Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 05-03-2017 Executado por Isaela (administrador) em ISAELA-PC (07-03-2017 16:08:07) Executando a partir de C:\Users\Isaela\Documents Perfis Carregados: Isaela (Perfis Disponíveis: Isaela) Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Microsoft\BingSvc\BingSvc.exe (The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe (HP) C:\Windows\System32\HPSIsvc.exe () C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe (The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe (CompSoft) C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe (Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe (Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe (Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe () C:\ecosis\Eco Backup\EcoBackupServer.exe (The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (EcoCentauro Sistemas®) C:\ecosis\windows\eco.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (DLL-files.com) C:\Program Files (x86)\DLL-Files.com Client\DLLFilesClient.exe ==================== Registro (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS Tecnologia LTDA) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company) HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [172032 2012-05-02] (CompSoft) HKLM-x32\...\Run: [BackupServer] => C:\ecosis\Eco Backup\EcoBackupServer.exe [6162944 2016-09-23] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [Bron-Spizaetus] => C:\Windows\ShellNew\bronstab.exe [41385 2008-06-15] () HKLM-x32\...\RunOnce: [Lomobasapa] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Roaming\53BA83~1\Dadihis.dat" HKLM-x32\...\RunOnce: [Minatimobite] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Roaming\28A715~1\Fafegamecad.dat" HKLM-x32\...\RunOnce: [Hirec] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Local\65C6B4~1\Fonerob.dat" HKLM-x32\...\RunOnce: [Gesosog] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Isaela\AppData\Local\3989CF~1\Lefehebi.dat" HKLM-x32\...\Winlogon: [Shell] Explorer.exe "C:\Windows\eksplorasi.exe" [ ] () <=== ATENÇÃO Winlogon\Notify\ GbPluginScd: C:\Program Files (x86)\GbPlugin\gbiehScd.dll [2016-05-06] (Sicredi) HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [BingSvc] => C:\Users\Isaela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Chromium] => c:\users\isaela\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors) HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [GoogleChromeAutoLaunch_C8955BFA0AA994214B6901E396B99EB3] => C:\Users\Isaela\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors) HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Tok-Cirrhatus] => C:\Users\Isaela\AppData\Local\smss.exe [41385 2008-06-15] () HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.) HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\system: [DisableRegistryTools] 1 HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\...\Policies\Explorer: [NoFolderOptions] 1 ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files (x86)\GbPlugin\gbiehscd.dll [1915104 2016-05-06] (Sicredi) Startup: C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EcoBackupServer - Atalho.lnk [2016-12-28] ShortcutTarget: EcoBackupServer - Atalho.lnk -> C:\ecosis\Eco Backup\EcoBackupServer.exe () Startup: C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif [2008-06-15] () GroupPolicy: Restrição <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Um script HTML foi detectado no Hosts. Veja a seção Hosts do Addition.txt <==== ATENÇÃO Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A00BD657-055F-4444-B758-FDBF930C137A}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{DE74CBE6-469F-48D6-88D2-FE7FD16B8565}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=pt-br HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_09_wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzzzyEtN1L2XzutAtFtByBtFtCtFyDtBtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StA0CtDtCzz0AtDyDtGtA0AtB0BtG0DyB0AtDtGtCtBzztCtGyEtA0E0DtD0E0Fzz0Czy0AtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D618255791%26a%3Dhdr_s_17_09_wbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_17_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtByD0C0CtC0AtDyEyDzytDtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEyDtB0B0FyD0FyEtGyDtCyD0EtGtAtAzyzytGtCtC0E0CtGtA0CtD0CyBtD0F0B0EtDyEtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DtC0ByCtByC0EtG0EtCyDyDtGyE0EyC0EtGzyyCzztBtGyCyE0Czy0ByEyD0AtCtBtCtC2QtN0A0LzuyE%26cr%3D462482862%26a%3Dwbf_bxinw_17_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms} SearchScopes: HKU\S-1-5-21-2584708150-2071338921-3614247218-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-14] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540011} -> C:\Program Files (x86)\GbPlugin\gbiehscd.dll [2016-05-06] (Sicredi) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-14] (Oracle Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll [2016-12-28] () FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll [2016-12-28] () FF Plugin-x32: @DVR/npmedia-intelbras,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\HDCVI\WebPlugin\npmedia.dll [2015-02-04] () FF Plugin-x32: @DVR/npTimeGrid-intelbras,version=3.1.0.4 -> C:\Program Files (x86)\webrec\WEB30\HDCVI\WebPlugin\npTimeGrid.dll [2015-02-04] (Unauthorized copy) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-14] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: gastecnologia.com.br/sf/scd -> C:\Windows\system32\config\systemprofile\AppData\Local\GAS Tecnologia\GBBD\npsf_scd.dll [Nenhum Arquivo] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default [2017-03-07] CHR Extension: (Hermes Tab) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlceeijggpdgfcefmipcmdelickjgfg [2017-02-27] CHR Extension: (Search Manager) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-02-17] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20] CHR Extension: (Chrome Media Router) - C:\Users\Isaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08] CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2584708150-2071338921-3614247218-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [146912 2017-01-18] (Byte Technologies LLC) R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project) [Arquivo não assinado] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project) [Arquivo não assinado] R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [631520 2016-05-06] (GAS Tecnologia) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado] R2 NetExpress Updater; C:\Program Files (x86)\AppBrad\NetExpressUpdater.exe [20424 2016-10-13] () R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-02-17] () R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1926672 2016-12-29] (Scopus Soluções em TI Ltda) R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS Tecnologia LTDA) S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2016-12-28] () [Arquivo não assinado] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-03-07] (GAS Tecnologia) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-06] (GAS Tecnologia) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.) R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.) S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation ) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-06] (GAS Tecnologia LTDA) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-03-07] (GAS Tecnologia) R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia) S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [97376 2016-06-08] (GAS Tecnologia) S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-03-07 16:08 - 2017-03-07 16:08 - 00023409 _____ C:\Users\Isaela\Documents\FRST.txt 2017-03-07 16:06 - 2017-03-07 16:08 - 00000000 ____D C:\FRST 2017-03-07 16:05 - 2017-03-07 16:05 - 02423808 _____ (Farbar) C:\Users\Isaela\Documents\FRST64.exe 2017-03-07 16:05 - 2017-03-07 16:05 - 01765888 _____ (Farbar) C:\Users\Isaela\Documents\FRST.exe 2017-03-07 16:03 - 2017-03-07 16:03 - 02729024 _____ (DLL-Files.com Client ) C:\Users\Isaela\Documents\clientsetup_fde-1.exe 2017-03-07 16:03 - 2017-03-07 16:03 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk 2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DLL-files.com 2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DFXCT 2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client 2017-03-07 16:03 - 2017-03-07 16:03 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client 2017-03-07 15:56 - 2017-03-07 15:56 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\SkypeSetup (1).exe 2017-03-07 15:47 - 2017-03-07 15:47 - 01806392 _____ ( ) C:\Users\Isaela\Documents\Baixaki_skype_V76BqM.exe 2017-03-07 15:42 - 2017-03-07 15:42 - 00003142 _____ C:\Windows\System32\Tasks\{8C8E9068-E60A-4127-8B33-9ED965C50429} 2017-03-07 15:35 - 2017-03-07 15:35 - 00408568 _____ C:\Users\Isaela\AppData\Local\Update.9.Bron.Tok.bin 2017-03-07 15:34 - 2017-03-07 15:34 - 01806392 _____ ( ) C:\Users\Isaela\Documents\Baixaki_skype_V2Dhl0.exe 2017-03-07 15:30 - 2017-03-07 15:30 - 00002958 _____ C:\Windows\System32\Tasks\{C652FC53-961C-4DD3-9B62-232EA1BE3E60} 2017-03-07 15:29 - 2017-03-07 15:29 - 00002958 _____ C:\Windows\System32\Tasks\{BCF958CD-1A75-408C-AE66-FE2FDB756A93} 2017-03-07 15:29 - 2017-03-07 15:29 - 00002958 _____ C:\Windows\System32\Tasks\{85D4A90C-B623-4BD1-A703-2A1AF8065469} 2017-03-07 15:25 - 2017-03-07 15:25 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\SkypeSetup.exe 2017-03-07 15:22 - 2017-03-07 15:22 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-07 15:22 - 2017-03-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-03-07 15:19 - 2017-03-07 15:19 - 00400607 _____ C:\Users\Isaela\AppData\Local\Bron.tok.A9.em.bin 2017-03-07 15:19 - 2017-03-07 15:19 - 00000000 ____D C:\Users\Isaela\AppData\Local\Ok-SendMail-Bron-tok 2017-03-07 15:14 - 2017-03-07 15:14 - 00402607 _____ C:\Users\Isaela\AppData\Local\ListHost9.txt 2017-03-07 15:13 - 2017-03-07 15:13 - 00000000 ____D C:\Users\Isaela\AppData\Local\Bron.tok-9-7 2017-03-04 18:25 - 2017-03-04 18:25 - 00033132 _____ C:\Users\Isaela\Downloads\301A.tmp 2017-03-03 16:30 - 2017-03-03 16:30 - 00011211 _____ C:\Users\Isaela\Desktop\Neto - relatório.xlsx 2017-03-03 14:05 - 2017-03-03 14:05 - 00001106 _____ C:\Users\Isaela\Desktop\ARQUIVOS SPED.lnk 2017-03-03 10:23 - 2017-03-03 10:23 - 00048147 _____ C:\Users\Isaela\Desktop\relatorio (1).pdf 2017-03-03 10:21 - 2017-03-03 10:21 - 00007791 _____ C:\Users\Isaela\Desktop\relatorio.pdf 2017-03-03 08:18 - 2017-03-03 08:18 - 00000000 ___HD C:\Users\Isaela\AppData\Local\3989cf486cd66e6a 2017-03-01 12:30 - 2017-03-01 12:30 - 00000000 ____D C:\Users\Isaela\AppData\Local\ISL Online Cache 2017-02-28 17:03 - 2017-02-28 17:03 - 00000000 ___HD C:\Users\Isaela\AppData\Local\65c6b4a44332dd3b 2017-02-27 17:24 - 2017-02-27 17:24 - 02589033 _____ C:\Users\Isaela\Desktop\Fatura_012017_MARIA_4348_MASTER_00080875110087.PDF 2017-02-27 12:28 - 2017-02-27 12:28 - 00007153 _____ C:\Users\Isaela\Desktop\EXTRATO_POR_PERIODO_270217_132803.pdf 2017-02-27 09:40 - 2017-03-07 15:40 - 00000278 _____ C:\Windows\Tasks\{28A7159C-0698-70E8-0621-32059762567D}.job 2017-02-27 09:40 - 2017-02-28 16:40 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\28A7159C-0698-70E8-0621-32059762567D 2017-02-27 09:40 - 2017-02-27 09:40 - 00003222 _____ C:\Windows\System32\Tasks\{28A7159C-0698-70E8-0621-32059762567D} 2017-02-27 09:39 - 2017-02-27 09:41 - 00000000 ____D C:\Users\Isaela\AppData\Local\{65F953A5-4151-3F1D-2CC9-1AF508A1E66D} 2017-02-23 15:35 - 2013-10-14 15:41 - 00196608 _____ C:\Users\Isaela\Desktop\EcoSped.zip 2017-02-23 15:27 - 2017-02-23 15:27 - 00001040 _____ C:\Users\Isaela\Desktop\ECOSPED.lnk 2017-02-23 14:01 - 2017-03-07 15:50 - 00000000 ____D C:\Users\Isaela\Desktop\Notas Fiscais Entrada 2017 2017-02-21 17:17 - 2017-02-21 17:17 - 00004778 _____ C:\Users\Isaela\Downloads\7858.xml 2017-02-21 17:11 - 2017-02-21 17:11 - 00004751 _____ C:\Users\Isaela\Downloads\7856.xml 2017-02-21 16:41 - 2017-02-21 16:41 - 00006227 _____ C:\Users\Isaela\Downloads\138269.xml 2017-02-21 16:40 - 2017-02-21 16:40 - 00005555 _____ C:\Users\Isaela\Downloads\218917.xml 2017-02-21 16:35 - 2017-02-21 16:35 - 00005555 _____ C:\Users\Isaela\Downloads\62FD.tmp 2017-02-20 16:39 - 2017-02-20 16:39 - 00009272 _____ C:\Users\Isaela\Downloads\6556.xml 2017-02-20 16:13 - 2017-02-20 16:13 - 00008318 _____ C:\Users\Isaela\Downloads\38703.xml 2017-02-20 16:07 - 2017-02-20 16:08 - 00000000 ____D C:\Users\Isaela\Desktop\documentos Abelha 2017-02-20 15:54 - 2017-02-20 15:54 - 00005618 _____ C:\Users\Isaela\Downloads\198820 (2).xml 2017-02-20 15:54 - 2017-02-20 15:54 - 00002938 _____ C:\Users\Isaela\Downloads\198820.zip 2017-02-20 15:53 - 2017-02-20 15:53 - 00005618 _____ C:\Users\Isaela\Downloads\198820.xml 2017-02-20 15:47 - 2017-02-20 15:47 - 00005605 _____ C:\Users\Isaela\Downloads\este.xml 2017-02-20 09:24 - 2017-02-20 09:24 - 00007324 _____ C:\Users\Isaela\Downloads\205846.xml 2017-02-18 07:44 - 