-01-16 03:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-27 18:09 - 2016-01-16 03:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-27 18:09 - 2016-01-16 03:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-27 18:09 - 2016-01-16 03:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-27 18:09 - 2016-01-16 03:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-27 18:09 - 2016-01-16 03:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-27 18:09 - 2016-01-16 03:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-27 18:09 - 2016-01-16 03:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-27 18:09 - 2016-01-16 03:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-27 18:09 - 2016-01-16 03:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-27 18:09 - 2016-01-16 03:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-27 18:09 - 2016-01-16 03:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-27 18:09 - 2016-01-16 03:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-27 18:09 - 2016-01-16 03:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-27 18:09 - 2016-01-16 02:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-27 18:09 - 2016-01-16 02:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-27 18:09 - 2016-01-16 02:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-27 18:09 - 2016-01-16 02:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-27 18:09 - 2016-01-16 02:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-27 18:09 - 2016-01-16 02:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-27 18:09 - 2016-01-16 02:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-27 18:09 - 2016-01-16 02:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-27 18:09 - 2016-01-16 02:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-27 18:09 - 2016-01-16 02:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-27 18:09 - 2016-01-16 02:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-27 18:09 - 2016-01-16 02:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-27 18:09 - 2016-01-16 02:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-27 18:09 - 2016-01-16 02:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-27 18:09 - 2016-01-16 02:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-27 18:09 - 2016-01-16 02:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-27 18:09 - 2016-01-16 02:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-27 18:09 - 2016-01-16 02:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-27 18:09 - 2016-01-16 02:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-27 18:09 - 2016-01-16 02:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-27 18:09 - 2016-01-16 02:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-27 18:09 - 2016-01-16 02:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-27 18:09 - 2016-01-16 02:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-27 18:09 - 2016-01-16 02:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-27 18:09 - 2016-01-16 02:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-27 18:09 - 2016-01-16 02:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-27 18:09 - 2016-01-16 02:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-27 18:09 - 2016-01-16 02:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-27 18:09 - 2016-01-16 02:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-27 18:09 - 2016-01-16 02:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-27 18:09 - 2016-01-16 02:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-27 18:09 - 2016-01-16 02:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-27 18:09 - 2016-01-16 02:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-27 18:09 - 2016-01-16 02:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-27 18:09 - 2016-01-16 02:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-27 18:09 - 2016-01-16 02:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-27 18:09 - 2016-01-16 02:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-27 18:09 - 2016-01-16 02:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-27 18:09 - 2016-01-16 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-27 18:09 - 2016-01-16 02:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-27 18:09 - 2016-01-16 02:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-27 18:09 - 2016-01-16 02:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-27 18:09 - 2016-01-16 02:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-27 18:09 - 2016-01-16 02:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-27 18:09 - 2016-01-16 02:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-27 18:09 - 2016-01-16 02:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-27 18:09 - 2016-01-16 02:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-27 18:09 - 2016-01-16 02:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-27 18:09 - 2016-01-16 02:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-27 18:09 - 2016-01-16 02:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-27 18:09 - 2016-01-16 02:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-27 18:09 - 2016-01-16 02:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-27 18:09 - 2016-01-16 02:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-27 18:09 - 2016-01-16 02:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-27 18:09 - 2016-01-16 02:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-27 18:09 - 2016-01-16 02:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-27 18:09 - 2016-01-16 02:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-27 18:09 - 2016-01-16 02:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-27 18:09 - 2016-01-16 02:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-27 18:09 - 2016-01-16 02:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-27 18:09 - 2016-01-16 02:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-27 18:09 - 2016-01-16 02:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-27 18:09 - 2016-01-16 02:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-27 18:09 - 2016-01-16 02:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-27 18:09 - 2016-01-16 02:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-27 18:09 - 2016-01-16 02:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-27 18:09 - 2016-01-16 02:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-27 18:09 - 2016-01-16 02:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-27 18:09 - 2016-01-16 02:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-27 18:09 - 2016-01-16 02:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-27 18:09 - 2016-01-16 02:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-27 18:09 - 2016-01-16 02:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-27 18:09 - 2016-01-16 02:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-27 18:09 - 2016-01-16 02:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-27 18:09 - 2016-01-16 02:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-27 18:09 - 2016-01-16 02:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-27 18:09 - 2016-01-16 02:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-27 18:09 - 2016-01-16 02:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-27 18:09 - 2016-01-16 02:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-27 18:09 - 2016-01-16 02:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-27 18:09 - 2016-01-16 02:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-27 18:09 - 2016-01-16 02:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-27 18:09 - 2016-01-16 02:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-27 18:09 - 2016-01-16 02:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-27 18:09 - 2016-01-16 02:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-27 18:09 - 2016-01-16 02:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-27 18:09 - 2016-01-16 02:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-27 18:09 - 2016-01-16 02:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-27 18:09 - 2016-01-16 02:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-27 18:09 - 2016-01-16 02:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-27 18:09 - 2016-01-16 02:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-27 18:09 - 2016-01-16 02:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-27 18:09 - 2016-01-16 02:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-27 18:09 - 2016-01-16 02:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-27 18:09 - 2016-01-16 02:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-27 18:09 - 2016-01-16 02:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-27 13:04 - 2016-01-27 13:04 - 00769381 _____ C:\Users\helderisa\Downloads\Novo Documento 10(1).pdf
2016-01-27 13:01 - 2016-01-27 13:01 - 00398602 _____ C:\Users\helderisa\Downloads\ScanDir312.pdf
2016-01-27 08:09 - 2016-02-06 19:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-26 21:47 - 2016-01-26 21:48 - 00769381 _____ C:\Users\helderisa\Downloads\Novo Documento 10.pdf
