Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 28-05-2017
Executado por MAQ (administrador) em MAQ-PC (29-05-2017 20:03:34)
Executando a partir de C:\Users\MAQ\Desktop
Perfis Carregados: MAQ (Perfis Disponíveis: MAQ)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\MAQ\AppData\Local\Temp\Java\SYSMAQ-PC.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Intel Service] => C:\Users\MAQ\AppData\Local\Temp\Java\SYSMAQ-PC.exe [96747520 2016-10-09] () <===== ATENÇÃO
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-01-18] (GAS Tecnologia LTDA)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-11] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ GbPluginBb: C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-12-09] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-08-10] (Caixa Economica Federal)
HKU\S-1-5-21-350283003-836572330-383190687-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1903328 2016-08-10] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-12-09] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [HKLM] => Proxy está habilitado.
ProxyServer: [HKLM] => 127.0.0.1:7207
ProxyEnable: [S-1-5-21-350283003-836572330-383190687-1000] => Proxy está habilitado.
ProxyServer: [S-1-5-21-350283003-836572330-383190687-1000] => 127.0.0.1:7207
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 8.8.8.8
Tcpip\..\Interfaces\{7DC3FD5A-514E-4BD6-A54C-1294B56DC42C}: [DhcpNameServer] 192.168.100.30
Tcpip\..\Interfaces\{81935925-774B-4BDA-9C15-BE3EA6867916}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{81935925-774B-4BDA-9C15-BE3EA6867916}: [DhcpNameServer] 192.168.8.1 8.8.8.8
ManualProxies: 1127.0.0.1:3190
Internet Explorer:
==================
HKU\S-1-5-21-350283003-836572330-383190687-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-350283003-836572330-383190687-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2016-10-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2016-10-09] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-12-09] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2016-08-10] (Caixa Economica Federal)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2016-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2016-10-09] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-14] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-14] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://bahkljhhdeciiaodlkppoonappfnheoi/content/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default [2017-05-29]
CHR Extension: (Google Apresentações) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-09]
CHR Extension: (Google Docs) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-09]
CHR Extension: (Google Drive) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-09]
CHR Extension: (Search Manager) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2017-04-10]
CHR Extension: (YouTube) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-23]
CHR Extension: (Planilhas do Google) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-09]
CHR Extension: (Documentos Google off-line) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-09]
CHR Extension: (Chrome Media Router) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-21]
CHR HKU\S-1-5-21-350283003-836572330-383190687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.ZPKUK252EZOKKQKEOG3VYRGNZ4 - C:\Users\MAQ\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-08-10] (GAS Tecnologia)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-01-18] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-04-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-04-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-04-11] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [51248 2017-04-11] (Avira Operations GmbH & Co. KG)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-08-10] (GAS Tecnologia)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2012-07-06] (GenesysLogic)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3780312 2015-04-16] (Realtek Semiconductor Corporation )
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-08-10] (GAS Tecnologia LTDA)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-05-18] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-05-29 20:03 - 2017-05-29 20:04 - 00015968 _____ C:\Users\MAQ\Desktop\FRST.txt
2017-05-29 20:01 - 2017-05-29 20:03 - 00000000 ____D C:\FRST
2017-05-29 19:54 - 2017-05-29 19:59 - 02429952 _____ (Farbar) C:\Users\MAQ\Downloads\FRST64 (1).exe
2017-05-29 19:52 - 2017-05-29 19:58 - 02429952 _____ (Farbar) C:\Users\MAQ\Desktop\FRST64.exe
2017-05-29 18:14 - 2017-05-29 18:14 - 00000000 ____D C:\Users\MAQ\Documents\CFO 2017
2017-05-27 10:49 - 2017-05-27 10:49 - 01280160 _____ ( ) C:\Users\MAQ\Downloads\WESLEY SAFADAO - REP-NOVO DE VERAO 2017 WWW-JAIRZINHOCDS-COM-BR (1).exe
2017-05-27 10:48 - 2017-05-27 10:49 - 01280160 _____ ( ) C:\Users\MAQ\Downloads\WESLEY SAFADAO - REP-NOVO DE VERAO 2017 WWW-JAIRZINHOCDS-COM-BR.exe
2017-05-22 00:26 - 2017-05-22 00:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-05-22 00:24 - 2017-04-11 17:10 - 00176968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00148104 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00051248 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00035328 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2017-05-21 19:39 - 2017-05-21 19:39 - 00000000 _____ C:\Users\MAQ\Downloads\Baixaki_mozilla-firefox_0996670004 (1).exe
