Publicité
Publicité
Commentaire : http://www.cjoint.com/c/ELmnBXLqpqShttp://www.cjoint.com/c/ELmnFaIrTzS
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 05-03-2017
Executado por Isaela (administrador) em ISAELA-PC (07-03-2017 16:08:07)
Executando a partir de C:\Users\Isaela\Documents
Perfis Carregados: Isaela (Perfis Disponíveis: Isaela)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(CompSoft) C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
() C:\ecosis\Eco Backup\EcoBackupServer.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(EcoCentauro Sistemas®) C:\ecosis\windows\eco.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DLL-files.com) C:\Program Files (x86)\DLL-Files.com Client\DLLFilesClient.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032 2012-05-02] (CompSoft)
HKLM-x32\...\Run: [BackupServer] => C:\ecosis\Eco Backup\EcoBackupServer.exe [6162944 2016-09-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Bron-Spizaetus] => C:\Windows\ShellNew\bronstab.exe [41385 2008-06-15] ()
HKLM-x32\...\RunOnce: [Lomobasapa] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Roaming\53BA83~1\Dadihis.dat"
HKLM-x32\...\RunOnce: [Minatimobite] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Roaming\28A715~1\Fafegamecad.dat"
HKLM-x32\...\RunOnce: [Hirec] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Local\65C6B4~1\Fonerob.dat"
HKLM-x32\...\RunOnce: [Gesosog] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Local\3989CF~1\Lefehebi.dat"
HKLM-x32\...\Winlogon: [Shell] Explorer.exe "C:\Windows\eksplorasi.exe" [ ] () <=== ATENÇÃO
Winlogon\Notify\ GbPluginScd: C:\Program Files (x86)\GbPlugin\gbiehScd.dll [2016-05-06] (Sicredi)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [BingSvc] => C:\Users\Isaela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Chromium] => c:\users\isaela\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [GoogleChromeAutoLaunch_C8955BFA0AA994214B6901E396B99EB3] => C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Tok-Cirrhatus] => C:\Users\Isaela\AppData\Local\smss.exe [41385 2008-06-15] ()
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\Explorer: [NoFolderOptions] 1
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files (x86)\GbPlugin\gbiehscd.dll [1915104 2016-05-06] (Sicredi)
Startup: C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EcoBackupServer - Atalho.lnk [2016-12-28]
ShortcutTarget: EcoBackupServer - Atalho.lnk -> C:\ecosis\Eco Backup\EcoBackupServer.exe ()
Startup: C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif [2008-06-15] ()
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Um script HTML foi detectado no Hosts. Veja a seção Hosts do Addition.txt <==== ATENÇÃO
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A00BD657-055F-4444-B758-FDBF930C137A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE74CBE6-469F-48D6-88D2-FE7FD16B8565}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=pt-br
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-14] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540011} -> C:\Program Files (x86)\GbPlugin\gbiehscd.dll [2016-05-06] (Sicredi)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-14] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll [2016-12-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll [2016-12-28] ()
FF Plugin-x32: @DVR/npmedia-intelbras,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\HDCVI\WebPlugin\npmedia.dll [2015-02-04] ()
FF Plugin-x32: @DVR/npTimeGrid-intelbras,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\HDCVI\WebPlugin\npTimeGrid.dll [2015-02-04] (Unauthorized copy)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/scd -> C:\Windows\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_scd.dll [Nenhum Arquivo]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default [2017-03-07]
CHR Extension: (Hermes Tab) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg [2017-02-27]
CHR Extension: (Search Manager) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-02-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [146912 2017-01-18] (Byte Technologies LLC)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project) [Arquivo não assinado]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-05-06] (GAS Tecnologia)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado]
R2 NetExpress Updater; C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe [20424 2016-10-13] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-02-17] ()
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1926672 2016-12-29] (Scopus Soluções em TI Ltda)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS Tecnologia LTDA)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2016-12-28] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-03-07] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-06] (GAS Tecnologia)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation )
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-06] (GAS Tecnologia LTDA)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-03-07] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [97376 2016-06-08] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-07 16:08 - 2017-03-07 16:08 - 00023409 _____ C:\Users\Isaela\Documents\FRST.txt
2017-03-07 16:06 - 2017-03-07 16:08 - 00000000 ____D C:\FRST
2017-03-07 16:05 - 2017-03-07 16:05 - 02423808 _____ (Farbar) C:\Users\Isaela\Documents\FRST64.exe
2017-03-07 16:05 - 2017-03-07 16:05 - 01765888 _____ (Farbar) C:\Users\Isaela\Documents\FRST.exe
2017-03-07 16:03 - 2017-03-07 16:03 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Isaela\Documents\clientsetup_fde-1.exe
2017-03-07 16:03 - 2017-03-07 16:03 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DLL-files.com
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DFXCT
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-03-07 15:56 - 2017-03-07 15:56 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\SkypeSetup (1).exe
2017-03-07 15:47 - 2017-03-07 15:47 - 01806392 _____ ( ) C:\Users\Isaela\Documents\Baixaki_skype_V76BqM.exe
2017-03-07 15:42 - 2017-03-07 15:42 - 00003142 _____ C:\Windows\System32\Tasks\{8C8E9068-E60A-4127-8B33-9ED965C50429}
2017-03-07 15:35 - 2017-03-07 15:35 - 00408568 _____ C:\Users\Isaela\AppData\Local\Update.9.Bron.Tok.bin
2017-03-07 15:34 - 2017-03-07 15:34 - 01806392 _____ ( ) C:\Users\Isaela\Documents\Baixaki_skype_V2Dhl0.exe
2017-03-07 15:30 - 2017-03-07 15:30 - 00002958 _____ C:\Windows\System32\Tasks\{C652FC53-961C-4DD3-9B62-232EA1BE3E60}
2017-03-07 15:29 - 2017-03-07 15:29 - 00002958 _____ C:\Windows\System32\Tasks\{BCF958CD-1A75-408C-AE66-FE2FDB756A93}
2017-03-07 15:29 - 2017-03-07 15:29 - 00002958 _____ C:\Windows\System32\Tasks\{85D4A90C-B623-4BD1-A703-2A1AF8065469}
2017-03-07 15:25 - 2017-03-07 15:25 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\SkypeSetup.exe
2017-03-07 15:22 - 2017-03-07 15:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-07 15:22 - 2017-03-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-07 15:19 - 2017-03-07 15:19 - 00400607 _____ C:\Users\Isaela\AppData\Local\Bron.tok.A9.em.bin
2017-03-07 15:19 - 2017-03-07 15:19 - 00000000 ____D C:\Users\Isaela\AppData\Local\Ok-SendMail-Bron-tok
2017-03-07 15:14 - 2017-03-07 15:14 - 00402607 _____ C:\Users\Isaela\AppData\Local\ListHost9.txt
2017-03-07 15:13 - 2017-03-07 15:13 - 00000000 ____D C:\Users\Isaela\AppData\Local\Bron.tok-9-7
2017-03-04 18:25 - 2017-03-04 18:25 - 00033132 _____ C:\Users\Isaela\Downloads\301A.tmp
2017-03-03 16:30 - 2017-03-03 16:30 - 00011211 _____ C:\Users\Isaela\Desktop\Neto - relatório.xlsx
2017-03-03 14:05 - 2017-03-03 14:05 - 00001106 _____ C:\Users\Isaela\Desktop\ARQUIVOS SPED.lnk
2017-03-03 10:23 - 2017-03-03 10:23 - 00048147 _____ C:\Users\Isaela\Desktop\relatorio (1).pdf
2017-03-03 10:21 - 2017-03-03 10:21 - 00007791 _____ C:\Users\Isaela\Desktop\relatorio.pdf
2017-03-03 08:18 - 2017-03-03 08:18 - 00000000 ___HD C:\Users\Isaela\AppData\Local\3989cf486cd66e6a
2017-03-01 12:30 - 2017-03-01 12:30 - 00000000 ____D C:\Users\Isaela\AppData\Local\ISL Online Cache
2017-02-28 17:03 - 2017-02-28 17:03 - 00000000 ___HD C:\Users\Isaela\AppData\Local\65c6b4a44332dd3b
2017-02-27 17:24 - 2017-02-27 17:24 - 02589033 _____ C:\Users\Isaela\Desktop\Fatura_012017_MARIA_4348_MASTER_00080875110087.PDF
2017-02-27 12:28 - 2017-02-27 12:28 - 00007153 _____ C:\Users\Isaela\Desktop\EXTRATO_POR_PERIODO_270217_132803.pdf
2017-02-27 09:40 - 2017-03-07 15:40 - 00000278 _____ C:\Windows\Tasks\{28A7159C-0698-70E8-0621-32059762567D}.job
2017-02-27 09:40 - 2017-02-28 16:40 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\28A7159C-0698-70E8-0621-32059762567D
2017-02-27 09:40 - 2017-02-27 09:40 - 00003222 _____ C:\Windows\System32\Tasks\{28A7159C-0698-70E8-0621-32059762567D}
2017-02-27 09:39 - 2017-02-27 09:41 - 00000000 ____D C:\Users\Isaela\AppData\Local\{65F953A5-4151-3F1D-2CC9-1AF508A1E66D}
2017-02-23 15:35 - 2013-10-14 15:41 - 00196608 _____ C:\Users\Isaela\Desktop\EcoSped.zip
2017-02-23 15:27 - 2017-02-23 15:27 - 00001040 _____ C:\Users\Isaela\Desktop\ECOSPED.lnk
2017-02-23 14:01 - 2017-03-07 15:50 - 00000000 ____D C:\Users\Isaela\Desktop\Notas Fiscais Entrada 2017
2017-02-21 17:17 - 2017-02-21 17:17 - 00004778 _____ C:\Users\Isaela\Downloads\7858.xml
2017-02-21 17:11 - 2017-02-21 17:11 - 00004751 _____ C:\Users\Isaela\Downloads\7856.xml
2017-02-21 16:41 - 2017-02-21 16:41 - 00006227 _____ C:\Users\Isaela\Downloads\138269.xml
2017-02-21 16:40 - 2017-02-21 16:40 - 00005555 _____ C:\Users\Isaela\Downloads\218917.xml
2017-02-21 16:35 - 2017-02-21 16:35 - 00005555 _____ C:\Users\Isaela\Downloads\62FD.tmp
2017-02-20 16:39 - 2017-02-20 16:39 - 00009272 _____ C:\Users\Isaela\Downloads\6556.xml
2017-02-20 16:13 - 2017-02-20 16:13 - 00008318 _____ C:\Users\Isaela\Downloads\38703.xml
2017-02-20 16:07 - 2017-02-20 16:08 - 00000000 ____D C:\Users\Isaela\Desktop\documentos Abelha
2017-02-20 15:54 - 2017-02-20 15:54 - 00005618 _____ C:\Users\Isaela\Downloads\198820 (2).xml
2017-02-20 15:54 - 2017-02-20 15:54 - 00002938 _____ C:\Users\Isaela\Downloads\198820.zip
2017-02-20 15:53 - 2017-02-20 15:53 - 00005618 _____ C:\Users\Isaela\Downloads\198820.xml
2017-02-20 15:47 - 2017-02-20 15:47 - 00005605 _____ C:\Users\Isaela\Downloads\este.xml
2017-02-20 09:24 - 2017-02-20 09:24 - 00007324 _____ C:\Users\Isaela\Downloads\205846.xml
2017-02-18 07:44 - 2017-03-07 07:42 - 00000269 _____ C:\Users\Isaela\AppData\Roaming\WB.CFG
2017-02-17 16:08 - 2017-02-17 16:08 - 00003480 _____ C:\Windows\System32\Tasks\ByteFence Scan
2017-02-17 16:08 - 2017-02-17 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2017-02-17 15:13 - 2017-02-17 15:13 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2017-02-17 15:13 - 2017-02-17 15:13 - 00000000 ____D C:\ProgramData\ByteFence
2017-02-17 15:06 - 2017-02-17 15:06 - 00002228 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-02-17 15:06 - 2017-02-17 15:06 - 00000000 ____D C:\Users\Isaela\AppData\Local\chromium
2017-02-17 15:05 - 2017-03-07 15:59 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-02-17 15:05 - 2017-03-07 15:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-17 15:05 - 2017-03-02 07:44 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Skype
2017-02-17 15:05 - 2017-02-17 15:05 - 00000000 ____D C:\Users\Isaela\Tracing