2016-01-26 12:08 - 2016-01-26 12:08 - 00250574 ____T C:\Users\helderisa\Downloads\MENSALIDADE 1 - PROMINAS.pdf
2016-01-26 12:07 - 2016-01-26 12:07 - 00251338 ____T C:\Users\helderisa\Downloads\TAXA DE INSCRIÇÃO - PARCELA 2.pdf
2016-01-26 09:05 - 2016-01-26 09:05 - 00423621 _____ C:\Users\helderisa\Downloads\Fatura dos Correios.pdf
2016-01-26 09:05 - 2016-01-26 09:05 - 00058925 _____ C:\Users\helderisa\Downloads\Fatura Pedro.pdf
2016-01-26 08:47 - 2016-01-26 08:47 - 00095029 _____ C:\Users\helderisa\Downloads\Fatura Correios(1).pdf
2016-01-26 08:34 - 2016-01-26 08:34 - 00435952 _____ C:\Users\helderisa\Downloads\Novo Documento 26.pdf
2016-01-26 08:33 - 2016-01-26 08:33 - 00272259 _____ C:\Users\helderisa\Downloads\Novo Documento 23Adicionar Pessoas 1.pdf
2016-01-25 17:49 - 2016-01-25 17:49 - 00133631 _____ C:\Users\helderisa\Downloads\Fatura Correios.pdf
2016-01-25 14:00 - 2016-01-25 14:00 - 00786268 _____ C:\Users\helderisa\Downloads\Novo Documento 6.pdf
2016-01-25 10:56 - 2016-01-25 10:56 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Apple Computer
2016-01-25 10:44 - 2016-01-25 10:44 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\ProductData
2016-01-25 10:43 - 2016-02-08 07:35 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-01-25 10:43 - 2016-02-08 07:35 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\IObit
2016-01-25 10:43 - 2016-02-08 07:35 - 00000000 ____D C:\ProgramData\ProductData
2016-01-25 10:43 - 2016-02-08 07:27 - 00000000 ____D C:\Users\helderisa\AppData\LocalLow\IObit
2016-01-25 10:42 - 2016-02-08 07:35 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-25 10:42 - 2016-02-08 07:28 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-01-25 10:42 - 2016-02-08 07:28 - 00000000 ____D C:\ProgramData\IObit
2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\Users\Todos os Usuários\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-01-25 10:11 - 2016-01-25 10:11 - 00108225 _____ C:\Users\helderisa\Downloads\DEFINIÇÕES E CONCEPÇÕES DE DIREITO EM ALCÂNTARA NOGUEIRA (FIC).pdf
2016-01-25 09:29 - 2016-01-25 09:29 - 00010349 _____ C:\Users\helderisa\Downloads\transf.pdf
2016-01-25 08:19 - 2016-01-25 08:19 - 00017789 _____ C:\Users\helderisa\Downloads\FERNANDA PATRICIA LIMA OLIVEIRA.PDF
2016-01-24 14:57 - 2016-01-24 14:58 - 00168365 _____ C:\Users\helderisa\Downloads\Carteira de Trabalho.pdf
2016-01-24 13:32 - 2016-01-24 13:32 - 00019783 _____ C:\Users\helderisa\Downloads\Ubirajara.pdf
2016-01-23 23:04 - 2016-01-23 23:05 - 00000000 ____D C:\Users\helderisa\Desktop\Fotos de anúncios novos
2016-01-23 20:29 - 2016-01-23 20:30 - 01858045 _____ C:\Users\helderisa\Downloads\3169.pdf
2016-01-23 20:25 - 2016-01-23 20:25 - 00251503 _____ C:\Users\helderisa\Downloads\Novo Documento 8_1(1).pdf
2016-01-23 16:08 - 2016-01-23 16:08 - 00547891 _____ C:\Users\helderisa\Downloads\documentos.pdf
2016-01-23 16:08 - 2016-01-23 16:08 - 00547891 _____ C:\Users\helderisa\Downloads\documentos(1).pdf
2016-01-22 15:58 - 2016-01-22 16:00 - 02293823 _____ C:\Users\helderisa\Downloads\sentença.pdf
2016-01-22 15:21 - 2016-01-22 15:22 - 00251503 _____ C:\Users\helderisa\Downloads\Novo Documento 8_1.pdf
2016-01-21 16:25 - 2016-01-21 16:25 - 00701443 _____ C:\Users\helderisa\Downloads\13v.pdf
2016-01-21 16:24 - 2016-01-21 16:24 - 00304567 _____ C:\Users\helderisa\Downloads\23v.pdf
2016-01-21 16:24 - 2016-01-21 16:24 - 00298450 _____ C:\Users\helderisa\Downloads\236.pdf
2016-01-21 10:00 - 2016-01-21 10:01 - 00005736 _____ C:\Users\helderisa\Downloads\Bradesco_21012016_103308.pdf
2016-01-21 09:46 - 2016-01-21 09:46 - 00358032 ____T C:\Users\helderisa\Downloads\REENVIO - LUIZ RICARDO LEITE.pdf
2016-01-21 09:36 - 2016-01-21 09:36 - 00360878 ____T C:\Users\helderisa\Downloads\REENVIO - BRUNO GUALANO.pdf
2016-01-21 09:22 - 2016-01-21 09:22 - 00359194 ____T C:\Users\helderisa\Downloads\REENVIO - EDSON BIZZI.pdf
2016-01-21 09:16 - 2016-01-21 09:16 - 00358780 ____T C:\Users\helderisa\Downloads\REENVIO - ARTHUR CAMARGO.pdf
2016-01-21 09:08 - 2016-01-21 09:08 - 00359733 ____T C:\Users\helderisa\Downloads\REENVIO - CARLOS ALBERTO.pdf
2016-01-21 09:00 - 2016-01-21 09:00 - 00363846 ____T C:\Users\helderisa\Downloads\REENVIO VINICIOS FRANCA.pdf
2016-01-21 08:53 - 2016-01-21 08:53 - 00362215 ____T C:\Users\helderisa\Downloads\REENVIO - WIL MOTA.pdf
2016-01-21 08:46 - 2016-01-21 08:46 - 00353638 ____T C:\Users\helderisa\Downloads\REENVIO - ALISSON DA SILVA PINTO.pdf
2016-01-21 08:36 - 2016-01-21 08:36 - 00361423 ____T C:\Users\helderisa\Downloads\REENVIO - ANA SANTOS.pdf