2017-05-21 19:32 - 2017-05-21 19:32 - 00000000 _____ C:\Users\MAQ\Downloads\Baixaki_mozilla-firefox_0996670004.exe
2017-05-18 16:01 - 2017-05-29 19:00 - 00142530 _____ C:\Windows\ntbtlog.txt
2017-05-18 02:50 - 2017-05-18 02:50 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-18 02:50 - 2017-05-18 02:50 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-18 02:48 - 2017-05-18 02:48 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-18 02:48 - 2017-05-18 02:48 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-18 02:47 - 2017-05-18 02:48 - 00000000 ____D C:\Users\MAQ\AppData\Local\Deployment
2017-05-18 02:47 - 2017-05-18 02:47 - 00000000 ____D C:\Users\MAQ\AppData\Local\Apps\2.0
2017-05-17 21:14 - 2017-05-17 21:14 - 00174377 _____ C:\Users\MAQ\Desktop\CURRÍCULO VITAE.pdf
2017-05-17 21:12 - 2017-05-17 21:12 - 00176504 _____ C:\Users\MAQ\Documents\CURRÍCULO VITAE
2017-05-17 21:07 - 2017-05-17 21:07 - 00176504 _____ C:\Users\MAQ\Documents\a2430cf2-88b2-42ec-a516-f5dc15aad96b
2017-05-17 20:42 - 2017-05-17 20:42 - 00024408 _____ C:\Users\MAQ\Documents\CERTIÇÃO ESTADUAL - AÇOES CRIMINAIS.pdf
2017-05-17 20:37 - 2017-05-17 20:37 - 00007717 _____ C:\Users\MAQ\Documents\CERTIDÃO NEGATIVA DE ANTECEDENTES CRIMINAIS.pdf
2017-05-17 20:32 - 2017-05-17 20:30 - 00040246 _____ C:\Users\MAQ\Documents\ANTECEDENTES.xps
2017-05-17 20:31 - 2017-05-17 20:31 - 00000000 ____D C:\Users\MAQ\AppData\LocalLow\Temp
2017-05-17 20:30 - 2017-05-17 20:30 - 00040246 _____ C:\Users\MAQ\Documents\ANTECEDENTES CRIMINAIS.xps
2017-05-17 19:03 - 2017-05-17 19:04 - 00000000 ____D C:\Users\MAQ\Documents\ÁREA DE TRABALHO
2017-05-17 02:01 - 2017-05-18 18:30 - 00000000 ____D C:\Users\MAQ\Documents\ANTE-PROJETO DE PESQUISA JUSTIÇA RESTAURATIVA
2017-05-12 08:32 - 2017-05-12 08:32 - 01014858 _____ C:\Users\MAQ\Downloads\20717MaterialPPenalAulas-2-e-3.pdf
2017-05-12 08:32 - 2017-05-12 08:32 - 01005818 _____ C:\Users\MAQ\Downloads\20717ResumoP-PenalAula2.pdf
2017-05-12 00:55 - 2017-05-12 00:56 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO (LEITURA)
2017-05-12 00:53 - 2017-05-12 00:53 - 00405992 _____ C:\Users\MAQ\Downloads\6286-21175-1-PB.pdf
2017-05-12 00:53 - 2017-05-12 00:53 - 00282218 _____ C:\Users\MAQ\Downloads\4931-16332-1-PB.pdf
2017-05-12 00:43 - 2017-05-12 00:43 - 00359589 _____ C:\Users\MAQ\Downloads\2367-8035-1-PB.pdf
2017-05-12 00:43 - 2017-05-12 00:43 - 00359589 _____ C:\Users\MAQ\Downloads\2367-8035-1-PB (1).pdf
2017-05-12 00:09 - 2017-05-12 00:09 - 02187845 _____ C:\Users\MAQ\Downloads\Guia_de_Normas_Revista_DIZER_2017.pdf
2017-05-11 00:34 - 2017-05-11 00:34 - 00506909 _____ C:\Users\MAQ\Downloads\ilovepdf_com (6).pdf
2017-05-11 00:33 - 2017-05-11 00:33 - 00249660 _____ C:\Users\MAQ\Downloads\A3FF.tmp
2017-05-11 00:31 - 2017-05-11 00:31 - 00506909 _____ C:\Users\MAQ\Downloads\ilovepdf_com (5).pdf
2017-05-11 00:22 - 2017-05-11 00:22 - 00389484 _____ C:\Users\MAQ\Downloads\ilovepdf_com (4).pdf
2017-05-10 23:32 - 2017-05-10 23:32 - 00570017 _____ C:\Users\MAQ\Downloads\FICHA DE INSCRIÇÃO CEPEJ E DIPLOMA DE CONCLUSÃO DE CURSO (GRADUAÇÃO) (1).pdf
2017-05-10 23:31 - 2017-05-10 23:31 - 00570017 _____ C:\Users\MAQ\Downloads\FICHA DE INSCRIÇÃO CEPEJ E DIPLOMA DE CONCLUSÃO DE CURSO (GRADUAÇÃO).pdf
2017-05-10 22:25 - 2017-05-10 22:25 - 00502337 _____ C:\Users\MAQ\Downloads\ilovepdf_com (3).pdf
2017-05-10 21:50 - 2017-05-10 21:50 - 00516503 _____ C:\Users\MAQ\Downloads\ilovepdf_com (2).pdf
2017-05-10 21:47 - 2017-05-10 21:47 - 00362558 _____ C:\Users\MAQ\Downloads\A FALÊNCIA DA TEORIA DA PREVENÇÃO ESPECIAL DA PENA - REFLEXÃO SOBRE A ESPIRAL DA VIOLÊNCIA E O DISCUSSO DO ÓDIO NO BRASIL.pdf
2017-05-10 21:43 - 2017-05-10 21:43 - 00444348 _____ C:\Users\MAQ\Downloads\LISTA DE TRABALHOS APROVADOS EABRAPPS 2017 - DATA E LOCAL DE APRESENTACAO_FINAL.pdf
2017-05-10 15:30 - 2017-05-10 15:30 - 01355863 _____ C:\Users\MAQ\Downloads\Versao_integral_dissertacao_de_mestrado_Fernando_Vernice_dos.pdf
2017-05-05 17:54 - 2017-05-05 17:54 - 01377594 _____ C:\Users\MAQ\Downloads\20717MaterialPPenalAulas-1-e-2 (1).pdf
2017-05-04 19:16 - 2017-05-04 19:16 - 00257380 _____ C:\Users\MAQ\Downloads\Michel Andrade dos Santos Silva_CARTA DE ACEITE EABRAPPS 2017.pdf
2017-05-04 18:35 - 2017-05-10 23:29 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO CEPEJ
2017-05-04 02:14 - 2017-05-04 02:14 - 01377594 _____ C:\Users\MAQ\Downloads\20717MaterialPPenalAulas-1-e-2.pdf
2017-05-04 02:14 - 2017-05-04 02:14 - 00911467 _____ C:\Users\MAQ\Downloads\20717Resumo-Processo-Penal-Aula1.pdf
2017-05-03 22:04 - 2017-05-03 22:04 - 00877503 _____ C:\Users\MAQ\Downloads\20717ResumoD-CivilIaula3.pdf
2017-05-01 23:15 - 2017-05-01 23:15 - 01814442 _____ C:\Users\MAQ\Downloads\Edital - 01 - 2017 - ABDECON - Salvador. (2).pdf
2017-05-01 23:14 - 2017-05-01 23:14 - 01814442 _____ C:\Users\MAQ\Downloads\Edital - 01 - 2017 - ABDECON - Salvador. (1).pdf
2017-05-01 23:06 - 2017-05-01 23:20 - 00000000 ____D C:\Users\MAQ\Documents\impressão na caixa econômica
2017-05-01 21:26 - 2017-05-01 21:26 - 00102060 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA- (3).pdf
2017-05-01 21:25 - 2017-05-01 21:25 - 00102060 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA- (2).pdf
2017-05-01 21:24 - 2017-05-01 21:24 - 00102050 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA- (1).pdf
2017-05-01 21:12 - 2017-05-01 21:12 - 00180333 _____ C:\Users\MAQ\Downloads\ilovepdf_com (1).pdf
2017-05-01 21:11 - 2017-05-01 21:11 - 00180333 _____ C:\Users\MAQ\Downloads\ilovepdf_com.pdf