2017-02-17 15:03 - 2017-03-07 16:03 - 00000278 _____ C:\Windows\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}.job
2017-02-17 15:03 - 2017-03-07 09:03 - 00000000 ____D C:\Users\Todos os Usuários\{7278B71B-F83A-3DDD-7EFC-A39FE4BE2851}
2017-02-17 15:03 - 2017-03-07 09:03 - 00000000 ____D C:\ProgramData\{7278B71B-F83A-3DDD-7EFC-A39FE4BE2851}
2017-02-17 15:03 - 2017-03-07 07:42 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\53ba838ca5c100d424837cb8e78ab6af
2017-02-17 15:03 - 2017-02-27 09:39 - 00001455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2017-02-17 15:03 - 2017-02-27 09:39 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-02-17 15:03 - 2017-02-27 09:39 - 00000372 __RSH C:\ProgramData\ntuser.pol
2017-02-17 15:03 - 2017-02-17 15:07 - 00000000 ____D C:\Users\Isaela\AppData\Local\{1B3A2D66-3F92-41DE-520A-6436766298AE}
2017-02-17 15:03 - 2017-02-17 15:03 - 00004344 _____ C:\Windows\System32\Tasks\Yahoo! Powered daril
2017-02-17 15:03 - 2017-02-17 15:03 - 00003380 _____ C:\Windows\System32\Tasks\ByteFence
2017-02-17 15:03 - 2017-02-17 15:03 - 00003222 _____ C:\Windows\System32\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}
2017-02-17 15:02 - 2017-03-07 16:03 - 00000000 ____D C:\Program Files\ByteFence
2017-02-17 15:02 - 2017-03-07 15:34 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\Baixaki_skype.exe
2017-02-17 15:02 - 2017-02-17 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\ScreenShot
2017-02-17 15:02 - 2017-02-17 15:02 - 01858608 _____ (Internet ) C:\Users\Isaela\Desktop\Baixaki_skype_V1VnDc.exe
2017-02-17 15:02 - 2017-02-17 15:02 - 00001859 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ScreenShot.lnk
2017-02-17 15:02 - 2017-02-17 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot
2017-02-17 15:02 - 2017-02-17 15:02 - 00000000 ____D C:\Program Files (x86)\ScreenShot
2017-02-17 09:37 - 2017-02-17 09:37 - 00187329 _____ C:\Users\Isaela\Desktop\energia.pdf
2017-02-17 09:37 - 2017-02-17 09:37 - 00187329 _____ C:\Users\Isaela\Desktop\energ..pdf
2017-02-17 09:10 - 2017-02-17 09:10 - 00002172 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-02-17 09:10 - 2017-02-17 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro
2017-02-17 09:09 - 2017-02-17 09:10 - 01129376 _____ (Google Inc.) C:\GoogleEarthProSetup (1).exe
2017-02-17 09:08 - 2017-02-17 09:08 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-17 09:08 - 2017-02-17 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-17 09:07 - 2017-02-17 09:07 - 00000000 ____D C:\Windows\system32\appmgmt
2017-02-17 09:05 - 2017-02-17 09:05 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Google
2017-02-14 17:07 - 2017-02-14 17:07 - 00074741 _____ C:\Users\Isaela\Desktop\conta luz.pdf
2017-02-14 15:20 - 2017-02-14 15:20 - 00346254 _____ C:\Users\Isaela\Desktop\DiagnosticoBR.JAR
2017-02-14 15:19 - 2017-02-14 15:19 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Sun
2017-02-14 15:18 - 2017-02-14 15:19 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2017-02-14 15:18 - 2017-02-14 15:19 - 00000000 ____D C:\ProgramData\Oracle
2017-02-14 15:18 - 2017-02-14 15:18 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-14 15:18 - 2017-02-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-14 15:18 - 2017-02-14 15:18 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-14 13:37 - 2017-02-14 13:37 - 00308086 _____ C:\Users\Isaela\Desktop\boletoECO-14022017-9600.pdf
2017-02-09 10:45 - 2017-02-09 10:45 - 00000000 ____D C:\Users\Isaela\AppData\Local\mqtmvtiqc
2017-02-09 10:09 - 2017-02-09 10:09 - 00307973 _____ C:\Users\Isaela\Downloads\boletoECO-09022017-9600 (1).pdf
2017-02-09 09:24 - 2017-02-09 09:24 - 00307973 _____ C:\Users\Isaela\Downloads\boletoECO-09022017-9600.pdf
2017-02-09 09:14 - 2017-02-09 09:14 - 00003520 _____ C:\Users\Isaela\Downloads\Formulario-Sonegacao-Fiscal-(258747859).zip
2017-02-09 09:14 - 2017-02-09 09:14 - 00000000 ____D C:\Users\Isaela\AppData\Local\vzuxpnczm
2017-02-09 09:14 - 2017-02-09 09:14 - 00000000 ____D C:\Users\Isaela\AppData\Local\nnppcrvem
2017-02-09 09:13 - 2017-02-09 09:13 - 00003520 _____ C:\Users\Isaela\Downloads\Formulario-Sonegacao-Fiscal-(435788555).zip
2017-01-30 09:03 - 2017-01-30 09:03 - 00000182 _____ C:\Users\Isaela\Downloads\30 01 2017.html
2017-01-26 15:06 - 2017-01-26 15:06 - 00005192 _____ C:\Users\Isaela\Desktop\Bradesco_26012017_160550.OFX
2017-01-26 11:37 - 2017-03-07 10:49 - 00000000 ____D C:\Users\Isaela\Desktop\XML FORNCEDOR
2017-01-26 11:36 - 2017-01-26 11:36 - 00005368 _____ C:\Users\Isaela\Downloads\51170103382668000139550010000078151000078150.xml
2017-01-26 11:26 - 2017-01-26 11:27 - 20853080 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\BOIE9_PTBR_BO0085_VIS.EXE
2017-01-26 11:21 - 2017-01-26 11:23 - 60959120 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\EIE11_PT-BR_WOL_WIN764.EXE
2017-01-26 11:19 - 2017-01-26 11:20 - 36860720 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\IE9-WindowsVista-x64-ptb.exe
2017-01-26 11:16 - 2017-01-26 11:17 - 58491088 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\IE11-Windows6.1-x64-pt-br.exe
2017-01-25 16:14 - 2017-01-27 14:55 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft Games
2017-01-25 14:39 - 2017-01-25 14:40 - 02589033 _____ C:\Users\Isaela\Downloads\Fatura_012017_MARIA_4348_MASTER_00080875110087 (1).PDF
2017-01-25 10:38 - 2017-01-25 10:39 - 02589033 _____ C:\Users\Isaela\Downloads\Fatura_012017_MARIA_4348_MASTER_00080875110087.PDF
2017-01-24 13:34 - 2017-01-24 13:34 - 00091334 _____ C:\Users\Isaela\Downloads\Mineração Abelha - Solução de Consulta 67-2012 - Trib. Ouro.pdf
2017-01-24 10:49 - 2017-01-24 10:49 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlugin
2017-01-24 10:49 - 2017-01-24 10:49 - 00000000 ____D C:\Program Files (x86)\webrec
2017-01-24 08:30 - 2017-01-24 08:30 - 00031797 _____ C:\Users\Isaela\Downloads\JAYME (3).pdf
2017-01-24 08:30 - 2017-01-24 08:30 - 00019153 _____ C:\Users\Isaela\Downloads\208277.pdf
2017-01-23 13:49 - 2017-01-23 13:49 - 00194249 _____ C:\Users\Isaela\Downloads\JAYME VICENTE (1).pdf
2017-01-23 09:46 - 2017-01-23 09:46 - 00191138 _____ C:\Users\Isaela\Downloads\JAYME VICENTE.pdf
2017-01-19 17:07 - 2017-01-19 17:07 - 00075584 _____ C:\Users\Isaela\Downloads\documento_1267501_19_01_2017.pdf
2017-01-19 17:07 - 2017-01-19 17:07 - 00075052 _____ C:\Users\Isaela\Downloads\documento_1267501_19_01_2017 (1).pdf
2017-01-19 17:06 - 2017-01-19 17:06 - 00074715 _____ C:\Users\Isaela\Downloads\documento_1072236_19_01_2017.pdf
2017-01-18 16:59 - 2017-01-18 16:59 - 00331896 _____ C:\Users\Isaela\Downloads\boletoenotasreferente.zip
2017-01-18 16:59 - 2017-01-18 16:59 - 00331896 _____ C:\Users\Isaela\Downloads\boletoenotasreferente (1).zip
2017-01-18 13:58 - 2017-01-18 13:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-01-13 13:32 - 2017-01-13 13:33 - 00000000 ____D C:\Users\Isaela\Desktop\quitacao carregadeira
2017-01-13 13:18 - 2017-01-13 13:19 - 00000000 ____D C:\Users\Isaela\Desktop\EXTRATO DE PAGTO VOLVO EC 250
2017-01-12 16:26 - 2017-01-13 09:29 - 00000000 ____D C:\Users\Isaela\Desktop\Nota Fiscal Maquinários
2017-01-11 14:21 - 2017-01-11 14:21 - 00110561 _____ C:\Users\Isaela\Downloads\0720_019.PDF
2017-01-11 13:35 - 2017-01-11 13:35 - 00056811 _____ C:\Users\Isaela\Downloads\danfe52549.pdf
2017-01-09 16:54 - 2017-01-09 16:54 - 00030415 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES 06-03.pdf
2017-01-09 16:53 - 2017-01-09 16:53 - 00030409 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES 06-02.pdf
2017-01-09 16:50 - 2017-01-09 16:50 - 00030420 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES ME 05-04.pdf
2017-01-09 15:57 - 2017-01-09 15:57 - 00041160 _____ C:\Users\Isaela\Downloads\1Extrato (1).pdf
2017-01-09 15:50 - 2017-01-09 15:50 - 00041160 _____ C:\Users\Isaela\Downloads\1Extrato.pdf
2017-01-09 14:50 - 2017-01-09 14:50 - 00037974 _____ C:\Users\Isaela\Downloads\pedido 18935 (1).PDF
2017-01-09 14:49 - 2017-01-09 14:49 - 00080222 _____ C:\Users\Isaela\Downloads\nf 2525.pdf
2017-01-09 14:49 - 2017-01-09 14:49 - 00072064 _____ C:\Users\Isaela\Downloads\NF SERVICO 1484.pdf
2017-01-09 14:49 - 2017-01-09 14:49 - 00037974 _____ C:\Users\Isaela\Downloads\pedido 18935.PDF
2017-01-09 14:47 - 2017-01-09 14:47 - 00072423 _____ C:\Users\Isaela\Downloads\nf servico 1483.pdf
2017-01-09 14:47 - 2017-01-09 14:47 - 00031600 _____ C:\Users\Isaela\Downloads\NF 2524 Jayme.pdf
2017-01-09 14:47 - 2017-01-09 14:47 - 00019154 _____ C:\Users\Isaela\Downloads\Pedido 18778.PDF
2017-01-09 10:04 - 2017-01-09 10:04 - 00110783 _____ C:\Users\Isaela\Desktop\51170137525771000455550040002102001002343340-nfe.pdf
2017-01-09 10:03 - 2017-01-09 10:03 - 01748772 _____ C:\Users\Isaela\Desktop\NFe Nacional - mineracaoabelha@gmail.com - Gmail.html
2017-01-09 10:03 - 2017-01-09 10:03 - 00000000 ____D C:\Users\Isaela\Desktop\NFe Nacional - mineracaoabelha@gmail.com - Gmail_files
2017-01-09 09:25 - 2017-01-09 09:25 - 00075584 _____ C:\Users\Isaela\Downloads\documento_1267501_09_01_2017.pdf
2017-01-09 09:19 - 2017-01-09 09:19 - 00074741 _____ C:\Users\Isaela\Downloads\documento_1072236_09_01_2017 (1).pdf
2017-01-09 09:17 - 2017-01-09 09:17 - 00075152 _____ C:\Users\Isaela\Downloads\documento_1072236_09_01_2017.pdf
2017-01-09 08:45 - 2017-01-09 08:45 - 00000000 ____D C:\Users\Isaela\Desktop\doc. funcionarios
2017-01-06 16:22 - 2017-01-06 16:22 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto (2).htm
2017-01-06 13:13 - 2017-01-06 13:13 - 04683517 _____ C:\Users\Isaela\Downloads\JAYME VICENTE BOLETO 7055 NFE 9870.pdf
2017-01-05 16:45 - 2017-01-05 16:45 - 00013480 _____ C:\Users\Isaela\Downloads\relatorio.pdf
2017-01-05 10:31 - 2017-01-05 10:31 - 00000000 ____D C:\Users\Isaela\Desktop\comp. de pagamento
2017-01-05 10:29 - 2017-01-05 10:29 - 00000000 ____D C:\Users\Isaela\Documents\Meu Scanner
2017-01-04 08:41 - 2017-01-12 11:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-03 11:33 - 2017-01-03 11:33 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto.htm
2017-01-03 11:33 - 2017-01-03 11:33 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto (1).htm
2017-01-02 11:35 - 2017-03-03 19:40 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Scpad
2017-01-02 11:10 - 2017-01-02 11:10 - 00000938 _____ C:\Users\Public\Desktop\Navegador Exclusivo Bradesco.lnk
2017-01-02 11:10 - 2017-01-02 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Exclusivo Bradesco
2017-01-02 11:10 - 2017-01-02 11:10 - 00000000 ____D C:\Program Files (x86)\AppBrad
2017-01-02 11:07 - 2017-01-02 11:09 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador (2).exe
2017-01-02 10:31 - 2017-01-02 10:32 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador (1).exe
2016-12-29 16:28 - 2016-12-29 16:28 - 00116532 _____ C:\Users\Isaela\Downloads\IMG_7115.JPG
2016-12-29 16:28 - 2016-12-29 16:28 - 00113707 _____ C:\Users\Isaela\Downloads\IMG_7114.JPG
2016-12-29 12:43 - 2016-12-29 12:43 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Mozilla
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Todos os Usuários\scpbrad
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Isaela\AppData\Local\Geckofx
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\ProgramData\scpbrad
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Program Files (x86)\scpbrad
2016-12-29 12:41 - 2016-12-29 12:41 - 00000000 ____D C:\Windows\Sun