2016-01-21 08:34 - 2016-01-21 08:35 - 00359549 ____T C:\Users\helderisa\Downloads\REENVIO - EDUARDO SILVA.pdf
2016-01-21 08:32 - 2016-01-21 08:32 - 00358042 ____T C:\Users\helderisa\Downloads\REENVIO - LUCIMARA DOS SANTOS.pdf
2016-01-21 08:30 - 2016-01-21 08:30 - 00336902 ____T C:\Users\helderisa\Downloads\REENVIO - PATRICIA BOHRY.pdf
2016-01-21 08:29 - 2016-01-21 08:29 - 00364085 ____T C:\Users\helderisa\Downloads\REENVIO -CEZAR TAKIO.pdf
2016-01-21 08:25 - 2016-01-21 08:25 - 00360761 ____T C:\Users\helderisa\Downloads\REENVIO - ALVARO MEDEIROS.pdf
2016-01-21 08:19 - 2016-01-21 08:19 - 00358746 ____T C:\Users\helderisa\Downloads\ENVIO - JEFFERSON HENRIQUE.pdf
2016-01-21 08:14 - 2016-01-21 08:14 - 00358435 ____T C:\Users\helderisa\Downloads\REENVIO - RODRIGO LUCENA - PLEBE.pdf
2016-01-20 21:46 - 2016-01-20 21:46 - 00610731 _____ C:\Users\helderisa\Downloads\Sentença da Decolar(1).pdf
2016-01-20 21:45 - 2016-01-20 21:45 - 00610731 _____ C:\Users\helderisa\Downloads\Sentença da Decolar.pdf
2016-01-20 15:27 - 2016-01-20 15:28 - 03601197 _____ C:\Users\helderisa\Downloads\ScanCor054.pdf
2016-01-20 09:10 - 2016-01-20 09:10 - 00786268 _____ C:\Users\helderisa\Downloads\Pedro H.H. Pucci - Matricula Prominas - parcela 1.pdf
2016-01-19 21:03 - 2016-01-19 21:03 - 00089783 _____ C:\Users\helderisa\Downloads\112016 Proposta Paulo Diniz.pdf
2016-01-19 20:56 - 2016-02-02 14:40 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4195741489-3349442942-2711558040-1001Core1d15314ff7ec147.job
2016-01-19 20:56 - 2016-01-19 20:56 - 00001062 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4195741489-3349442942-2711558040-1001Core.job
2016-01-19 19:49 - 2016-01-19 19:49 - 00651978 _____ C:\Users\helderisa\Downloads\8ae09d5dcb19d1845c99ae6e64ab973420150522.pdf
2016-01-19 19:48 - 2016-01-19 19:48 - 00750025 _____ C:\Users\helderisa\Downloads\e858acf3bd52b875b8f5b03e61284c4b20150522.pdf
2016-01-19 17:22 - 2016-01-19 17:22 - 00930171 _____ C:\Users\helderisa\Downloads\Cartilha Geral Publico.pdf
2016-01-19 13:12 - 2016-01-19 13:12 - 00049030 _____ C:\Users\helderisa\Downloads\call_12-33-44_IN_02730419400.AMR
2016-01-19 11:43 - 2016-01-19 11:44 - 00066282 _____ C:\Users\helderisa\Downloads\Bradesco.pdf
2016-01-19 10:08 - 2016-01-19 10:08 - 00262061 _____ C:\Users\helderisa\Downloads\2016-01-73816-PEDRO_HENRIQUE_HOLANDA_PUCCI_-_Folha_1(1).pdf
2016-01-18 23:57 - 2016-01-18 23:57 - 00000000 ____D C:\Users\helderisa\AppData\Local\A.E.T. Europe B.V
2016-01-18 23:47 - 2016-01-18 23:53 - 10391752 _____ (A.E.T. Europe B.V.) C:\Users\helderisa\Downloads\SafeSign_Identity_Client-Standard-3.0.87-general-x64-win-admin-std-vc8.exe
2016-01-18 23:47 - 2016-01-18 23:49 - 01617920 _____ C:\Users\helderisa\Downloads\gemccid_en-us_64.msi
2016-01-18 23:39 - 2016-01-18 23:39 - 00071771 _____ C:\Users\helderisa\Downloads\GemCCID_W10_64-bits.zip
2016-01-18 23:39 - 2016-01-18 23:39 - 00000000 ____D C:\Users\helderisa\Downloads\GemCCID_W10_64-bits
2016-01-18 23:04 - 2016-01-18 23:04 - 00000000 ____D C:\Users\helderisa\AppData\Local\YSearchUtil
2016-01-18 23:01 - 2016-01-23 15:43 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-01-18 23:01 - 2016-01-23 15:43 - 00000000 ____D C:\ProgramData\Oracle
2016-01-18 23:01 - 2016-01-23 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-18 23:01 - 2016-01-23 15:42 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-18 23:01 - 2016-01-23 15:41 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-01-18 23:01 - 2016-01-23 15:41 - 00000000 ____D C:\Users\helderisa\.oracle_jre_usage
2016-01-18 23:01 - 2016-01-18 23:01 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Sun
2016-01-18 23:01 - 2016-01-18 23:01 - 00000000 ____D C:\Users\helderisa\AppData\LocalLow\Sun
2016-01-18 22:50 - 2016-01-18 22:50 - 00000000 ____D C:\Users\helderisa\AppData\LocalLow\Oracle
2016-01-18 22:48 - 2016-01-18 22:49 - 00584288 _____ (Oracle Corporation) C:\Users\helderisa\Downloads\JavaSetup8u66.exe
2016-01-18 22:45 - 2016-01-18 22:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2016-01-18 22:15 - 2016-01-18 22:15 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Nitro
2016-01-18 22:13 - 2016-02-01 09:44 - 00000000 ____D C:\Program Files\Nitro
2016-01-18 22:13 - 2016-01-18 22:13 - 00000000 ____D C:\Users\Todos os Usuários\Nitro
2016-01-18 22:13 - 2016-01-18 22:13 - 00000000 ____D C:\ProgramData\Nitro
2016-01-18 21:02 - 2016-01-18 21:02 - 00003272 _____ C:\WINDOWS\System32\Tasks\{F37EE210-28EB-4452-A438-9A7B5B64DF23}