2017-05-01 20:40 - 2017-05-01 20:40 - 00233132 _____ C:\Users\MAQ\Downloads\Resumo_-_Feira_de_Santana.zip
2017-05-01 20:33 - 2017-05-01 20:33 - 00203487 _____ C:\Users\MAQ\Downloads\2 JUIZADO ESPECIAL DO LARGO DO TANQUE - A INCORPORAÇÃO DOS VALORES E PRÁTICAS RESTAURATIVAS NA RESOLUÇÃO DOS CONFLITOS PENAIS.pdf
2017-05-01 19:45 - 2017-05-18 15:54 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO FEIRA DE SANTANA I
2017-04-30 21:36 - 2017-05-18 02:20 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO ARACAJU
2017-04-30 18:08 - 2017-04-30 18:08 - 01328040 _____ C:\Users\MAQ\Downloads\Justica_restaurativa_da_teoria_a_pratica (2).pdf
2017-04-30 18:08 - 2017-04-30 18:08 - 01328040 _____ C:\Users\MAQ\Downloads\Justica_restaurativa_da_teoria_a_pratica (1).pdf
2017-04-29 21:18 - 2017-04-29 21:44 - 00000000 ____D C:\Users\MAQ\Documents\SELEÇÃO ABDECON
2017-04-29 19:43 - 2017-04-29 19:43 - 00073206 _____ C:\Users\MAQ\Downloads\Boleto-Enfase-8491.pdf
2017-04-27 20:15 - 2017-04-27 20:15 - 01814442 _____ C:\Users\MAQ\Downloads\Edital - 01 - 2017 - ABDECON - Salvador..pdf
2017-04-27 20:15 - 2017-04-27 20:15 - 01814442 _____ C:\Users\MAQ\Documents\Edital - 01 - 2017 - ABDECON - Salvador..pdf
2017-04-26 00:58 - 2017-04-26 03:07 - 00000000 ____D C:\Users\MAQ\Documents\26.04.2017
2017-04-24 00:18 - 2017-04-24 00:18 - 00141394 _____ C:\Users\MAQ\Downloads\Apresentação_oral_-_GT_2.zip
2017-04-24 00:07 - 2017-04-24 00:07 - 00106983 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA-.pdf
2017-04-23 23:55 - 2017-04-23 23:55 - 00104884 _____ C:\Users\MAQ\Downloads\A CRIMINALIDADE VIOLENTA NO ENGENHO VELHO DA FEDERAÇÃO - A CONFIRMAÇÃO DA FALÊNCIA DA TEORIA GERAL DA PENA -FOLHA DE ROSTO-.pdf
2017-04-23 17:08 - 2017-05-01 21:07 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO FEIRA DE SANTANA II
2017-04-22 18:37 - 2017-04-22 18:37 - 05498835 _____ C:\Users\MAQ\Downloads\CONCURSO PM-BA.b1
2017-04-21 03:47 - 2017-04-21 03:47 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-04-17 10:43 - 2017-04-17 10:43 - 00002110 _____ C:\Users\MAQ\Downloads\Calendar_RTC9EB (1).ics
2017-04-17 10:42 - 2017-04-17 10:42 - 01509578 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-17 10:42 - 2017-04-17 10:42 - 00002110 _____ C:\Users\MAQ\Downloads\Calendar_RTC9EB.ics
2017-04-16 08:50 - 2017-04-16 19:25 - 00011801 _____ C:\Users\MAQ\Documents\PLANÍLIA PREVIDÊNCIA SOCIAL (OSVALDO PEDRO DA SILVA).xlsx
2017-04-15 22:37 - 2017-04-17 00:09 - 00000000 ____D C:\Users\MAQ\Documents\15.04.17
2017-04-14 13:41 - 2017-04-14 13:41 - 00000000 ____D C:\Users\MAQ\Documents\comprovante de entrega da declaração do imposto de renda
2017-04-14 13:35 - 2017-04-14 13:41 - 00000000 ____D C:\Users\MAQ\.receitanet
2017-04-14 13:18 - 2017-04-14 13:18 - 00000000 ____D C:\Users\MAQ\.irpf
2017-04-10 20:48 - 2017-04-11 10:23 - 00000000 ____D C:\Users\MAQ\Documents\10.04.2017
2017-04-09 19:53 - 2017-04-09 23:32 - 00000000 ____D C:\Users\MAQ\Documents\09.04.2017
2017-04-05 23:47 - 2017-04-27 07:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-05 23:47 - 2017-04-05 23:47 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-05 23:27 - 2017-04-05 23:27 - 00000000 ____D C:\Users\MAQ\AppData\Local\CEF
2017-04-04 09:42 - 2017-04-04 09:47 - 00000000 ____D C:\Users\MAQ\Documents\Dona Rita
2017-03-27 14:14 - 2017-03-27 14:14 - 00426067 _____ C:\Users\MAQ\Downloads\20.03.17.rar
2017-03-27 14:05 - 2017-03-27 14:09 - 00426067 _____ C:\Users\MAQ\Documents\20.03.17.rar
2017-03-27 11:29 - 2017-03-27 11:29 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-03-27 10:12 - 2017-03-27 10:13 - 02048160 _____ (Adobe Systems Incorporated) C:\Users\MAQ\Downloads\Photoshop_Set-Up.exe
2017-03-24 06:44 - 2017-03-27 12:12 - 00000000 ____D C:\Users\MAQ\Documents\20.03.17
2017-03-23 21:44 - 2017-03-23 21:44 - 00055064 _____ C:\Users\MAQ\Downloads\boleto_85049 (1).html
2017-03-22 21:05 - 2017-03-22 21:06 - 00055064 _____ C:\Users\MAQ\Downloads\boleto_85049.html
2017-03-22 20:56 - 2017-03-22 20:56 - 02967437 _____ C:\Users\MAQ\Downloads\cartao_9x5.rar
2017-03-22 20:56 - 2017-03-22 20:56 - 01015335 _____ C:\Users\MAQ\Downloads\cartao_9x5.ai
2017-03-22 19:13 - 2017-03-22 19:13 - 02788117 _____ C:\Users\MAQ\Downloads\LOGO_PRATA_cmyk.tif
2017-03-22 19:09 - 2017-03-22 19:09 - 02774977 _____ C:\Users\MAQ\Downloads\PARTE_DE_TRAZ_DO_CARTyIO_cmyk.tif
2017-03-21 02:17 - 2017-03-21 02:17 - 00275084 _____ C:\Users\MAQ\Downloads\cartao_9x5_1.cdr
2017-03-21 01:45 - 2017-03-21 01:45 - 00033050 _____ C:\Users\MAQ\Downloads\+0203 0207 3020+44 0203 0207 3020 kyle@sparkracingindustries.com.pdf
2017-03-20 16:06 - 2017-03-20 16:07 - 00284800 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local (1).ai.crdownload
2017-03-18 10:34 - 2017-03-18 10:34 - 03414213 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local.rar
2017-03-18 10:34 - 2017-03-18 10:34 - 00282466 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local_1_1.cdr
2017-03-18 10:33 - 2017-03-18 10:33 - 01033073 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local.ai
2017-03-12 01:28 - 2017-03-12 01:28 - 00000000 ____D C:\Users\MAQ\Documents\Nova pasta
2017-03-02 01:42 - 2017-03-02 02:40 - 00000000 ____D C:\Users\MAQ\Documents\DECLARAÇÃO DE IMPOSTO DE RENDA 2017
2017-03-02 01:15 - 2017-03-02 01:15 - 00000000 ____D C:\Users\MAQ\Desktop\IRPF 2016
2017-03-02 01:09 - 2017-03-02 01:09 - 00001724 _____ C:\Users\Public\Desktop\IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ____D C:\Users\MAQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ____D C:\Arquivos de Programas RFB