2016-12-29 12:40 - 2017-03-03 19:40 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\NetExpress50
2016-12-29 10:56 - 2016-12-29 10:56 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME (2).pdf
2016-12-29 10:56 - 2016-12-29 10:56 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME (1).pdf
2016-12-29 10:54 - 2016-12-29 10:54 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME.pdf
2016-12-29 09:08 - 2016-12-29 09:11 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador.exe
2016-12-29 08:40 - 2016-12-29 17:00 - 00000251 _____ C:\Windows\SysWOW64\LogBackupServer29122016.txt
2016-12-28 16:29 - 2016-12-28 16:29 - 00001153 _____ C:\Users\Isaela\Desktop\BACKUP ECO CENTAURO.lnk
2016-12-28 15:16 - 2016-12-28 15:18 - 12223223 _____ C:\Users\Isaela\Downloads\EcoBackup v.1.0.6.000.rar
2016-12-28 14:58 - 2016-12-28 14:58 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\HK-Software
2016-12-28 14:57 - 2016-12-28 14:57 - 00001213 _____ C:\Users\Isaela\Desktop\IBExpertLive.lnk
2016-12-28 14:57 - 2016-12-28 14:57 - 00001163 _____ C:\Users\Isaela\Desktop\IBExpert.lnk
2016-12-28 14:57 - 2016-12-28 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HK-Software
2016-12-28 14:57 - 2016-12-28 14:57 - 00000000 ____D C:\Program Files (x86)\HK-Software
2016-12-28 14:23 - 2016-06-16 18:43 - 00036984 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddntf.sys
2016-12-28 14:23 - 2016-06-16 18:43 - 00008811 _____ C:\Windows\system32\Drivers\wsddntf.cat
2016-12-28 14:23 - 2016-06-16 14:06 - 00002708 _____ C:\Windows\system32\Drivers\wsddntf.inf
2016-12-28 14:23 - 2016-06-08 18:43 - 00097376 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-12-28 13:46 - 2016-12-28 13:46 - 00000000 ____D C:\Users\Isaela\Desktop\fluxo Eco sistemas
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 ____N C:\Users\Isaela\AppData\Local\winlogon.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 ____H C:\Windows\eksplorasi.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Windows\SysWOW64\Isaela's Setting.scr
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\Documents\Documents.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\smss.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\services.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\lsass.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\inetinfo.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\csrss.exe
2016-12-28 13:42 - 2016-12-28 13:42 - 00000000 ____D C:\Users\Todos os Usuários\AMMYY
2016-12-28 13:42 - 2016-12-28 13:42 - 00000000 ____D C:\ProgramData\AMMYY
2016-12-28 13:18 - 2017-03-07 07:41 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-12-28 13:18 - 2016-12-28 13:19 - 00001024 _____ C:\.rnd
2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ____D C:\Program Files\Diebold
2016-12-28 13:12 - 2017-03-07 16:08 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-12-28 13:12 - 2017-03-07 13:42 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-12-28 13:12 - 2017-03-07 13:42 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-28 13:12 - 2017-03-07 07:41 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-12-28 13:04 - 2016-12-28 13:12 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-12-28 13:04 - 2016-12-28 13:12 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-12-28 13:04 - 2016-12-28 13:04 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-12-28 13:04 - 2016-12-28 13:04 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-28 13:02 - 2016-12-28 13:20 - 00002911 _____ C:\Users\Isaela\Downloads\Diagnóstico Sicredi.log
2016-12-28 12:42 - 2016-12-28 12:46 - 00000000 ____D C:\Users\Isaela\ISAELA
2016-12-28 12:39 - 2016-12-28 12:39 - 00001042 _____ C:\Users\Isaela\Desktop\ammy.lnk
2016-12-28 12:39 - 2016-12-28 12:39 - 00000000 ____D C:\Program Files (x86)\DoroPDFWriter
2016-12-28 12:38 - 2012-05-02 16:38 - 07017723 _____ (CompSoft ) C:\Users\Isaela\Downloads\DoroSetup.exe
2016-12-28 12:37 - 2016-12-28 12:38 - 06987290 _____ C:\Users\Isaela\Downloads\DoroSetup.zip
2016-12-28 12:21 - 2017-03-07 15:12 - 00000000 ____D C:\Users\Todos os Usuários\firebird
2016-12-28 12:21 - 2017-03-07 15:12 - 00000000 ____D C:\ProgramData\firebird
2016-12-28 12:19 - 2016-12-28 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoCentauro ®
2016-12-28 12:19 - 2007-06-09 10:31 - 01069056 _____ (Daruma Automação) C:\Windows\SysWOW64\Daruma32.dll
2016-12-28 12:19 - 2002-08-28 15:40 - 00061440 _____ (ZANTHUS Indústria e Comércio de Equipamentos Eletrônicos Ltda.) C:\Windows\SysWOW64\qzecf32.dll
2016-12-28 12:18 - 2017-02-23 15:21 - 00000000 ____D C:\ecosis
2016-12-28 12:18 - 2017-01-26 13:06 - 00000681 _____ C:\Users\Public\Desktop\ECO SISTEMAS®.lnk
2016-12-28 12:18 - 2016-12-28 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoCentauro®
2016-12-28 12:17 - 2016-12-28 12:24 - 00000480 _____ C:\Windows\ODBC.INI
2016-12-28 12:17 - 2016-12-28 12:17 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports 9.lnk
2016-12-28 12:17 - 2016-12-28 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports 9 Tools
2016-12-28 12:16 - 2016-12-28 12:17 - 00000000 ____D C:\Program Files (x86)\Crystal Decisions
2016-12-28 12:16 - 2016-12-28 12:16 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\Users\Todos os Usuários\InstallShield
2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\ProgramData\InstallShield
2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\Program Files (x86)\Centauro Sistemas Ltda
2016-12-28 12:16 - 2004-08-09 05:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
2016-12-28 12:15 - 2016-12-28 12:18 - 00000000 ____D C:\Program Files (x86)\Firebird
2016-12-28 12:15 - 2016-12-28 12:17 - 00001754 _____ C:\Windows\ODBCINST.INI
2016-12-28 12:15 - 2016-12-28 12:15 - 00225280 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\IscDbc.dll
2016-12-28 12:15 - 2016-12-28 12:15 - 00200704 _____ (IBPhoenix Inc) C:\Windows\SysWOW64\OdbcJdbc.dll
2016-12-28 12:15 - 2016-12-28 12:15 - 00086016 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\OdbcJdbcSetup.dll
2016-12-28 12:15 - 2016-12-28 12:15 - 00028947 _____ C:\Windows\SysWOW64\OdbcJdbc.chm
2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\Users\Isaela\AppData\Local\OdbcJdbcSetup
2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32)
2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird
2016-12-28 12:15 - 2011-10-03 07:28 - 00548864 _____ (Firebird Project) C:\Windows\SysWOW64\GDS32.DLL
2016-12-28 12:12 - 2016-12-28 12:12 - 00206355 _____ C:\Users\Isaela\Documents\Digitalizador.jpg
2016-12-28 12:12 - 2016-12-28 12:12 - 00001030 _____ C:\Users\Isaela\Desktop\Digitalizar para.lnk
2016-12-28 12:09 - 2016-12-28 12:09 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-12-28 12:09 - 2016-12-28 12:09 - 00000000 ____D C:\ProgramData\HP
2016-12-28 12:06 - 2016-12-28 12:06 - 01594828 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-28 12:06 - 2016-12-28 12:06 - 00000199 _____ C:\Windows\SysWOW64\msiexec.log
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-28 12:04 - 2009-11-25 11:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-12-28 12:04 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-12-28 12:04 - 2009-11-25 11:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-12-28 12:03 - 2016-12-28 12:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf
2016-12-28 12:03 - 2012-11-08 07:32 - 00126856 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2016-12-28 12:03 - 2012-11-08 00:00 - 00081920 _____ C:\Windows\SysWOW64\mvusbews.dll
2016-12-28 12:03 - 2012-09-29 12:26 - 01366528 _____ C:\Windows\system32\HPM1210SM.exe
2016-12-28 12:03 - 2012-09-29 12:25 - 00409088 _____ C:\Windows\system32\HPM1210LM.DLL
2016-12-28 12:02 - 2016-12-28 12:02 - 00000000 ____D C:\Program Files\HP
2016-12-28 12:02 - 2012-11-08 00:00 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00089600 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\m1130wia2.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00082944 _____ C:\Windows\system32\mvusbews.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00052224 _____ C:\Windows\system32\HPM1210SMs.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00038912 _____ C:\Windows\system32\HPImgFlt.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00019968 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys
2016-12-28 12:02 - 2012-09-29 02:05 - 00350720 _____ C:\Windows\system32\mvhlewsi.dll
2016-12-28 11:52 - 2016-10-26 15:29 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-12-28 11:48 - 2016-12-28 11:50 - 00000000 ____D C:\Users\Isaela\Desktop\UTEIS
2016-12-28 11:44 - 2016-12-28 10:49 - 00000000 ____D C:\Windows\Panther
2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Adobe
2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Adobe
2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\Local\Adobe
2016-12-28 11:31 - 2017-03-07 15:19 - 00000000 ___RD C:\Users\Isaela\Documents\Scanned Documents
2016-12-28 11:31 - 2017-01-10 10:50 - 00000000 ____D C:\Users\Isaela\Documents\Fax
2016-12-28 11:30 - 2016-12-28 12:00 - 222998632 _____ C:\Users\Isaela\Downloads\LJM1130_M1210_MFP_Full_Solution.exe
2016-12-28 11:27 - 2017-03-07 15:30 - 00000000 ____D C:\Users\Isaela\AppData\Local\ElevatedDiagnostics
2016-12-28 11:22 - 2017-03-06 13:26 - 01854260 ____H C:\Users\Isaela\AppData\Local\IconCache.db
2016-12-28 11:20 - 2017-03-07 15:43 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-28 11:20 - 2017-03-07 15:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-28 11:20 - 2016-12-28 11:20 - 00000000 ____D C:\Program Files\Intel
2016-12-28 11:18 - 2016-12-28 12:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-28 11:18 - 2016-12-28 11:18 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2016-12-28 11:14 - 2016-12-28 11:22 - 00000408 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2016-12-28 11:14 - 2016-12-28 11:14 - 00003814 _____ C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Easeware
2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\Program Files\Easeware
2016-12-28 11:11 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-28 11:11 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-12-28 11:11 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-12-28 11:11 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-12-28 11:11 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-12-28 11:11 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-12-28 11:11 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-12-28 11:11 - 2012-06-02 14:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-12-28 11:11 - 2012-06-02 14:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-12-28 11:08 - 2016-12-28 11:08 - 01065376 _____ (Google Inc.) C:\Users\Isaela\Downloads\ChromeSetup.exe
2016-12-28 11:05 - 2017-03-01 15:17 - 00001856 _____ C:\Windows\PFRO.log
2016-12-28 11:04 - 2017-01-12 11:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-28 11:04 - 2016-12-29 12:42 - 00085712 _____ C:\Users\Isaela\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-28 11:04 - 2016-12-28 11:04 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Windows\SysWOW64\Wat
2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Windows\system32\Wat
2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\WinRAR