2016-01-18 21:00 - 2016-01-18 22:04 - 210334328 _____ C:\Users\helderisa\Downloads\NITPDF105732.rar
2016-01-18 20:44 - 2016-01-18 20:44 - 00000000 ____D C:\Program Files (x86)\t_201601182044
2016-01-18 20:43 - 2016-02-07 15:48 - 00000000 ____D C:\Program Files (x86)\MTV20151125
2016-01-18 20:42 - 2016-01-19 11:24 - 00000000 ____D C:\Program Files (x86)\12EDE002-1453160523-E111-B238-DC0EA1C7CA90
2016-01-18 20:38 - 2016-02-06 20:46 - 00000000 ____D C:\Program Files\Sound+
2016-01-18 20:34 - 2016-01-18 20:34 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Nitro PDF
2016-01-18 20:31 - 2016-01-18 20:31 - 00000000 ____D C:\Users\Todos os Usuários\Nitro PDF
2016-01-18 20:31 - 2016-01-18 20:31 - 00000000 ____D C:\ProgramData\Nitro PDF
2016-01-18 20:29 - 2016-01-18 22:12 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Downloaded Installations
2016-01-17 17:46 - 2016-01-17 17:46 - 00000000 ____D C:\Users\helderisa\AppData\Local\Macromedia
2016-01-16 23:01 - 2016-02-08 07:12 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-16 23:01 - 2016-01-20 09:12 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-16 23:01 - 2016-01-16 23:01 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-01-16 23:01 - 2016-01-16 23:01 - 00000000 ____D C:\ProgramData\McAfee
2016-01-15 22:20 - 2016-01-15 22:20 - 00262061 _____ C:\Users\helderisa\Downloads\2016-01-73816-PEDRO_HENRIQUE_HOLANDA_PUCCI_-_Folha_1.pdf
2016-01-15 22:20 - 2016-01-15 22:20 - 00000000 ____D C:\Users\helderisa\AppData\Local\CEF
2016-01-13 11:41 - 2016-01-04 23:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:41 - 2016-01-04 23:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 11:41 - 2016-01-04 23:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 11:41 - 2016-01-04 23:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:41 - 2016-01-04 23:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 11:41 - 2016-01-04 23:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 11:41 - 2016-01-04 23:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 11:41 - 2016-01-04 23:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:41 - 2016-01-04 23:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:41 - 2016-01-04 23:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:41 - 2016-01-04 23:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 11:41 - 2016-01-04 23:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 11:41 - 2016-01-04 23:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 11:41 - 2016-01-04 23:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 11:41 - 2016-01-04 23:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 11:41 - 2016-01-04 23:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 11:41 - 2016-01-04 23:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 11:41 - 2016-01-04 23:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 11:41 - 2016-01-04 23:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 11:41 - 2016-01-04 23:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:41 - 2016-01-04 23:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 11:41 - 2016-01-04 23:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:41 - 2016-01-04 23:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 11:41 - 2016-01-04 23:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:41 - 2016-01-04 23:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:41 - 2016-01-04 23:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 11:41 - 2016-01-04 23:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 11:41 - 2016-01-04 23:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 11:41 - 2016-01-04 22:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 11:41 - 2016-01-04 22:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 11:41 - 2016-01-04 22:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 11:41 - 2016-01-04 22:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 11:41 - 2016-01-04 22:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 11:41 - 2016-01-04 22:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 11:41 - 2016-01-04 22:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 11:41 - 2016-01-04 22:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 11:41 - 2016-01-04 22:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 11:41 - 2016-01-04 22:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 11:41 - 2016-01-04 22:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 11:41 - 2016-01-04 22:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:41 - 2016-01-04 22:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 11:41 - 2016-01-04 22:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 11:41 - 2016-01-04 22:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 11:41 - 2016-01-04 22:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:41 - 2016-01-04 22:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:41 - 2016-01-04 22:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 11:41 - 2016-01-04 22:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 11:41 - 2016-01-04 22:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 11:41 - 2016-01-04 22:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 11:41 - 2016-01-04 22:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 11:41 - 2016-01-04 22:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 11:41 - 2016-01-04 22:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 11:41 - 2016-01-04 22:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 11:41 - 2016-01-04 22:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:41 - 2016-01-04 22:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 11:41 - 2016-01-04 22:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 11:41 - 2016-01-04 22:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 11:41 - 2016-01-04 22:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 11:41 - 2016-01-04 22:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 11:41 - 2016-01-04 22:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 11:41 - 2016-01-04 22:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 11:41 - 2016-01-04 22:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 11:41 - 2016-01-04 22:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 11:41 - 2016-01-04 22:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 11:41 - 2016-01-04 22:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 11:41 - 2016-01-04 22:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 11:41 - 2016-01-04 22:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 11:41 - 2016-01-04 22:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 11:41 - 2016-01-04 22:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 11:41 - 2016-01-04 22:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 11:41 - 2016-01-04 22:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 11:41 - 2016-01-04 22:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:41 - 2016-01-04 22:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-08 07:47 - 2015-12-18 11:16 - 00000000 ____D C:\Users\helderisa\AppData\Local\CrashDumps
2016-02-08 07:40 - 2015-12-14 00:59 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-08 07:40 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-08 07:20 - 2015-11-30 11:05 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-08 06:16 - 2015-12-14 01:22 - 02010872 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-08 06:16 - 2015-10-30 16:12 - 00853356 _____ C:\WINDOWS\system32\prfh0416.dat
2016-02-08 06:16 - 2015-10-30 16:12 - 00183252 _____ C:\WINDOWS\system32\prfc0416.dat
2016-02-08 06:07 - 2015-11-30 11:25 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-02-08 06:04 - 2015-12-12 16:27 - 00000000 ___RD C:\Users\helderisa\OneDrive
2016-02-08 06:03 - 2015-11-30 11:05 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-08 06:01 - 2015-12-14 01:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-08 06:01 - 2015-10-30 03:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-08 04:00 - 2015-12-13 08:24 - 00004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2F2F94C7-027D-44AA-AFD7-9C9C5AC3BFB1}
2016-02-07 21:19 - 2015-10-30 03:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-07 19:48 - 2015-12-14 01:08 - 00000000 ____D C:\Users\helderisa
2016-02-07 15:43 - 2015-10-30 04:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-06 20:12 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-06 17:02 - 2012-07-26 02:26 - 00000167 _____ C:\WINDOWS\win.ini
2016-02-06 08:02 - 2015-11-30 10:28 - 00000000 ____D C:\Users\Todos os Usuários\Norton
2016-02-06 08:02 - 2015-11-30 10:28 - 00000000 ____D C:\ProgramData\Norton
2016-02-05 17:34 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-05 17:32 - 2015-11-30 11:05 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-05 17:23 - 2015-11-27 19:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-02 09:15 - 2015-11-30 11:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 09:15 - 2015-11-30 11:05 - 00003922 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 10:41 - 2015-11-27 19:22 - 00000000 ____D C:\Users\helderisa\AppData\Local\Packages