2017-03-02 01:08 - 2017-03-02 01:08 - 28203488 _____ (Receita Federal do Brasil) C:\Users\MAQ\Downloads\IRPF2017Win32v1.0.exe
2017-03-01 23:17 - 2017-03-01 23:17 - 00135094 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k30203201711165620823950612930.pdf
2017-03-01 23:17 - 2017-03-01 23:17 - 00133737 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k3020320171116461470926249338120.pdf
2017-03-01 23:16 - 2017-03-01 23:16 - 00134196 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k30203201711162212883019857198.pdf
2017-03-01 23:16 - 2017-03-01 23:16 - 00133736 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k302032017111634533219521424.pdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-05-29 19:51 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-29 19:51 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-29 19:24 - 2016-08-17 07:24 - 00000238 _____ C:\Windows\Tasks\Booking_helper.job
2017-05-29 19:10 - 2009-07-14 14:55 - 00657374 _____ C:\Windows\system32\prfh0416.dat
2017-05-29 19:10 - 2009-07-14 14:55 - 00125766 _____ C:\Windows\system32\prfc0416.dat
2017-05-29 19:10 - 2009-07-14 02:13 - 01499760 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-29 19:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-05-29 19:09 - 2017-02-25 18:55 - 00000000 ____D C:\Windows\Minidump
2017-05-29 19:06 - 2016-11-26 01:07 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-05-29 19:06 - 2016-11-26 01:07 - 00000000 ____D C:\ProgramData\GbPlugin
2017-05-29 19:05 - 2016-11-26 01:07 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-05-29 19:04 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-22 00:26 - 2016-10-09 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-22 00:24 - 2016-10-09 12:46 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2017-05-22 00:24 - 2016-10-09 12:46 - 00000000 ____D C:\ProgramData\Avira
2017-05-22 00:24 - 2016-10-09 12:46 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-21 19:53 - 2016-10-09 12:48 - 00000000 ____D C:\Users\MAQ\AppData\Roaming\Avira
2017-05-18 16:04 - 2016-12-30 00:23 - 00028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-05-18 16:04 - 2016-10-09 13:24 - 00002279 _____ C:\Users\MAQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-18 16:04 - 2016-10-09 13:24 - 00002249 _____ C:\Users\MAQ\Desktop\Google Chrome.lnk
2017-05-18 16:02 - 2016-10-09 12:43 - 00000000 ____D C:\Users\MAQ\AppData\Local\Google
2017-05-18 02:49 - 2016-12-16 21:54 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-18 00:21 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-05-17 18:59 - 2016-08-28 00:31 - 00000000 ____D C:\Users\MAQ\Documents\DELEGADO
2017-05-17 02:02 - 2017-02-03 02:29 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO V CONPEDI
2017-05-09 12:29 - 2016-10-09 12:42 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-09 12:29 - 2016-10-09 12:42 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-09 12:29 - 2016-10-09 12:42 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-09 12:29 - 2016-10-09 12:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-09 12:29 - 2016-10-09 12:42 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-08 07:46 - 2016-11-11 11:54 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-29 21:09 - 2016-12-18 11:24 - 00000000 ____D C:\Users\MAQ\Documents\PEÇAS PROCESSUAIS DE MICHEL
2017-04-29 21:03 - 2016-10-11 19:52 - 00000000 ____D C:\Users\MAQ\Documents\apresentação e monografia
2017-04-29 01:03 - 2016-10-09 12:43 - 00003668 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350283003-836572330-383190687-1000UA
2017-04-29 01:03 - 2016-10-09 12:43 - 00003396 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350283003-836572330-383190687-1000Core
==================== Arquivos na raiz de alguns diretórios =======
2016-10-09 12:36 - 2016-10-09 12:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-10-09 15:32 - 2016-10-09 15:32 - 0728576 _____ () C:\ProgramData\DriverInstallE41.exe
2016-10-09 15:32 - 2016-10-09 15:32 - 7011224 _____ ((c) PC Cleaners Inc) C:\ProgramData\pclunst.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\MAQ\AppData\Local\Temp\Java\SYSMAQ-PC.exe
C:\ProgramData\DriverInstallE41.exe
C:\ProgramData\pclunst.exe
C:\Users\Todos os Usuários\DriverInstallE41.exe
C:\Users\Todos os Usuários\pclunst.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-01 21:07
==================== Fim de FRST.txt ============================
Executado por MAQ (administrador) em MAQ-PC (29-05-2017 20:03:34)
Executando a partir de C:\Users\MAQ\Desktop
Perfis Carregados: MAQ (Perfis Disponíveis: MAQ)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\MAQ\AppData\Local\Temp\Java\SYSMAQ-PC.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Intel Service] => C:\Users\MAQ\AppData\Local\Temp\Java\SYSMAQ-PC.exe [96747520 2016-10-09] () <===== ATENÇÃO
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-01-18] (GAS Tecnologia LTDA)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-11] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ GbPluginBb: C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-12-09] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-08-10] (Caixa Economica Federal)
HKU\S-1-5-21-350283003-836572330-383190687-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1903328 2016-08-10] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-12-09] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [HKLM] => Proxy está habilitado.