2016-12-28 11:03 - 2017-01-02 10:23 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-12-28 11:03 - 2017-01-02 10:23 - 00000000 ____D C:\ProgramData\Adobe
2016-12-28 11:03 - 2016-12-28 11:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-28 11:02 - 2016-12-28 11:02 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2016-12-28 11:01 - 2017-01-30 10:31 - 00000000 ____D C:\Users\Isaela\AppData\Local\Diagnostics
2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\Users\Public\Foxit Software
2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-12-28 11:00 - 2014-02-06 15:00 - 00127488 _____ C:\Windows\system32\ff_vfw.dll
2016-12-28 11:00 - 2014-02-06 15:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2016-12-28 11:00 - 2013-12-01 10:10 - 00257624 _____ C:\Windows\system32\unrar64.dll
2016-12-28 11:00 - 2013-12-01 10:10 - 00218200 _____ C:\Windows\SysWOW64\unrar.dll
2016-12-28 11:00 - 2013-03-17 15:22 - 03554304 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2016-12-28 11:00 - 2013-03-17 14:21 - 03649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2016-12-28 11:00 - 2012-07-21 08:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2016-12-28 11:00 - 2012-07-21 08:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2016-12-28 11:00 - 2011-12-07 15:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2016-12-28 11:00 - 2011-12-07 15:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2016-12-28 11:00 - 2011-06-24 12:45 - 00258560 _____ C:\Windows\system32\xvidvfw.dll
2016-12-28 11:00 - 2011-06-24 12:44 - 00243200 _____ C:\Windows\SysWOW64\xvidvfw.dll
2016-12-28 11:00 - 2011-06-24 12:31 - 00703488 _____ C:\Windows\system32\xvidcore.dll
2016-12-28 11:00 - 2011-06-24 12:28 - 00650752 _____ C:\Windows\SysWOW64\xvidcore.dll
2016-12-28 10:59 - 2016-12-28 11:00 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Foxit Software
2016-12-28 10:59 - 2016-12-28 10:59 - 00000000 ____D C:\Users\Isaela\AppData\Local\Programs
2016-12-28 10:59 - 2016-12-28 10:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-12-28 10:57 - 2017-02-17 09:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-28 10:57 - 2017-02-07 09:05 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-28 10:57 - 2017-02-07 09:05 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-28 10:57 - 2016-12-28 11:34 - 00000000 ____D C:\Users\Isaela\AppData\Local\Google
2016-12-28 10:57 - 2016-12-28 11:17 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-28 10:57 - 2016-12-28 11:17 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-28 10:57 - 2016-12-28 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-28 10:56 - 2016-12-28 12:04 - 00000000 ____D C:\Program Files (x86)\Microsoft.NET
2016-12-28 10:56 - 2016-12-28 10:56 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2016-12-28 10:56 - 2016-12-28 10:56 - 00001166 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Windows\PCHEALTH
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Sun
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-28 10:55 - 2017-03-07 15:59 - 00000000 __SHD C:\Windows\Installer
2016-12-28 10:55 - 2016-12-28 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-28 10:55 - 2016-12-28 12:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-28 10:55 - 2016-12-28 10:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-28 10:55 - 2016-12-28 10:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-28 10:55 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 __RHD C:\MSOCache
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft Help
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files\WinRAR
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-28 10:53 - 2017-02-17 15:15 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DRPSu
2016-12-28 10:53 - 2016-12-28 11:07 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Microsoft
2016-12-28 10:50 - 2016-12-28 10:50 - 00001389 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-12-28 10:50 - 2016-12-28 10:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-12-28 10:49 - 2017-03-07 16:08 - 02097152 ___SH C:\Users\Isaela\NTUSER.DAT
2016-12-28 10:49 - 2017-03-07 16:08 - 00262144 ___SH C:\Users\Isaela\ntuser.dat.LOG1
2016-12-28 10:49 - 2017-03-07 16:08 - 00000000 ___RD C:\Users\Isaela\Documents
2016-12-28 10:49 - 2017-03-07 16:08 - 00000000 ____D C:\Users\Isaela\AppData\Local\Temp
2016-12-28 10:49 - 2017-03-07 16:05 - 00000000 ___RD C:\Users\Isaela\Downloads
2016-12-28 10:49 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming
2016-12-28 10:49 - 2017-03-07 15:50 - 00000000 ___RD C:\Users\Isaela\Desktop
2016-12-28 10:49 - 2017-03-07 15:43 - 01896101 _____ C:\Windows\WindowsUpdate.log
2016-12-28 10:49 - 2017-03-07 15:35 - 00000000 ____D C:\Users\Isaela\AppData\Local
2016-12-28 10:49 - 2017-03-07 15:13 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-28 10:49 - 2017-02-24 17:44 - 00000000 ___SD C:\Users\Isaela\AppData\Roaming\Microsoft
2016-12-28 10:49 - 2017-02-23 08:23 - 00000000 ___RD C:\Users\Isaela\Pictures
2016-12-28 10:49 - 2017-02-23 08:23 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow
2016-12-28 10:49 - 2017-02-17 15:06 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-28 10:49 - 2017-02-17 15:06 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft
2016-12-28 10:49 - 2017-02-17 15:05 - 00000000 ____D C:\Users\Isaela
2016-12-28 10:49 - 2017-02-13 10:12 - 00000000 ___RD C:\Users\Isaela\Videos
2016-12-28 10:49 - 2017-01-25 16:14 - 00000000 ___RD C:\Users\Isaela\Saved Games
2016-12-28 10:49 - 2017-01-24 10:51 - 00000000 ____D C:\Users\Isaela\AppData\Local\VirtualStore
2016-12-28 10:49 - 2017-01-24 10:50 - 00000000 ___RD C:\Users\Isaela\Favorites
2016-12-28 10:49 - 2016-12-28 12:04 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-28 10:49 - 2016-12-28 11:05 - 00524288 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 10:49 - 2016-12-28 11:05 - 00524288 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 10:49 - 2016-12-28 11:05 - 00065536 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2016-12-28 10:49 - 2016-12-28 10:50 - 00001423 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-28 10:49 - 2016-12-28 10:50 - 00000476 ___SH C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000402 ___SH C:\Users\Isaela\Documents\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000282 ___SH C:\Users\Isaela\Downloads\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000282 ___SH C:\Users\Isaela\Desktop\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000174 ___SH C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Searches
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Music
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Links
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Contacts
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-28 10:49 - 2016-12-28 10:49 - 00000020 ___SH C:\Users\Isaela\ntuser.ini
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\SendTo
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Recent
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Meus documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Cookies
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Configurações locais
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Temporary Internet Files
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Ambiente de rede
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Ambiente de impressão
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 __SHD C:\Recovery
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ___SH C:\Users\Isaela\ntuser.dat.LOG2
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ___HD C:\Users\Isaela\AppData
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Identities
2016-12-28 10:49 - 2009-07-14 15:11 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Media Center Programs
2016-12-28 10:49 - 2009-07-14 01:54 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-28 10:49 - 2009-07-14 01:49 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-28 10:47 - 2016-12-28 10:47 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-28 10:47 - 2016-12-28 10:47 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-28 10:47 - 2016-12-28 10:47 - 00001313 _____ C:\Windows\TSSysprep.log
2016-12-28 10:45 - 2017-03-07 16:05 - 00000000 ____D C:\Windows\Prefetch
2016-12-28 10:45 - 2017-03-07 15:58 - 00000000 __SHD C:\System Volume Information
2016-12-28 10:45 - 2017-03-07 07:41 - 3982843904 ___SH C:\pagefile.sys
2016-12-28 10:45 - 2017-03-07 07:41 - 2987130880 ___SH C:\hiberfil.sys
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-07 15:13 - 2009-07-14 15:11 - 00000000 ____D C:\Windows\ShellNew
2017-03-07 07:46 - 2009-07-14 14:55 - 00702882 _____ C:\Windows\system32\prfh0416.dat
2017-03-07 07:46 - 2009-07-14 14:55 - 00145668 _____ C:\Windows\system32\prfc0416.dat
2017-03-07 07:46 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 07:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-07 07:41 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-17 15:03 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-02-17 15:03 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
==================== Arquivos na raiz de alguns diretórios =======
2017-02-18 07:44 - 2017-03-07 07:42 - 0000269 _____ () C:\Users\Isaela\AppData\Roaming\WB.CFG
2017-03-07 15:19 - 2017-03-07 15:19 - 0400607 _____ () C:\Users\Isaela\AppData\Local\Bron.tok.A9.em.bin
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\csrss.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\inetinfo.exe
2017-03-07 15:14 - 2017-03-07 15:14 - 0402607 _____ () C:\Users\Isaela\AppData\Local\ListHost9.txt
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\lsass.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\services.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\smss.exe
2017-03-07 15:35 - 2017-03-07 15:35 - 0408568 _____ () C:\Users\Isaela\AppData\Local\Update.9.Bron.Tok.bin
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 ____N () C:\Users\Isaela\AppData\Local\winlogon.exe
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{28A7159C-0698-70E8-0621-32059762567D}.job
C:\Windows\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}.job
Alguns arquivos em TEMP:
====================
2017-02-27 12:38 - 2017-02-27 12:38 - 0022016 _____ () C:\Users\Isaela\AppData\Local\Temp\1llcvnob.dll
2017-02-17 15:16 - 2017-02-17 15:16 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\BSvcProcessor.exe
2017-02-17 15:16 - 2017-02-17 15:16 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\BSvcUpdater.exe
2017-03-07 15:30 - 2017-03-07 15:30 - 0004096 _____ () C:\Users\Isaela\AppData\Local\Temp\d4ssqpoy.dll
2017-03-07 15:50 - 2017-03-07 15:50 - 1806392 _____ ( ) C:\Users\Isaela\AppData\Local\Temp\ICReinstall_Baixaki_skype_V76BqM.exe
2017-02-24 15:09 - 2017-02-24 15:09 - 0022016 _____ () C:\Users\Isaela\AppData\Local\Temp\v12cafxo.dll
2017-03-07 15:19 - 2017-03-07 15:58 - 14456872 _____ (Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:38] - [2016-12-28 11:04] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2009-07-13 20:24] - [2016-12-28 11:04] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-04 18:06
==================== Fim de FRST.txt ============================
Executado por Isaela (administrador) em ISAELA-PC (07-03-2017 16:08:07)