2016-02-01 10:28 - 2015-12-14 01:00 - 00349680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-01 10:26 - 2015-12-14 09:14 - 00000000 ____D C:\WINDOWS\system32\1033
2016-02-01 10:26 - 2015-12-14 09:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-02-01 10:26 - 2015-12-14 09:10 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-02-01 10:26 - 2015-12-14 09:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-01 10:26 - 2015-10-30 04:24 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-02-01 10:26 - 2015-10-30 04:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-01 10:26 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-01 10:24 - 2015-12-14 09:18 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-02-01 10:24 - 2015-12-14 09:16 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-02-01 10:24 - 2015-12-14 09:13 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-02-01 10:24 - 2015-11-30 11:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-01 10:21 - 2015-12-14 10:10 - 00000000 ____D C:\Users\helderisa\AppData\Local\VSIXInstaller
2016-02-01 10:18 - 2015-12-14 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-02-01 10:13 - 2015-12-14 12:03 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-02-01 09:40 - 2015-11-30 11:03 - 00001954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-01 08:43 - 2015-12-14 10:49 - 00000000 ____D C:\Users\helderisa\Documents\Visual Studio 2015
2016-01-30 18:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-29 21:36 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-29 21:36 - 2013-08-22 12:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-01-28 07:17 - 2015-11-30 11:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-27 22:33 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-27 18:47 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-23 17:00 - 2015-11-30 11:07 - 00000000 ____D C:\Users\helderisa\AppData\Local\Microsoft Help
2016-01-20 19:26 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-19 20:57 - 2015-11-30 11:05 - 00000000 ____D C:\Users\helderisa\AppData\Local\Google
2016-01-19 20:57 - 2015-11-30 11:03 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Mozilla
2016-01-17 04:26 - 2015-12-04 09:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-17 04:22 - 2015-12-04 09:20 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-16 23:02 - 2015-11-30 10:55 - 00000000 ____D C:\Users\helderisa\AppData\Local\Adobe
2016-01-15 22:20 - 2015-11-27 19:25 - 00000000 ____D C:\Users\helderisa\AppData\Roaming\Adobe
2016-01-14 13:31 - 2015-11-30 10:57 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 13:31 - 2015-11-30 10:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Arquivos na raiz de alguns diretórios =======

2015-12-18 10:11 - 2015-12-18 10:11 - 0000000 _____ () C:\Users\helderisa\AppData\Roaming\.NANotifyHere
2016-02-05 18:30 - 2016-02-05 18:30 - 0000045 _____ () C:\Users\helderisa\AppData\Roaming\WB.CFG

Alguns arquivos em TEMP:
====================
C:\Users\helderisa\AppData\Local\Temp\2422.tmp.exe
C:\Users\helderisa\AppData\Local\Temp\34780843.exe
C:\Users\helderisa\AppData\Local\Temp\4AF.tmp.exe
C:\Users\helderisa\AppData\Local\Temp\8C94.tmp.exe
C:\Users\helderisa\AppData\Local\Temp\94492374-D784-9438-D90A-88FF9BFD79E8.exe
C:\Users\helderisa\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.dll
C:\Users\helderisa\AppData\Local\Temp\A443FE17-5C97-711F-43A5-7F5243D9D11B.exe
C:\Users\helderisa\AppData\Local\Temp\C185.tmp.exe
C:\Users\helderisa\AppData\Local\Temp\clrvu.exe
C:\Users\helderisa\AppData\Local\Temp\hibBA3A.exe
C:\Users\helderisa\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\helderisa\AppData\Local\Temp\Latcore.exe
C:\Users\helderisa\AppData\Local\Temp\oprun23352.exe
C:\Users\helderisa\AppData\Local\Temp\oprun32476.exe
C:\Users\helderisa\AppData\Local\Temp\tu17p84.exe
C:\Users\helderisa\AppData\Local\Temp\ultimate_pc_cleaner.exe
C:\Users\helderisa\AppData\Local\Temp\UninstallModule.exe

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll
[2015-10-30 04:18] - [2015-10-30 04:18] - 0686984 ____A (Microsoft Corporation) E54E5CBDE9A42FFE96B0B2F627C6884B

C:\WINDOWS\SysWOW64\dnsapi.dll
[2015-10-30 04:18] - [2015-10-30 04:18] - 0535088 ____A (Microsoft Corporation) C47B5A915E79913786D639B89BB68C5D

C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2016-02-07 21:07

==================== Fim de FRST.txt ============================

Signaler le contenu de ce document