ProxyServer: [HKLM] => 127.0.0.1:7207
ProxyEnable: [S-1-5-21-350283003-836572330-383190687-1000] => Proxy está habilitado.
ProxyServer: [S-1-5-21-350283003-836572330-383190687-1000] => 127.0.0.1:7207
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 8.8.8.8
Tcpip\..\Interfaces\{7DC3FD5A-514E-4BD6-A54C-1294B56DC42C}: [DhcpNameServer] 192.168.100.30
Tcpip\..\Interfaces\{81935925-774B-4BDA-9C15-BE3EA6867916}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{81935925-774B-4BDA-9C15-BE3EA6867916}: [DhcpNameServer] 192.168.8.1 8.8.8.8
ManualProxies: 1127.0.0.1:3190
Internet Explorer:
==================
HKU\S-1-5-21-350283003-836572330-383190687-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-350283003-836572330-383190687-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2016-10-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2016-10-09] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-12-09] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2016-08-10] (Caixa Economica Federal)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2016-10-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2016-10-09] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-14] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-14] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Not-active:"chrome-extension://bahkljhhdeciiaodlkppoonappfnheoi/content/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default [2017-05-29]
CHR Extension: (Google Apresentações) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-09]
CHR Extension: (Google Docs) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-09]
CHR Extension: (Google Drive) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-09]
CHR Extension: (Search Manager) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bahkljhhdeciiaodlkppoonappfnheoi [2017-04-10]
CHR Extension: (YouTube) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-23]
CHR Extension: (Planilhas do Google) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-09]
CHR Extension: (Documentos Google off-line) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-09]
CHR Extension: (Chrome Media Router) - C:\Users\MAQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-21]
CHR HKU\S-1-5-21-350283003-836572330-383190687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.ZPKUK252EZOKKQKEOG3VYRGNZ4 - C:\Users\MAQ\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-08-10] (GAS Tecnologia)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-01-18] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-04-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-04-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-04-11] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [51248 2017-04-11] (Avira Operations GmbH & Co. KG)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-08-10] (GAS Tecnologia)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2012-07-06] (GenesysLogic)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3780312 2015-04-16] (Realtek Semiconductor Corporation )
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-08-10] (GAS Tecnologia LTDA)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-05-18] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2016-11-11] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2016-11-11] (GAS Tecnologia)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-05-29 20:03 - 2017-05-29 20:04 - 00015968 _____ C:\Users\MAQ\Desktop\FRST.txt
2017-05-29 20:01 - 2017-05-29 20:03 - 00000000 ____D C:\FRST
2017-05-29 19:54 - 2017-05-29 19:59 - 02429952 _____ (Farbar) C:\Users\MAQ\Downloads\FRST64 (1).exe
2017-05-29 19:52 - 2017-05-29 19:58 - 02429952 _____ (Farbar) C:\Users\MAQ\Desktop\FRST64.exe
2017-05-29 18:14 - 2017-05-29 18:14 - 00000000 ____D C:\Users\MAQ\Documents\CFO 2017
2017-05-27 10:49 - 2017-05-27 10:49 - 01280160 _____ ( ) C:\Users\MAQ\Downloads\WESLEY SAFADAO - REP-NOVO DE VERAO 2017 WWW-JAIRZINHOCDS-COM-BR (1).exe
2017-05-27 10:48 - 2017-05-27 10:49 - 01280160 _____ ( ) C:\Users\MAQ\Downloads\WESLEY SAFADAO - REP-NOVO DE VERAO 2017 WWW-JAIRZINHOCDS-COM-BR.exe
2017-05-22 00:26 - 2017-05-22 00:26 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-05-22 00:24 - 2017-04-11 17:10 - 00176968 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00148104 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00051248 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-05-22 00:24 - 2017-04-11 17:10 - 00035328 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2017-05-21 19:39 - 2017-05-21 19:39 - 00000000 _____ C:\Users\MAQ\Downloads\Baixaki_mozilla-firefox_0996670004 (1).exe
2017-05-21 19:32 - 2017-05-21 19:32 - 00000000 _____ C:\Users\MAQ\Downloads\Baixaki_mozilla-firefox_0996670004.exe
2017-05-18 16:01 - 2017-05-29 19:00 - 00142530 _____ C:\Windows\ntbtlog.txt
2017-05-18 02:50 - 2017-05-18 02:50 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-18 02:50 - 2017-05-18 02:50 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-18 02:48 - 2017-05-18 02:48 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-18 02:48 - 2017-05-18 02:48 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-18 02:47 - 2017-05-18 02:48 - 00000000 ____D C:\Users\MAQ\AppData\Local\Deployment