Executando a partir de C:\Users\Isaela\Documents
Perfis Carregados: Isaela (Perfis Disponíveis: Isaela)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(CompSoft) C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
() C:\ecosis\Eco Backup\EcoBackupServer.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(EcoCentauro Sistemas®) C:\ecosis\windows\eco.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DLL-files.com) C:\Program Files (x86)\DLL-Files.com Client\DLLFilesClient.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032 2012-05-02] (CompSoft)
HKLM-x32\...\Run: [BackupServer] => C:\ecosis\Eco Backup\EcoBackupServer.exe [6162944 2016-09-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Bron-Spizaetus] => C:\Windows\ShellNew\bronstab.exe [41385 2008-06-15] ()
HKLM-x32\...\RunOnce: [Lomobasapa] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Roaming\53BA83~1\Dadihis.dat"
HKLM-x32\...\RunOnce: [Minatimobite] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Roaming\28A715~1\Fafegamecad.dat"
HKLM-x32\...\RunOnce: [Hirec] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Local\65C6B4~1\Fonerob.dat"
HKLM-x32\...\RunOnce: [Gesosog] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Local\3989CF~1\Lefehebi.dat"
HKLM-x32\...\Winlogon: [Shell] Explorer.exe "C:\Windows\eksplorasi.exe" [ ] () <=== ATENÇÃO
Winlogon\Notify\ GbPluginScd: C:\Program Files (x86)\GbPlugin\gbiehScd.dll [2016-05-06] (Sicredi)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [BingSvc] => C:\Users\Isaela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Chromium] => c:\users\isaela\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [GoogleChromeAutoLaunch_C8955BFA0AA994214B6901E396B99EB3] => C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Tok-Cirrhatus] => C:\Users\Isaela\AppData\Local\smss.exe [41385 2008-06-15] ()
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\Explorer: [NoFolderOptions] 1
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files (x86)\GbPlugin\gbiehscd.dll [1915104 2016-05-06] (Sicredi)
Startup: C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EcoBackupServer - Atalho.lnk [2016-12-28]
ShortcutTarget: EcoBackupServer - Atalho.lnk -> C:\ecosis\Eco Backup\EcoBackupServer.exe ()
Startup: C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif [2008-06-15] ()
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Um script HTML foi detectado no Hosts. Veja a seção Hosts do Addition.txt <==== ATENÇÃO
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A00BD657-055F-4444-B758-FDBF930C137A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE74CBE6-469F-48D6-88D2-FE7FD16B8565}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=pt-br
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-14] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540011} -> C:\Program Files (x86)\GbPlugin\gbiehscd.dll [2016-05-06] (Sicredi)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-14] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll [2016-12-28] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll [2016-12-28] ()
FF Plugin-x32: @DVR/npmedia-intelbras,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\HDCVI\WebPlugin\npmedia.dll [2015-02-04] ()
FF Plugin-x32: @DVR/npTimeGrid-intelbras,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\HDCVI\WebPlugin\npTimeGrid.dll [2015-02-04] (Unauthorized copy)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/scd -> C:\Windows\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_scd.dll [Nenhum Arquivo]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default [2017-03-07]
CHR Extension: (Hermes Tab) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg [2017-02-27]
CHR Extension: (Search Manager) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-02-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [146912 2017-01-18] (Byte Technologies LLC)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project) [Arquivo não assinado]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-05-06] (GAS Tecnologia)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado]
R2 NetExpress Updater; C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe [20424 2016-10-13] ()
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-02-17] ()
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1926672 2016-12-29] (Scopus Soluções em TI Ltda)
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS Tecnologia LTDA)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2016-12-28] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-03-07] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-06] (GAS Tecnologia)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation )
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-06] (GAS Tecnologia LTDA)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-03-07] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [97376 2016-06-08] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-07 16:08 - 2017-03-07 16:08 - 00023409 _____ C:\Users\Isaela\Documents\FRST.txt
2017-03-07 16:06 - 2017-03-07 16:08 - 00000000 ____D C:\FRST
2017-03-07 16:05 - 2017-03-07 16:05 - 02423808 _____ (Farbar) C:\Users\Isaela\Documents\FRST64.exe
2017-03-07 16:05 - 2017-03-07 16:05 - 01765888 _____ (Farbar) C:\Users\Isaela\Documents\FRST.exe
2017-03-07 16:03 - 2017-03-07 16:03 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Isaela\Documents\clientsetup_fde-1.exe
2017-03-07 16:03 - 2017-03-07 16:03 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DLL-files.com
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DFXCT
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-03-07 15:56 - 2017-03-07 15:56 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\SkypeSetup (1).exe
2017-03-07 15:47 - 2017-03-07 15:47 - 01806392 _____ ( ) C:\Users\Isaela\Documents\Baixaki_skype_V76BqM.exe
2017-03-07 15:42 - 2017-03-07 15:42 - 00003142 _____ C:\Windows\System32\Tasks\{8C8E9068-E60A-4127-8B33-9ED965C50429}
2017-03-07 15:35 - 2017-03-07 15:35 - 00408568 _____ C:\Users\Isaela\AppData\Local\Update.9.Bron.Tok.bin
2017-03-07 15:34 - 2017-03-07 15:34 - 01806392 _____ ( ) C:\Users\Isaela\Documents\Baixaki_skype_V2Dhl0.exe
2017-03-07 15:30 - 2017-03-07 15:30 - 00002958 _____ C:\Windows\System32\Tasks\{C652FC53-961C-4DD3-9B62-232EA1BE3E60}
2017-03-07 15:29 - 2017-03-07 15:29 - 00002958 _____ C:\Windows\System32\Tasks\{BCF958CD-1A75-408C-AE66-FE2FDB756A93}
2017-03-07 15:29 - 2017-03-07 15:29 - 00002958 _____ C:\Windows\System32\Tasks\{85D4A90C-B623-4BD1-A703-2A1AF8065469}
2017-03-07 15:25 - 2017-03-07 15:25 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\SkypeSetup.exe
2017-03-07 15:22 - 2017-03-07 15:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-07 15:22 - 2017-03-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-07 15:19 - 2017-03-07 15:19 - 00400607 _____ C:\Users\Isaela\AppData\Local\Bron.tok.A9.em.bin
2017-03-07 15:19 - 2017-03-07 15:19 - 00000000 ____D C:\Users\Isaela\AppData\Local\Ok-SendMail-Bron-tok
2017-03-07 15:14 - 2017-03-07 15:14 - 00402607 _____ C:\Users\Isaela\AppData\Local\ListHost9.txt
2017-03-07 15:13 - 2017-03-07 15:13 - 00000000 ____D C:\Users\Isaela\AppData\Local\Bron.tok-9-7
2017-03-04 18:25 - 2017-03-04 18:25 - 00033132 _____ C:\Users\Isaela\Downloads\301A.tmp
2017-03-03 16:30 - 2017-03-03 16:30 - 00011211 _____ C:\Users\Isaela\Desktop\Neto - relatório.xlsx
2017-03-03 14:05 - 2017-03-03 14:05 - 00001106 _____ C:\Users\Isaela\Desktop\ARQUIVOS SPED.lnk
2017-03-03 10:23 - 2017-03-03 10:23 - 00048147 _____ C:\Users\Isaela\Desktop\relatorio (1).pdf
2017-03-03 10:21 - 2017-03-03 10:21 - 00007791 _____ C:\Users\Isaela\Desktop\relatorio.pdf
2017-03-03 08:18 - 2017-03-03 08:18 - 00000000 ___HD C:\Users\Isaela\AppData\Local\3989cf486cd66e6a
2017-03-01 12:30 - 2017-03-01 12:30 - 00000000 ____D C:\Users\Isaela\AppData\Local\ISL Online Cache
2017-02-28 17:03 - 2017-02-28 17:03 - 00000000 ___HD C:\Users\Isaela\AppData\Local\65c6b4a44332dd3b
2017-02-27 17:24 - 2017-02-27 17:24 - 02589033 _____ C:\Users\Isaela\Desktop\Fatura_012017_MARIA_4348_MASTER_00080875110087.PDF
2017-02-27 12:28 - 2017-02-27 12:28 - 00007153 _____ C:\Users\Isaela\Desktop\EXTRATO_POR_PERIODO_270217_132803.pdf
2017-02-27 09:40 - 2017-03-07 15:40 - 00000278 _____ C:\Windows\Tasks\{28A7159C-0698-70E8-0621-32059762567D}.job
2017-02-27 09:40 - 2017-02-28 16:40 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\28A7159C-0698-70E8-0621-32059762567D
2017-02-27 09:40 - 2017-02-27 09:40 - 00003222 _____ C:\Windows\System32\Tasks\{28A7159C-0698-70E8-0621-32059762567D}
2017-02-27 09:39 - 2017-02-27 09:41 - 00000000 ____D C:\Users\Isaela\AppData\Local\{65F953A5-4151-3F1D-2CC9-1AF508A1E66D}
2017-02-23 15:35 - 2013-10-14 15:41 - 00196608 _____ C:\Users\Isaela\Desktop\EcoSped.zip
2017-02-23 15:27 - 2017-02-23 15:27 - 00001040 _____ C:\Users\Isaela\Desktop\ECOSPED.lnk
2017-02-23 14:01 - 2017-03-07 15:50 - 00000000 ____D C:\Users\Isaela\Desktop\Notas Fiscais Entrada 2017
2017-02-21 17:17 - 2017-02-21 17:17 - 00004778 _____ C:\Users\Isaela\Downloads\7858.xml
2017-02-21 17:11 - 2017-02-21 17:11 - 00004751 _____ C:\Users\Isaela\Downloads\7856.xml
2017-02-21 16:41 - 2017-02-21 16:41 - 00006227 _____ C:\Users\Isaela\Downloads\138269.xml
2017-02-21 16:40 - 2017-02-21 16:40 - 00005555 _____ C:\Users\Isaela\Downloads\218917.xml
2017-02-21 16:35 - 2017-02-21 16:35 - 00005555 _____ C:\Users\Isaela\Downloads\62FD.tmp
2017-02-20 16:39 - 2017-02-20 16:39 - 00009272 _____ C:\Users\Isaela\Downloads\6556.xml
2017-02-20 16:13 - 2017-02-20 16:13 - 00008318 _____ C:\Users\Isaela\Downloads\38703.xml
2017-02-20 16:07 - 2017-02-20 16:08 - 00000000 ____D C:\Users\Isaela\Desktop\documentos Abelha
2017-02-20 15:54 - 2017-02-20 15:54 - 00005618 _____ C:\Users\Isaela\Downloads\198820 (2).xml
2017-02-20 15:54 - 2017-02-20 15:54 - 00002938 _____ C:\Users\Isaela\Downloads\198820.zip
2017-02-20 15:53 - 2017-02-20 15:53 - 00005618 _____ C:\Users\Isaela\Downloads\198820.xml
2017-02-20 15:47 - 2017-02-20 15:47 - 00005605 _____ C:\Users\Isaela\Downloads\este.xml
2017-02-20 09:24 - 2017-02-20 09:24 - 00007324 _____ C:\Users\Isaela\Downloads\205846.xml
2017-02-18 07:44 - 2017-03-07 07:42 - 00000269 _____ C:\Users\Isaela\AppData\Roaming\WB.CFG
2017-02-17 16:08 - 2017-02-17 16:08 - 00003480 _____ C:\Windows\System32\Tasks\ByteFence Scan
2017-02-17 16:08 - 2017-02-17 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2017-02-17 15:13 - 2017-02-17 15:13 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence
2017-02-17 15:13 - 2017-02-17 15:13 - 00000000 ____D C:\ProgramData\ByteFence
2017-02-17 15:06 - 2017-02-17 15:06 - 00002228 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-02-17 15:06 - 2017-02-17 15:06 - 00000000 ____D C:\Users\Isaela\AppData\Local\chromium
2017-02-17 15:05 - 2017-03-07 15:59 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-02-17 15:05 - 2017-03-07 15:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-17 15:05 - 2017-03-02 07:44 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Skype
2017-02-17 15:05 - 2017-02-17 15:05 - 00000000 ____D C:\Users\Isaela\Tracing
2017-02-17 15:03 - 2017-03-07 16:03 - 00000278 _____ C:\Windows\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}.job
2017-02-17 15:03 - 2017-03-07 09:03 - 00000000 ____D C:\Users\Todos os Usuários\{7278B71B-F83A-3DDD-7EFC-A39FE4BE2851}
2017-02-17 15:03 - 2017-03-07 09:03 - 00000000 ____D C:\ProgramData\{7278B71B-F83A-3DDD-7EFC-A39FE4BE2851}
2017-02-17 15:03 - 2017-03-07 07:42 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\53ba838ca5c100d424837cb8e78ab6af
2017-02-17 15:03 - 2017-02-27 09:39 - 00001455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2017-02-17 15:03 - 2017-02-27 09:39 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-02-17 15:03 - 2017-02-27 09:39 - 00000372 __RSH C:\ProgramData\ntuser.pol
2017-02-17 15:03 - 2017-02-17 15:07 - 00000000 ____D C:\Users\Isaela\AppData\Local\{1B3A2D66-3F92-41DE-520A-6436766298AE}
2017-02-17 15:03 - 2017-02-17 15:03 - 00004344 _____ C:\Windows\System32\Tasks\Yahoo! Powered daril
2017-02-17 15:03 - 2017-02-17 15:03 - 00003380 _____ C:\Windows\System32\Tasks\ByteFence
2017-02-17 15:03 - 2017-02-17 15:03 - 00003222 _____ C:\Windows\System32\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}
2017-02-17 15:02 - 2017-03-07 16:03 - 00000000 ____D C:\Program Files\ByteFence
2017-02-17 15:02 - 2017-03-07 15:34 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\Baixaki_skype.exe
2017-02-17 15:02 - 2017-02-17 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\ScreenShot
2017-02-17 15:02 - 2017-02-17 15:02 - 01858608 _____ (Internet ) C:\Users\Isaela\Desktop\Baixaki_skype_V1VnDc.exe
2017-02-17 15:02 - 2017-02-17 15:02 - 00001859 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ScreenShot.lnk
2017-02-17 15:02 - 2017-02-17 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot
2017-02-17 15:02 - 2017-02-17 15:02 - 00000000 ____D C:\Program Files (x86)\ScreenShot
2017-02-17 09:37 - 2017-02-17 09:37 - 00187329 _____ C:\Users\Isaela\Desktop\energia.pdf
2017-02-17 09:37 - 2017-02-17 09:37 - 00187329 _____ C:\Users\Isaela\Desktop\energ..pdf
2017-02-17 09:10 - 2017-02-17 09:10 - 00002172 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-02-17 09:10 - 2017-02-17 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro
2017-02-17 09:09 - 2017-02-17 09:10 - 01129376 _____ (Google Inc.) C:\GoogleEarthProSetup (1).exe
2017-02-17 09:08 - 2017-02-17 09:08 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-17 09:08 - 2017-02-17 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-17 09:07 - 2017-02-17 09:07 - 00000000 ____D C:\Windows\system32\appmgmt
2017-02-17 09:05 - 2017-02-17 09:05 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Google
2017-02-14 17:07 - 2017-02-14 17:07 - 00074741 _____ C:\Users\Isaela\Desktop\conta luz.pdf
2017-02-14 15:20 - 2017-02-14 15:20 - 00346254 _____ C:\Users\Isaela\Desktop\DiagnosticoBR.JAR
2017-02-14 15:19 - 2017-02-14 15:19 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Sun
2017-02-14 15:18 - 2017-02-14 15:19 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2017-02-14 15:18 - 2017-02-14 15:19 - 00000000 ____D C:\ProgramData\Oracle
2017-02-14 15:18 - 2017-02-14 15:18 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-14 15:18 - 2017-02-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-14 15:18 - 2017-02-14 15:18 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-14 13:37 - 2017-02-14 13:37 - 00308086 _____ C:\Users\Isaela\Desktop\boletoECO-14022017-9600.pdf
2017-02-09 10:45 - 2017-02-09 10:45 - 00000000 ____D C:\Users\Isaela\AppData\Local\mqtmvtiqc
2017-02-09 10:09 - 2017-02-09 10:09 - 00307973 _____ C:\Users\Isaela\Downloads\boletoECO-09022017-9600 (1).pdf
2017-02-09 09:24 - 2017-02-09 09:24 - 00307973 _____ C:\Users\Isaela\Downloads\boletoECO-09022017-9600.pdf
2017-02-09 09:14 - 2017-02-09 09:14 - 00003520 _____ C:\Users\Isaela\Downloads\Formulario-Sonegacao-Fiscal-(258747859).zip
2017-02-09 09:14 - 2017-02-09 09:14 - 00000000 ____D C:\Users\Isaela\AppData\Local\vzuxpnczm
2017-02-09 09:14 - 2017-02-09 09:14 - 00000000 ____D C:\Users\Isaela\AppData\Local\nnppcrvem
2017-02-09 09:13 - 2017-02-09 09:13 - 00003520 _____ C:\Users\Isaela\Downloads\Formulario-Sonegacao-Fiscal-(435788555).zip
2017-01-30 09:03 - 2017-01-30 09:03 - 00000182 _____ C:\Users\Isaela\Downloads\30 01 2017.html
2017-01-26 15:06 - 2017-01-26 15:06 - 00005192 _____ C:\Users\Isaela\Desktop\Bradesco_26012017_160550.OFX
2017-01-26 11:37 - 2017-03-07 10:49 - 00000000 ____D C:\Users\Isaela\Desktop\XML FORNCEDOR
2017-01-26 11:36 - 2017-01-26 11:36 - 00005368 _____ C:\Users\Isaela\Downloads\51170103382668000139550010000078151000078150.xml
2017-01-26 11:26 - 2017-01-26 11:27 - 20853080 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\BOIE9_PTBR_BO0085_VIS.EXE
2017-01-26 11:21 - 2017-01-26 11:23 - 60959120 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\EIE11_PT-BR_WOL_WIN764.EXE
2017-01-26 11:19 - 2017-01-26 11:20 - 36860720 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\IE9-WindowsVista-x64-ptb.exe
2017-01-26 11:16 - 2017-01-26 11:17 - 58491088 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\IE11-Windows6.1-x64-pt-br.exe
2017-01-25 16:14 - 2017-01-27 14:55 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft Games
2017-01-25 14:39 - 2017-01-25 14:40 - 02589033 _____ C:\Users\Isaela\Downloads\Fatura_012017_MARIA_4348_MASTER_00080875110087 (1).PDF
2017-01-25 10:38 - 2017-01-25 10:39 - 02589033 _____ C:\Users\Isaela\Downloads\Fatura_012017_MARIA_4348_MASTER_00080875110087.PDF
2017-01-24 13:34 - 2017-01-24 13:34 - 00091334 _____ C:\Users\Isaela\Downloads\Mineração Abelha - Solução de Consulta 67-2012 - Trib. Ouro.pdf
2017-01-24 10:49 - 2017-01-24 10:49 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlugin
2017-01-24 10:49 - 2017-01-24 10:49 - 00000000 ____D C:\Program Files (x86)\webrec
2017-01-24 08:30 - 2017-01-24 08:30 - 00031797 _____ C:\Users\Isaela\Downloads\JAYME (3).pdf
2017-01-24 08:30 - 2017-01-24 08:30 - 00019153 _____ C:\Users\Isaela\Downloads\208277.pdf
2017-01-23 13:49 - 2017-01-23 13:49 - 00194249 _____ C:\Users\Isaela\Downloads\JAYME VICENTE (1).pdf
2017-01-23 09:46 - 2017-01-23 09:46 - 00191138 _____ C:\Users\Isaela\Downloads\JAYME VICENTE.pdf
2017-01-19 17:07 - 2017-01-19 17:07 - 00075584 _____ C:\Users\Isaela\Downloads\documento_1267501_19_01_2017.pdf
2017-01-19 17:07 - 2017-01-19 17:07 - 00075052 _____ C:\Users\Isaela\Downloads\documento_1267501_19_01_2017 (1).pdf
2017-01-19 17:06 - 2017-01-19 17:06 - 00074715 _____ C:\Users\Isaela\Downloads\documento_1072236_19_01_2017.pdf
2017-01-18 16:59 - 2017-01-18 16:59 - 00331896 _____ C:\Users\Isaela\Downloads\boletoenotasreferente.zip
2017-01-18 16:59 - 2017-01-18 16:59 - 00331896 _____ C:\Users\Isaela\Downloads\boletoenotasreferente (1).zip
2017-01-18 13:58 - 2017-01-18 13:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-01-13 13:32 - 2017-01-13 13:33 - 00000000 ____D C:\Users\Isaela\Desktop\quitacao carregadeira
2017-01-13 13:18 - 2017-01-13 13:19 - 00000000 ____D C:\Users\Isaela\Desktop\EXTRATO DE PAGTO VOLVO EC 250
2017-01-12 16:26 - 2017-01-13 09:29 - 00000000 ____D C:\Users\Isaela\Desktop\Nota Fiscal Maquinários
2017-01-11 14:21 - 2017-01-11 14:21 - 00110561 _____ C:\Users\Isaela\Downloads\0720_019.PDF
2017-01-11 13:35 - 2017-01-11 13:35 - 00056811 _____ C:\Users\Isaela\Downloads\danfe52549.pdf
2017-01-09 16:54 - 2017-01-09 16:54 - 00030415 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES 06-03.pdf
2017-01-09 16:53 - 2017-01-09 16:53 - 00030409 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES 06-02.pdf
2017-01-09 16:50 - 2017-01-09 16:50 - 00030420 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES ME 05-04.pdf
2017-01-09 15:57 - 2017-01-09 15:57 - 00041160 _____ C:\Users\Isaela\Downloads\1Extrato (1).pdf
2017-01-09 15:50 - 2017-01-09 15:50 - 00041160 _____ C:\Users\Isaela\Downloads\1Extrato.pdf
2017-01-09 14:50 - 2017-01-09 14:50 - 00037974 _____ C:\Users\Isaela\Downloads\pedido 18935 (1).PDF
2017-01-09 14:49 - 2017-01-09 14:49 - 00080222 _____ C:\Users\Isaela\Downloads\nf 2525.pdf
2017-01-09 14:49 - 2017-01-09 14:49 - 00072064 _____ C:\Users\Isaela\Downloads\NF SERVICO 1484.pdf
2017-01-09 14:49 - 2017-01-09 14:49 - 00037974 _____ C:\Users\Isaela\Downloads\pedido 18935.PDF
2017-01-09 14:47 - 2017-01-09 14:47 - 00072423 _____ C:\Users\Isaela\Downloads\nf servico 1483.pdf
2017-01-09 14:47 - 2017-01-09 14:47 - 00031600 _____ C:\Users\Isaela\Downloads\NF 2524 Jayme.pdf
2017-01-09 14:47 - 2017-01-09 14:47 - 00019154 _____ C:\Users\Isaela\Downloads\Pedido 18778.PDF
2017-01-09 10:04 - 2017-01-09 10:04 - 00110783 _____ C:\Users\Isaela\Desktop\51170137525771000455550040002102001002343340-nfe.pdf
2017-01-09 10:03 - 2017-01-09 10:03 - 01748772 _____ C:\Users\Isaela\Desktop\NFe Nacional - mineracaoabelha@gmail.com - Gmail.html
2017-01-09 10:03 - 2017-01-09 10:03 - 00000000 ____D C:\Users\Isaela\Desktop\NFe Nacional - mineracaoabelha@gmail.com - Gmail_files
2017-01-09 09:25 - 2017-01-09 09:25 - 00075584 _____ C:\Users\Isaela\Downloads\documento_1267501_09_01_2017.pdf
2017-01-09 09:19 - 2017-01-09 09:19 - 00074741 _____ C:\Users\Isaela\Downloads\documento_1072236_09_01_2017 (1).pdf
2017-01-09 09:17 - 2017-01-09 09:17 - 00075152 _____ C:\Users\Isaela\Downloads\documento_1072236_09_01_2017.pdf
2017-01-09 08:45 - 2017-01-09 08:45 - 00000000 ____D C:\Users\Isaela\Desktop\doc. funcionarios
2017-01-06 16:22 - 2017-01-06 16:22 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto (2).htm
2017-01-06 13:13 - 2017-01-06 13:13 - 04683517 _____ C:\Users\Isaela\Downloads\JAYME VICENTE BOLETO 7055 NFE 9870.pdf
2017-01-05 16:45 - 2017-01-05 16:45 - 00013480 _____ C:\Users\Isaela\Downloads\relatorio.pdf
2017-01-05 10:31 - 2017-01-05 10:31 - 00000000 ____D C:\Users\Isaela\Desktop\comp. de pagamento
2017-01-05 10:29 - 2017-01-05 10:29 - 00000000 ____D C:\Users\Isaela\Documents\Meu Scanner
2017-01-04 08:41 - 2017-01-12 11:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-03 11:33 - 2017-01-03 11:33 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto.htm
2017-01-03 11:33 - 2017-01-03 11:33 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto (1).htm
2017-01-02 11:35 - 2017-03-03 19:40 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Scpad
2017-01-02 11:10 - 2017-01-02 11:10 - 00000938 _____ C:\Users\Public\Desktop\Navegador Exclusivo Bradesco.lnk
2017-01-02 11:10 - 2017-01-02 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Exclusivo Bradesco
2017-01-02 11:10 - 2017-01-02 11:10 - 00000000 ____D C:\Program Files (x86)\AppBrad
2017-01-02 11:07 - 2017-01-02 11:09 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador (2).exe
2017-01-02 10:31 - 2017-01-02 10:32 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador (1).exe
2016-12-29 16:28 - 2016-12-29 16:28 - 00116532 _____ C:\Users\Isaela\Downloads\IMG_7115.JPG
2016-12-29 16:28 - 2016-12-29 16:28 - 00113707 _____ C:\Users\Isaela\Downloads\IMG_7114.JPG
2016-12-29 12:43 - 2016-12-29 12:43 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Mozilla
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Todos os Usuários\scpbrad
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Isaela\AppData\Local\Geckofx
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\ProgramData\scpbrad
2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Program Files (x86)\scpbrad
2016-12-29 12:41 - 2016-12-29 12:41 - 00000000 ____D C:\Windows\Sun
2016-12-29 12:40 - 2017-03-03 19:40 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\NetExpress50
2016-12-29 10:56 - 2016-12-29 10:56 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME (2).pdf