2017-05-18 02:47 - 2017-05-18 02:47 - 00000000 ____D C:\Users\MAQ\AppData\Local\Apps\2.0
2017-05-17 21:14 - 2017-05-17 21:14 - 00174377 _____ C:\Users\MAQ\Desktop\CURRÍCULO VITAE.pdf
2017-05-17 21:12 - 2017-05-17 21:12 - 00176504 _____ C:\Users\MAQ\Documents\CURRÍCULO VITAE
2017-05-17 21:07 - 2017-05-17 21:07 - 00176504 _____ C:\Users\MAQ\Documents\a2430cf2-88b2-42ec-a516-f5dc15aad96b
2017-05-17 20:42 - 2017-05-17 20:42 - 00024408 _____ C:\Users\MAQ\Documents\CERTIÇÃO ESTADUAL - AÇOES CRIMINAIS.pdf
2017-05-17 20:37 - 2017-05-17 20:37 - 00007717 _____ C:\Users\MAQ\Documents\CERTIDÃO NEGATIVA DE ANTECEDENTES CRIMINAIS.pdf
2017-05-17 20:32 - 2017-05-17 20:30 - 00040246 _____ C:\Users\MAQ\Documents\ANTECEDENTES.xps
2017-05-17 20:31 - 2017-05-17 20:31 - 00000000 ____D C:\Users\MAQ\AppData\LocalLow\Temp
2017-05-17 20:30 - 2017-05-17 20:30 - 00040246 _____ C:\Users\MAQ\Documents\ANTECEDENTES CRIMINAIS.xps
2017-05-17 19:03 - 2017-05-17 19:04 - 00000000 ____D C:\Users\MAQ\Documents\ÁREA DE TRABALHO
2017-05-17 02:01 - 2017-05-18 18:30 - 00000000 ____D C:\Users\MAQ\Documents\ANTE-PROJETO DE PESQUISA JUSTIÇA RESTAURATIVA
2017-05-12 08:32 - 2017-05-12 08:32 - 01014858 _____ C:\Users\MAQ\Downloads\20717MaterialPPenalAulas-2-e-3.pdf
2017-05-12 08:32 - 2017-05-12 08:32 - 01005818 _____ C:\Users\MAQ\Downloads\20717ResumoP-PenalAula2.pdf
2017-05-12 00:55 - 2017-05-12 00:56 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO (LEITURA)
2017-05-12 00:53 - 2017-05-12 00:53 - 00405992 _____ C:\Users\MAQ\Downloads\6286-21175-1-PB.pdf
2017-05-12 00:53 - 2017-05-12 00:53 - 00282218 _____ C:\Users\MAQ\Downloads\4931-16332-1-PB.pdf
2017-05-12 00:43 - 2017-05-12 00:43 - 00359589 _____ C:\Users\MAQ\Downloads\2367-8035-1-PB.pdf
2017-05-12 00:43 - 2017-05-12 00:43 - 00359589 _____ C:\Users\MAQ\Downloads\2367-8035-1-PB (1).pdf
2017-05-12 00:09 - 2017-05-12 00:09 - 02187845 _____ C:\Users\MAQ\Downloads\Guia_de_Normas_Revista_DIZER_2017.pdf
2017-05-11 00:34 - 2017-05-11 00:34 - 00506909 _____ C:\Users\MAQ\Downloads\ilovepdf_com (6).pdf
2017-05-11 00:33 - 2017-05-11 00:33 - 00249660 _____ C:\Users\MAQ\Downloads\A3FF.tmp
2017-05-11 00:31 - 2017-05-11 00:31 - 00506909 _____ C:\Users\MAQ\Downloads\ilovepdf_com (5).pdf
2017-05-11 00:22 - 2017-05-11 00:22 - 00389484 _____ C:\Users\MAQ\Downloads\ilovepdf_com (4).pdf
2017-05-10 23:32 - 2017-05-10 23:32 - 00570017 _____ C:\Users\MAQ\Downloads\FICHA DE INSCRIÇÃO CEPEJ E DIPLOMA DE CONCLUSÃO DE CURSO (GRADUAÇÃO) (1).pdf
2017-05-10 23:31 - 2017-05-10 23:31 - 00570017 _____ C:\Users\MAQ\Downloads\FICHA DE INSCRIÇÃO CEPEJ E DIPLOMA DE CONCLUSÃO DE CURSO (GRADUAÇÃO).pdf
2017-05-10 22:25 - 2017-05-10 22:25 - 00502337 _____ C:\Users\MAQ\Downloads\ilovepdf_com (3).pdf
2017-05-10 21:50 - 2017-05-10 21:50 - 00516503 _____ C:\Users\MAQ\Downloads\ilovepdf_com (2).pdf
2017-05-10 21:47 - 2017-05-10 21:47 - 00362558 _____ C:\Users\MAQ\Downloads\A FALÊNCIA DA TEORIA DA PREVENÇÃO ESPECIAL DA PENA - REFLEXÃO SOBRE A ESPIRAL DA VIOLÊNCIA E O DISCUSSO DO ÓDIO NO BRASIL.pdf
2017-05-10 21:43 - 2017-05-10 21:43 - 00444348 _____ C:\Users\MAQ\Downloads\LISTA DE TRABALHOS APROVADOS EABRAPPS 2017 - DATA E LOCAL DE APRESENTACAO_FINAL.pdf
2017-05-10 15:30 - 2017-05-10 15:30 - 01355863 _____ C:\Users\MAQ\Downloads\Versao_integral_dissertacao_de_mestrado_Fernando_Vernice_dos.pdf
2017-05-05 17:54 - 2017-05-05 17:54 - 01377594 _____ C:\Users\MAQ\Downloads\20717MaterialPPenalAulas-1-e-2 (1).pdf
2017-05-04 19:16 - 2017-05-04 19:16 - 00257380 _____ C:\Users\MAQ\Downloads\Michel Andrade dos Santos Silva_CARTA DE ACEITE EABRAPPS 2017.pdf
2017-05-04 18:35 - 2017-05-10 23:29 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO CEPEJ
2017-05-04 02:14 - 2017-05-04 02:14 - 01377594 _____ C:\Users\MAQ\Downloads\20717MaterialPPenalAulas-1-e-2.pdf
2017-05-04 02:14 - 2017-05-04 02:14 - 00911467 _____ C:\Users\MAQ\Downloads\20717Resumo-Processo-Penal-Aula1.pdf
2017-05-03 22:04 - 2017-05-03 22:04 - 00877503 _____ C:\Users\MAQ\Downloads\20717ResumoD-CivilIaula3.pdf
2017-05-01 23:15 - 2017-05-01 23:15 - 01814442 _____ C:\Users\MAQ\Downloads\Edital - 01 - 2017 - ABDECON - Salvador. (2).pdf
2017-05-01 23:14 - 2017-05-01 23:14 - 01814442 _____ C:\Users\MAQ\Downloads\Edital - 01 - 2017 - ABDECON - Salvador. (1).pdf
2017-05-01 23:06 - 2017-05-01 23:20 - 00000000 ____D C:\Users\MAQ\Documents\impressão na caixa econômica
2017-05-01 21:26 - 2017-05-01 21:26 - 00102060 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA- (3).pdf
2017-05-01 21:25 - 2017-05-01 21:25 - 00102060 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA- (2).pdf
2017-05-01 21:24 - 2017-05-01 21:24 - 00102050 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA- (1).pdf
2017-05-01 21:12 - 2017-05-01 21:12 - 00180333 _____ C:\Users\MAQ\Downloads\ilovepdf_com (1).pdf
2017-05-01 21:11 - 2017-05-01 21:11 - 00180333 _____ C:\Users\MAQ\Downloads\ilovepdf_com.pdf