2016-12-29 10:56 - 2016-12-29 10:56 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME (1).pdf
2016-12-29 10:54 - 2016-12-29 10:54 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME.pdf
2016-12-29 09:08 - 2016-12-29 09:11 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador.exe
2016-12-29 08:40 - 2016-12-29 17:00 - 00000251 _____ C:\Windows\SysWOW64\LogBackupServer29122016.txt
2016-12-28 16:29 - 2016-12-28 16:29 - 00001153 _____ C:\Users\Isaela\Desktop\BACKUP ECO CENTAURO.lnk
2016-12-28 15:16 - 2016-12-28 15:18 - 12223223 _____ C:\Users\Isaela\Downloads\EcoBackup v.1.0.6.000.rar
2016-12-28 14:58 - 2016-12-28 14:58 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\HK-Software
2016-12-28 14:57 - 2016-12-28 14:57 - 00001213 _____ C:\Users\Isaela\Desktop\IBExpertLive.lnk
2016-12-28 14:57 - 2016-12-28 14:57 - 00001163 _____ C:\Users\Isaela\Desktop\IBExpert.lnk
2016-12-28 14:57 - 2016-12-28 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HK-Software
2016-12-28 14:57 - 2016-12-28 14:57 - 00000000 ____D C:\Program Files (x86)\HK-Software
2016-12-28 14:23 - 2016-06-16 18:43 - 00036984 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddntf.sys
2016-12-28 14:23 - 2016-06-16 18:43 - 00008811 _____ C:\Windows\system32\Drivers\wsddntf.cat
2016-12-28 14:23 - 2016-06-16 14:06 - 00002708 _____ C:\Windows\system32\Drivers\wsddntf.inf
2016-12-28 14:23 - 2016-06-08 18:43 - 00097376 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-12-28 13:46 - 2016-12-28 13:46 - 00000000 ____D C:\Users\Isaela\Desktop\fluxo Eco sistemas
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 ____N C:\Users\Isaela\AppData\Local\winlogon.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 ____H C:\Windows\eksplorasi.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Windows\SysWOW64\Isaela's Setting.scr
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\Documents\Documents.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\smss.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\services.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\lsass.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\inetinfo.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\csrss.exe
2016-12-28 13:42 - 2016-12-28 13:42 - 00000000 ____D C:\Users\Todos os Usuários\AMMYY
2016-12-28 13:42 - 2016-12-28 13:42 - 00000000 ____D C:\ProgramData\AMMYY
2016-12-28 13:18 - 2017-03-07 07:41 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-12-28 13:18 - 2016-12-28 13:19 - 00001024 _____ C:\.rnd
2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ____D C:\Program Files\Diebold
2016-12-28 13:12 - 2017-03-07 16:08 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-12-28 13:12 - 2017-03-07 13:42 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-12-28 13:12 - 2017-03-07 13:42 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-28 13:12 - 2017-03-07 07:41 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-12-28 13:04 - 2016-12-28 13:12 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-12-28 13:04 - 2016-12-28 13:12 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-12-28 13:04 - 2016-12-28 13:04 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-12-28 13:04 - 2016-12-28 13:04 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-28 13:02 - 2016-12-28 13:20 - 00002911 _____ C:\Users\Isaela\Downloads\Diagnóstico Sicredi.log
2016-12-28 12:42 - 2016-12-28 12:46 - 00000000 ____D C:\Users\Isaela\ISAELA
2016-12-28 12:39 - 2016-12-28 12:39 - 00001042 _____ C:\Users\Isaela\Desktop\ammy.lnk
2016-12-28 12:39 - 2016-12-28 12:39 - 00000000 ____D C:\Program Files (x86)\DoroPDFWriter
2016-12-28 12:38 - 2012-05-02 16:38 - 07017723 _____ (CompSoft ) C:\Users\Isaela\Downloads\DoroSetup.exe
2016-12-28 12:37 - 2016-12-28 12:38 - 06987290 _____ C:\Users\Isaela\Downloads\DoroSetup.zip
2016-12-28 12:21 - 2017-03-07 15:12 - 00000000 ____D C:\Users\Todos os Usuários\firebird
2016-12-28 12:21 - 2017-03-07 15:12 - 00000000 ____D C:\ProgramData\firebird
2016-12-28 12:19 - 2016-12-28 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoCentauro ®
2016-12-28 12:19 - 2007-06-09 10:31 - 01069056 _____ (Daruma Automação) C:\Windows\SysWOW64\Daruma32.dll
2016-12-28 12:19 - 2002-08-28 15:40 - 00061440 _____ (ZANTHUS Indústria e Comércio de Equipamentos Eletrônicos Ltda.) C:\Windows\SysWOW64\qzecf32.dll
2016-12-28 12:18 - 2017-02-23 15:21 - 00000000 ____D C:\ecosis
2016-12-28 12:18 - 2017-01-26 13:06 - 00000681 _____ C:\Users\Public\Desktop\ECO SISTEMAS®.lnk
2016-12-28 12:18 - 2016-12-28 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoCentauro®
2016-12-28 12:17 - 2016-12-28 12:24 - 00000480 _____ C:\Windows\ODBC.INI
2016-12-28 12:17 - 2016-12-28 12:17 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports 9.lnk
2016-12-28 12:17 - 2016-12-28 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports 9 Tools
2016-12-28 12:16 - 2016-12-28 12:17 - 00000000 ____D C:\Program Files (x86)\Crystal Decisions
2016-12-28 12:16 - 2016-12-28 12:16 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\Users\Todos os Usuários\InstallShield
2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\ProgramData\InstallShield
2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\Program Files (x86)\Centauro Sistemas Ltda
2016-12-28 12:16 - 2004-08-09 05:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
2016-12-28 12:15 - 2016-12-28 12:18 - 00000000 ____D C:\Program Files (x86)\Firebird
2016-12-28 12:15 - 2016-12-28 12:17 - 00001754 _____ C:\Windows\ODBCINST.INI
2016-12-28 12:15 - 2016-12-28 12:15 - 00225280 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\IscDbc.dll
2016-12-28 12:15 - 2016-12-28 12:15 - 00200704 _____ (IBPhoenix Inc) C:\Windows\SysWOW64\OdbcJdbc.dll
2016-12-28 12:15 - 2016-12-28 12:15 - 00086016 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\OdbcJdbcSetup.dll
2016-12-28 12:15 - 2016-12-28 12:15 - 00028947 _____ C:\Windows\SysWOW64\OdbcJdbc.chm
2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\Users\Isaela\AppData\Local\OdbcJdbcSetup
2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32)
2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird
2016-12-28 12:15 - 2011-10-03 07:28 - 00548864 _____ (Firebird Project) C:\Windows\SysWOW64\GDS32.DLL
2016-12-28 12:12 - 2016-12-28 12:12 - 00206355 _____ C:\Users\Isaela\Documents\Digitalizador.jpg
2016-12-28 12:12 - 2016-12-28 12:12 - 00001030 _____ C:\Users\Isaela\Desktop\Digitalizar para.lnk
2016-12-28 12:09 - 2016-12-28 12:09 - 00000000 ____D C:\Users\Todos os Usuários\HP
2016-12-28 12:09 - 2016-12-28 12:09 - 00000000 ____D C:\ProgramData\HP
2016-12-28 12:06 - 2016-12-28 12:06 - 01594828 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-28 12:06 - 2016-12-28 12:06 - 00000199 _____ C:\Windows\SysWOW64\msiexec.log
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-28 12:04 - 2009-11-25 11:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-12-28 12:04 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-12-28 12:04 - 2009-11-25 11:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-12-28 12:04 - 2009-11-25 11:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-12-28 12:03 - 2016-12-28 12:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf
2016-12-28 12:03 - 2012-11-08 07:32 - 00126856 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2016-12-28 12:03 - 2012-11-08 00:00 - 00081920 _____ C:\Windows\SysWOW64\mvusbews.dll
2016-12-28 12:03 - 2012-09-29 12:26 - 01366528 _____ C:\Windows\system32\HPM1210SM.exe
2016-12-28 12:03 - 2012-09-29 12:25 - 00409088 _____ C:\Windows\system32\HPM1210LM.DLL
2016-12-28 12:02 - 2016-12-28 12:02 - 00000000 ____D C:\Program Files\HP
2016-12-28 12:02 - 2012-11-08 00:00 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00089600 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\m1130wia2.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00082944 _____ C:\Windows\system32\mvusbews.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00052224 _____ C:\Windows\system32\HPM1210SMs.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00038912 _____ C:\Windows\system32\HPImgFlt.dll
2016-12-28 12:02 - 2012-11-08 00:00 - 00019968 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys
2016-12-28 12:02 - 2012-09-29 02:05 - 00350720 _____ C:\Windows\system32\mvhlewsi.dll
2016-12-28 11:52 - 2016-10-26 15:29 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-12-28 11:48 - 2016-12-28 11:50 - 00000000 ____D C:\Users\Isaela\Desktop\UTEIS
2016-12-28 11:44 - 2016-12-28 10:49 - 00000000 ____D C:\Windows\Panther
2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Adobe
2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Adobe
2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\Local\Adobe
2016-12-28 11:31 - 2017-03-07 15:19 - 00000000 ___RD C:\Users\Isaela\Documents\Scanned Documents
2016-12-28 11:31 - 2017-01-10 10:50 - 00000000 ____D C:\Users\Isaela\Documents\Fax
2016-12-28 11:30 - 2016-12-28 12:00 - 222998632 _____ C:\Users\Isaela\Downloads\LJM1130_M1210_MFP_Full_Solution.exe
2016-12-28 11:27 - 2017-03-07 15:30 - 00000000 ____D C:\Users\Isaela\AppData\Local\ElevatedDiagnostics
2016-12-28 11:22 - 2017-03-06 13:26 - 01854260 ____H C:\Users\Isaela\AppData\Local\IconCache.db
2016-12-28 11:20 - 2017-03-07 15:43 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-28 11:20 - 2017-03-07 15:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-28 11:20 - 2016-12-28 11:20 - 00000000 ____D C:\Program Files\Intel
2016-12-28 11:18 - 2016-12-28 12:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-28 11:18 - 2016-12-28 11:18 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2016-12-28 11:14 - 2016-12-28 11:22 - 00000408 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2016-12-28 11:14 - 2016-12-28 11:14 - 00003814 _____ C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Easeware
2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\Program Files\Easeware
2016-12-28 11:11 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-28 11:11 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-12-28 11:11 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-12-28 11:11 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-12-28 11:11 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-12-28 11:11 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-12-28 11:11 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-12-28 11:11 - 2012-06-02 14:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-12-28 11:11 - 2012-06-02 14:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-12-28 11:08 - 2016-12-28 11:08 - 01065376 _____ (Google Inc.) C:\Users\Isaela\Downloads\ChromeSetup.exe
2016-12-28 11:05 - 2017-03-01 15:17 - 00001856 _____ C:\Windows\PFRO.log
2016-12-28 11:04 - 2017-01-12 11:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-12-28 11:04 - 2016-12-29 12:42 - 00085712 _____ C:\Users\Isaela\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-28 11:04 - 2016-12-28 11:04 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Windows\SysWOW64\Wat
2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Windows\system32\Wat
2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\WinRAR
2016-12-28 11:03 - 2017-01-02 10:23 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-12-28 11:03 - 2017-01-02 10:23 - 00000000 ____D C:\ProgramData\Adobe
2016-12-28 11:03 - 2016-12-28 11:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-28 11:02 - 2016-12-28 11:02 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2016-12-28 11:01 - 2017-01-30 10:31 - 00000000 ____D C:\Users\Isaela\AppData\Local\Diagnostics
2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\Users\Public\Foxit Software
2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-12-28 11:00 - 2014-02-06 15:00 - 00127488 _____ C:\Windows\system32\ff_vfw.dll
2016-12-28 11:00 - 2014-02-06 15:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2016-12-28 11:00 - 2013-12-01 10:10 - 00257624 _____ C:\Windows\system32\unrar64.dll
2016-12-28 11:00 - 2013-12-01 10:10 - 00218200 _____ C:\Windows\SysWOW64\unrar.dll
2016-12-28 11:00 - 2013-03-17 15:22 - 03554304 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2016-12-28 11:00 - 2013-03-17 14:21 - 03649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2016-12-28 11:00 - 2012-07-21 08:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2016-12-28 11:00 - 2012-07-21 08:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2016-12-28 11:00 - 2011-12-07 15:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2016-12-28 11:00 - 2011-12-07 15:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2016-12-28 11:00 - 2011-06-24 12:45 - 00258560 _____ C:\Windows\system32\xvidvfw.dll
2016-12-28 11:00 - 2011-06-24 12:44 - 00243200 _____ C:\Windows\SysWOW64\xvidvfw.dll
2016-12-28 11:00 - 2011-06-24 12:31 - 00703488 _____ C:\Windows\system32\xvidcore.dll
2016-12-28 11:00 - 2011-06-24 12:28 - 00650752 _____ C:\Windows\SysWOW64\xvidcore.dll
2016-12-28 10:59 - 2016-12-28 11:00 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Foxit Software
2016-12-28 10:59 - 2016-12-28 10:59 - 00000000 ____D C:\Users\Isaela\AppData\Local\Programs
2016-12-28 10:59 - 2016-12-28 10:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-12-28 10:57 - 2017-02-17 09:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-28 10:57 - 2017-02-07 09:05 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-28 10:57 - 2017-02-07 09:05 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-28 10:57 - 2016-12-28 11:34 - 00000000 ____D C:\Users\Isaela\AppData\Local\Google
2016-12-28 10:57 - 2016-12-28 11:17 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-28 10:57 - 2016-12-28 11:17 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-28 10:57 - 2016-12-28 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-28 10:56 - 2016-12-28 12:04 - 00000000 ____D C:\Program Files (x86)\Microsoft.NET
2016-12-28 10:56 - 2016-12-28 10:56 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2016-12-28 10:56 - 2016-12-28 10:56 - 00001166 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Windows\PCHEALTH
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Sun
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-28 10:55 - 2017-03-07 15:59 - 00000000 __SHD C:\Windows\Installer
2016-12-28 10:55 - 2016-12-28 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-28 10:55 - 2016-12-28 12:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-28 10:55 - 2016-12-28 10:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-28 10:55 - 2016-12-28 10:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-28 10:55 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 __RHD C:\MSOCache
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft Help
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files\WinRAR
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-28 10:53 - 2017-02-17 15:15 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DRPSu
2016-12-28 10:53 - 2016-12-28 11:07 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Microsoft
2016-12-28 10:50 - 2016-12-28 10:50 - 00001389 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-12-28 10:50 - 2016-12-28 10:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-12-28 10:49 - 2017-03-07 16:08 - 02097152 ___SH C:\Users\Isaela\NTUSER.DAT
2016-12-28 10:49 - 2017-03-07 16:08 - 00262144 ___SH C:\Users\Isaela\ntuser.dat.LOG1
2016-12-28 10:49 - 2017-03-07 16:08 - 00000000 ___RD C:\Users\Isaela\Documents
2016-12-28 10:49 - 2017-03-07 16:08 - 00000000 ____D C:\Users\Isaela\AppData\Local\Temp
2016-12-28 10:49 - 2017-03-07 16:05 - 00000000 ___RD C:\Users\Isaela\Downloads
2016-12-28 10:49 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming
2016-12-28 10:49 - 2017-03-07 15:50 - 00000000 ___RD C:\Users\Isaela\Desktop
2016-12-28 10:49 - 2017-03-07 15:43 - 01896101 _____ C:\Windows\WindowsUpdate.log
2016-12-28 10:49 - 2017-03-07 15:35 - 00000000 ____D C:\Users\Isaela\AppData\Local
2016-12-28 10:49 - 2017-03-07 15:13 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-28 10:49 - 2017-02-24 17:44 - 00000000 ___SD C:\Users\Isaela\AppData\Roaming\Microsoft
2016-12-28 10:49 - 2017-02-23 08:23 - 00000000 ___RD C:\Users\Isaela\Pictures
2016-12-28 10:49 - 2017-02-23 08:23 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow
2016-12-28 10:49 - 2017-02-17 15:06 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-28 10:49 - 2017-02-17 15:06 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft
2016-12-28 10:49 - 2017-02-17 15:05 - 00000000 ____D C:\Users\Isaela
2016-12-28 10:49 - 2017-02-13 10:12 - 00000000 ___RD C:\Users\Isaela\Videos
2016-12-28 10:49 - 2017-01-25 16:14 - 00000000 ___RD C:\Users\Isaela\Saved Games
2016-12-28 10:49 - 2017-01-24 10:51 - 00000000 ____D C:\Users\Isaela\AppData\Local\VirtualStore
2016-12-28 10:49 - 2017-01-24 10:50 - 00000000 ___RD C:\Users\Isaela\Favorites
2016-12-28 10:49 - 2016-12-28 12:04 - 00000000 ____D C:\Windows\SoftwareDistribution
2016-12-28 10:49 - 2016-12-28 11:05 - 00524288 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2016-12-28 10:49 - 2016-12-28 11:05 - 00524288 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2016-12-28 10:49 - 2016-12-28 11:05 - 00065536 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2016-12-28 10:49 - 2016-12-28 10:50 - 00001423 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-28 10:49 - 2016-12-28 10:50 - 00000476 ___SH C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000402 ___SH C:\Users\Isaela\Documents\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000282 ___SH C:\Users\Isaela\Downloads\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000282 ___SH C:\Users\Isaela\Desktop\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000174 ___SH C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Searches
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Music
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Links
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Contacts
2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-28 10:49 - 2016-12-28 10:49 - 00000020 ___SH C:\Users\Isaela\ntuser.ini
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\SendTo
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Recent
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Meus documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Cookies
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Configurações locais
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Temporary Internet Files
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Ambiente de rede
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Ambiente de impressão
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Modelos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Documentos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Arquivos de Programas
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 __SHD C:\Recovery
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ___SH C:\Users\Isaela\ntuser.dat.LOG2
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ___HD C:\Users\Isaela\AppData
2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Identities
2016-12-28 10:49 - 2009-07-14 15:11 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Media Center Programs
2016-12-28 10:49 - 2009-07-14 01:54 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-28 10:49 - 2009-07-14 01:49 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-28 10:47 - 2016-12-28 10:47 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-28 10:47 - 2016-12-28 10:47 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-28 10:47 - 2016-12-28 10:47 - 00001313 _____ C:\Windows\TSSysprep.log
2016-12-28 10:45 - 2017-03-07 16:05 - 00000000 ____D C:\Windows\Prefetch
2016-12-28 10:45 - 2017-03-07 15:58 - 00000000 __SHD C:\System Volume Information
2016-12-28 10:45 - 2017-03-07 07:41 - 3982843904 ___SH C:\pagefile.sys
2016-12-28 10:45 - 2017-03-07 07:41 - 2987130880 ___SH C:\hiberfil.sys
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-07 15:13 - 2009-07-14 15:11 - 00000000 ____D C:\Windows\ShellNew
2017-03-07 07:46 - 2009-07-14 14:55 - 00702882 _____ C:\Windows\system32\prfh0416.dat
2017-03-07 07:46 - 2009-07-14 14:55 - 00145668 _____ C:\Windows\system32\prfc0416.dat
2017-03-07 07:46 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 07:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-07 07:41 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-17 15:03 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-02-17 15:03 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
==================== Arquivos na raiz de alguns diretórios =======
2017-02-18 07:44 - 2017-03-07 07:42 - 0000269 _____ () C:\Users\Isaela\AppData\Roaming\WB.CFG
2017-03-07 15:19 - 2017-03-07 15:19 - 0400607 _____ () C:\Users\Isaela\AppData\Local\Bron.tok.A9.em.bin
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\csrss.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\inetinfo.exe
2017-03-07 15:14 - 2017-03-07 15:14 - 0402607 _____ () C:\Users\Isaela\AppData\Local\ListHost9.txt
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\lsass.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\services.exe
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\smss.exe
2017-03-07 15:35 - 2017-03-07 15:35 - 0408568 _____ () C:\Users\Isaela\AppData\Local\Update.9.Bron.Tok.bin
2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 ____N () C:\Users\Isaela\AppData\Local\winlogon.exe
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{28A7159C-0698-70E8-0621-32059762567D}.job
C:\Windows\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}.job
Alguns arquivos em TEMP:
====================
2017-02-27 12:38 - 2017-02-27 12:38 - 0022016 _____ () C:\Users\Isaela\AppData\Local\Temp\1llcvnob.dll
2017-02-17 15:16 - 2017-02-17 15:16 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\BSvcProcessor.exe
2017-02-17 15:16 - 2017-02-17 15:16 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\BSvcUpdater.exe
2017-03-07 15:30 - 2017-03-07 15:30 - 0004096 _____ () C:\Users\Isaela\AppData\Local\Temp\d4ssqpoy.dll
2017-03-07 15:50 - 2017-03-07 15:50 - 1806392 _____ ( ) C:\Users\Isaela\AppData\Local\Temp\ICReinstall_Baixaki_skype_V76BqM.exe
2017-02-24 15:09 - 2017-02-24 15:09 - 0022016 _____ () C:\Users\Isaela\AppData\Local\Temp\v12cafxo.dll
2017-03-07 15:19 - 2017-03-07 15:58 - 14456872 _____ (Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:38] - [2016-12-28 11:04] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2009-07-13 20:24] - [2016-12-28 11:04] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-04 18:06
==================== Fim de FRST.txt ============================