2017-05-01 20:40 - 2017-05-01 20:40 - 00233132 _____ C:\Users\MAQ\Downloads\Resumo_-_Feira_de_Santana.zip
2017-05-01 20:33 - 2017-05-01 20:33 - 00203487 _____ C:\Users\MAQ\Downloads\2 JUIZADO ESPECIAL DO LARGO DO TANQUE - A INCORPORAÇÃO DOS VALORES E PRÁTICAS RESTAURATIVAS NA RESOLUÇÃO DOS CONFLITOS PENAIS.pdf
2017-05-01 19:45 - 2017-05-18 15:54 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO FEIRA DE SANTANA I
2017-04-30 21:36 - 2017-05-18 02:20 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO ARACAJU
2017-04-30 18:08 - 2017-04-30 18:08 - 01328040 _____ C:\Users\MAQ\Downloads\Justica_restaurativa_da_teoria_a_pratica (2).pdf
2017-04-30 18:08 - 2017-04-30 18:08 - 01328040 _____ C:\Users\MAQ\Downloads\Justica_restaurativa_da_teoria_a_pratica (1).pdf
2017-04-29 21:18 - 2017-04-29 21:44 - 00000000 ____D C:\Users\MAQ\Documents\SELEÇÃO ABDECON
2017-04-29 19:43 - 2017-04-29 19:43 - 00073206 _____ C:\Users\MAQ\Downloads\Boleto-Enfase-8491.pdf
2017-04-27 20:15 - 2017-04-27 20:15 - 01814442 _____ C:\Users\MAQ\Downloads\Edital - 01 - 2017 - ABDECON - Salvador..pdf
2017-04-27 20:15 - 2017-04-27 20:15 - 01814442 _____ C:\Users\MAQ\Documents\Edital - 01 - 2017 - ABDECON - Salvador..pdf
2017-04-26 00:58 - 2017-04-26 03:07 - 00000000 ____D C:\Users\MAQ\Documents\26.04.2017
2017-04-24 00:18 - 2017-04-24 00:18 - 00141394 _____ C:\Users\MAQ\Downloads\Apresentação_oral_-_GT_2.zip
2017-04-24 00:07 - 2017-04-24 00:07 - 00106983 _____ C:\Users\MAQ\Downloads\A-CRIMINALIDADE-VIOLENTA-NO-ENGENHO-VELHO-DA-FEDERAÇÃO-A-CONFIRMAÇÃO-DA-FALÊNCIA-DA-TEORIA-GERAL-DA-.pdf
2017-04-23 23:55 - 2017-04-23 23:55 - 00104884 _____ C:\Users\MAQ\Downloads\A CRIMINALIDADE VIOLENTA NO ENGENHO VELHO DA FEDERAÇÃO - A CONFIRMAÇÃO DA FALÊNCIA DA TEORIA GERAL DA PENA -FOLHA DE ROSTO-.pdf
2017-04-23 17:08 - 2017-05-01 21:07 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO FEIRA DE SANTANA II
2017-04-22 18:37 - 2017-04-22 18:37 - 05498835 _____ C:\Users\MAQ\Downloads\CONCURSO PM-BA.b1
2017-04-21 03:47 - 2017-04-21 03:47 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-04-17 10:43 - 2017-04-17 10:43 - 00002110 _____ C:\Users\MAQ\Downloads\Calendar_RTC9EB (1).ics
2017-04-17 10:42 - 2017-04-17 10:42 - 01509578 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-17 10:42 - 2017-04-17 10:42 - 00002110 _____ C:\Users\MAQ\Downloads\Calendar_RTC9EB.ics
2017-04-16 08:50 - 2017-04-16 19:25 - 00011801 _____ C:\Users\MAQ\Documents\PLANÍLIA PREVIDÊNCIA SOCIAL (OSVALDO PEDRO DA SILVA).xlsx
2017-04-15 22:37 - 2017-04-17 00:09 - 00000000 ____D C:\Users\MAQ\Documents\15.04.17
2017-04-14 13:41 - 2017-04-14 13:41 - 00000000 ____D C:\Users\MAQ\Documents\comprovante de entrega da declaração do imposto de renda
2017-04-14 13:35 - 2017-04-14 13:41 - 00000000 ____D C:\Users\MAQ\.receitanet
2017-04-14 13:18 - 2017-04-14 13:18 - 00000000 ____D C:\Users\MAQ\.irpf
2017-04-10 20:48 - 2017-04-11 10:23 - 00000000 ____D C:\Users\MAQ\Documents\10.04.2017
2017-04-09 19:53 - 2017-04-09 23:32 - 00000000 ____D C:\Users\MAQ\Documents\09.04.2017
2017-04-05 23:47 - 2017-04-27 07:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-05 23:47 - 2017-04-05 23:47 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-04-05 23:27 - 2017-04-05 23:27 - 00000000 ____D C:\Users\MAQ\AppData\Local\CEF
2017-04-04 09:42 - 2017-04-04 09:47 - 00000000 ____D C:\Users\MAQ\Documents\Dona Rita
2017-03-27 14:14 - 2017-03-27 14:14 - 00426067 _____ C:\Users\MAQ\Downloads\20.03.17.rar
2017-03-27 14:05 - 2017-03-27 14:09 - 00426067 _____ C:\Users\MAQ\Documents\20.03.17.rar
2017-03-27 11:29 - 2017-03-27 11:29 - 00001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-03-27 10:12 - 2017-03-27 10:13 - 02048160 _____ (Adobe Systems Incorporated) C:\Users\MAQ\Downloads\Photoshop_Set-Up.exe
2017-03-24 06:44 - 2017-03-27 12:12 - 00000000 ____D C:\Users\MAQ\Documents\20.03.17
2017-03-23 21:44 - 2017-03-23 21:44 - 00055064 _____ C:\Users\MAQ\Downloads\boleto_85049 (1).html
2017-03-22 21:05 - 2017-03-22 21:06 - 00055064 _____ C:\Users\MAQ\Downloads\boleto_85049.html
2017-03-22 20:56 - 2017-03-22 20:56 - 02967437 _____ C:\Users\MAQ\Downloads\cartao_9x5.rar
2017-03-22 20:56 - 2017-03-22 20:56 - 01015335 _____ C:\Users\MAQ\Downloads\cartao_9x5.ai
2017-03-22 19:13 - 2017-03-22 19:13 - 02788117 _____ C:\Users\MAQ\Downloads\LOGO_PRATA_cmyk.tif
2017-03-22 19:09 - 2017-03-22 19:09 - 02774977 _____ C:\Users\MAQ\Downloads\PARTE_DE_TRAZ_DO_CARTyIO_cmyk.tif
2017-03-21 02:17 - 2017-03-21 02:17 - 00275084 _____ C:\Users\MAQ\Downloads\cartao_9x5_1.cdr
2017-03-21 01:45 - 2017-03-21 01:45 - 00033050 _____ C:\Users\MAQ\Downloads\+0203 0207 3020+44 0203 0207 3020 kyle@sparkracingindustries.com.pdf
2017-03-20 16:06 - 2017-03-20 16:07 - 00284800 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local (1).ai.crdownload
2017-03-18 10:34 - 2017-03-18 10:34 - 03414213 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local.rar
2017-03-18 10:34 - 2017-03-18 10:34 - 00282466 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local_1_1.cdr
2017-03-18 10:33 - 2017-03-18 10:33 - 01033073 _____ C:\Users\MAQ\Downloads\cartao_9x5_uv_local.ai
2017-03-12 01:28 - 2017-03-12 01:28 - 00000000 ____D C:\Users\MAQ\Documents\Nova pasta
2017-03-02 01:42 - 2017-03-02 02:40 - 00000000 ____D C:\Users\MAQ\Documents\DECLARAÇÃO DE IMPOSTO DE RENDA 2017
2017-03-02 01:15 - 2017-03-02 01:15 - 00000000 ____D C:\Users\MAQ\Desktop\IRPF 2016
2017-03-02 01:09 - 2017-03-02 01:09 - 00001724 _____ C:\Users\Public\Desktop\IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ____D C:\Users\MAQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2017
2017-03-02 01:09 - 2017-03-02 01:09 - 00000000 ____D C:\Arquivos de Programas RFB
2017-03-02 01:08 - 2017-03-02 01:08 - 28203488 _____ (Receita Federal do Brasil) C:\Users\MAQ\Downloads\IRPF2017Win32v1.0.exe
2017-03-01 23:17 - 2017-03-01 23:17 - 00135094 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k30203201711165620823950612930.pdf
2017-03-01 23:17 - 2017-03-01 23:17 - 00133737 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k3020320171116461470926249338120.pdf
2017-03-01 23:16 - 2017-03-01 23:16 - 00134196 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k30203201711162212883019857198.pdf
2017-03-01 23:16 - 2017-03-01 23:16 - 00133736 _____ C:\Users\MAQ\Downloads\z4ijnhi5tn4ibots2xe2m3k302032017111634533219521424.pdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-05-29 19:51 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-29 19:51 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-29 19:24 - 2016-08-17 07:24 - 00000238 _____ C:\Windows\Tasks\Booking_helper.job
2017-05-29 19:10 - 2009-07-14 14:55 - 00657374 _____ C:\Windows\system32\prfh0416.dat
2017-05-29 19:10 - 2009-07-14 14:55 - 00125766 _____ C:\Windows\system32\prfc0416.dat
2017-05-29 19:10 - 2009-07-14 02:13 - 01499760 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-29 19:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-05-29 19:09 - 2017-02-25 18:55 - 00000000 ____D C:\Windows\Minidump
2017-05-29 19:06 - 2016-11-26 01:07 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-05-29 19:06 - 2016-11-26 01:07 - 00000000 ____D C:\ProgramData\GbPlugin
2017-05-29 19:05 - 2016-11-26 01:07 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-05-29 19:04 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-22 00:26 - 2016-10-09 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-22 00:24 - 2016-10-09 12:46 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2017-05-22 00:24 - 2016-10-09 12:46 - 00000000 ____D C:\ProgramData\Avira
2017-05-22 00:24 - 2016-10-09 12:46 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-21 19:53 - 2016-10-09 12:48 - 00000000 ____D C:\Users\MAQ\AppData\Roaming\Avira
2017-05-18 16:04 - 2016-12-30 00:23 - 00028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-05-18 16:04 - 2016-10-09 13:24 - 00002279 _____ C:\Users\MAQ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-18 16:04 - 2016-10-09 13:24 - 00002249 _____ C:\Users\MAQ\Desktop\Google Chrome.lnk
2017-05-18 16:02 - 2016-10-09 12:43 - 00000000 ____D C:\Users\MAQ\AppData\Local\Google
2017-05-18 02:49 - 2016-12-16 21:54 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-18 00:21 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-05-17 18:59 - 2016-08-28 00:31 - 00000000 ____D C:\Users\MAQ\Documents\DELEGADO
2017-05-17 02:02 - 2017-02-03 02:29 - 00000000 ____D C:\Users\MAQ\Documents\ARTIGO V CONPEDI
2017-05-09 12:29 - 2016-10-09 12:42 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-09 12:29 - 2016-10-09 12:42 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-09 12:29 - 2016-10-09 12:42 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-09 12:29 - 2016-10-09 12:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-09 12:29 - 2016-10-09 12:42 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-08 07:46 - 2016-11-11 11:54 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-29 21:09 - 2016-12-18 11:24 - 00000000 ____D C:\Users\MAQ\Documents\PEÇAS PROCESSUAIS DE MICHEL
2017-04-29 21:03 - 2016-10-11 19:52 - 00000000 ____D C:\Users\MAQ\Documents\apresentação e monografia
2017-04-29 01:03 - 2016-10-09 12:43 - 00003668 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350283003-836572330-383190687-1000UA
2017-04-29 01:03 - 2016-10-09 12:43 - 00003396 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-350283003-836572330-383190687-1000Core
==================== Arquivos na raiz de alguns diretórios =======
2016-10-09 12:36 - 2016-10-09 12:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-10-09 15:32 - 2016-10-09 15:32 - 0728576 _____ () C:\ProgramData\DriverInstallE41.exe
2016-10-09 15:32 - 2016-10-09 15:32 - 7011224 _____ ((c) PC Cleaners Inc) C:\ProgramData\pclunst.exe
Arquivos para serem movidos ou deletados:
====================
C:\Users\MAQ\AppData\Local\Temp\Java\SYSMAQ-PC.exe
C:\ProgramData\DriverInstallE41.exe
C:\ProgramData\pclunst.exe
C:\Users\Todos os Usuários\DriverInstallE41.exe
C:\Users\Todos os Usuários\pclunst.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-01 21:07
==================== Fim de FRST.txt ============================