2017-03-07 07:42 - 00000269 _____ C:\Users\Isaela\AppData\Roaming\WB.CFG 2017-02-17 16:08 - 2017-02-17 16:08 - 00003480 _____ C:\Windows\System32\Tasks\ByteFence Scan 2017-02-17 16:08 - 2017-02-17 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware 2017-02-17 15:13 - 2017-02-17 15:13 - 00000000 ____D C:\Users\Todos os Usuários\ByteFence 2017-02-17 15:13 - 2017-02-17 15:13 - 00000000 ____D C:\ProgramData\ByteFence 2017-02-17 15:06 - 2017-02-17 15:06 - 00002228 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2017-02-17 15:06 - 2017-02-17 15:06 - 00000000 ____D C:\Users\Isaela\AppData\Local\chromium 2017-02-17 15:05 - 2017-03-07 15:59 - 00000000 ____D C:\Users\Todos os Usuários\Skype 2017-02-17 15:05 - 2017-03-07 15:59 - 00000000 ____D C:\ProgramData\Skype 2017-02-17 15:05 - 2017-03-02 07:44 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Skype 2017-02-17 15:05 - 2017-02-17 15:05 - 00000000 ____D C:\Users\Isaela\Tracing 2017-02-17 15:03 - 2017-03-07 16:03 - 00000278 _____ C:\Windows\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}.job 2017-02-17 15:03 - 2017-03-07 09:03 - 00000000 ____D C:\Users\Todos os Usuários\{7278B71B-F83A-3DDD-7EFC-A39FE4BE2851} 2017-02-17 15:03 - 2017-03-07 09:03 - 00000000 ____D C:\ProgramData\{7278B71B-F83A-3DDD-7EFC-A39FE4BE2851} 2017-02-17 15:03 - 2017-03-07 07:42 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\53ba838ca5c100d424837cb8e78ab6af 2017-02-17 15:03 - 2017-02-27 09:39 - 00001455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk 2017-02-17 15:03 - 2017-02-27 09:39 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol 2017-02-17 15:03 - 2017-02-27 09:39 - 00000372 __RSH C:\ProgramData\ntuser.pol 2017-02-17 15:03 - 2017-02-17 15:07 - 00000000 ____D C:\Users\Isaela\AppData\Local\{1B3A2D66-3F92-41DE-520A-6436766298AE} 2017-02-17 15:03 - 2017-02-17 15:03 - 00004344 _____ C:\Windows\System32\Tasks\Yahoo! Powered daril 2017-02-17 15:03 - 2017-02-17 15:03 - 00003380 _____ C:\Windows\System32\Tasks\ByteFence 2017-02-17 15:03 - 2017-02-17 15:03 - 00003222 _____ C:\Windows\System32\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF} 2017-02-17 15:02 - 2017-03-07 16:03 - 00000000 ____D C:\Program Files\ByteFence 2017-02-17 15:02 - 2017-03-07 15:34 - 01631200 _____ (Skype Technologies S.A.) C:\Users\Isaela\Documents\Baixaki_skype.exe 2017-02-17 15:02 - 2017-02-17 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\ScreenShot 2017-02-17 15:02 - 2017-02-17 15:02 - 01858608 _____ (Internet ) C:\Users\Isaela\Desktop\Baixaki_skype_V1VnDc.exe 2017-02-17 15:02 - 2017-02-17 15:02 - 00001859 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ScreenShot.lnk 2017-02-17 15:02 - 2017-02-17 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot 2017-02-17 15:02 - 2017-02-17 15:02 - 00000000 ____D C:\Program Files (x86)\ScreenShot 2017-02-17 09:37 - 2017-02-17 09:37 - 00187329 _____ C:\Users\Isaela\Desktop\energia.pdf 2017-02-17 09:37 - 2017-02-17 09:37 - 00187329 _____ C:\Users\Isaela\Desktop\energ..pdf 2017-02-17 09:10 - 2017-02-17 09:10 - 00002172 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2017-02-17 09:10 - 2017-02-17 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro 2017-02-17 09:09 - 2017-02-17 09:10 - 01129376 _____ (Google Inc.) C:\GoogleEarthProSetup (1).exe 2017-02-17 09:08 - 2017-02-17 09:08 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk 2017-02-17 09:08 - 2017-02-17 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2017-02-17 09:07 - 2017-02-17 09:07 - 00000000 ____D C:\Windows\system32\appmgmt 2017-02-17 09:05 - 2017-02-17 09:05 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Google 2017-02-14 17:07 - 2017-02-14 17:07 - 00074741 _____ C:\Users\Isaela\Desktop\conta luz.pdf 2017-02-14 15:20 - 2017-02-14 15:20 - 00346254 _____ C:\Users\Isaela\Desktop\DiagnosticoBR.JAR 2017-02-14 15:19 - 2017-02-14 15:19 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Sun 2017-02-14 15:18 - 2017-02-14 15:19 - 00000000 ____D C:\Users\Todos os Usuários\Oracle 2017-02-14 15:18 - 2017-02-14 15:19 - 00000000 ____D C:\ProgramData\Oracle 2017-02-14 15:18 - 2017-02-14 15:18 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-02-14 15:18 - 2017-02-14 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-02-14 15:18 - 2017-02-14 15:18 - 00000000 ____D C:\Program Files (x86)\Java 2017-02-14 13:37 - 2017-02-14 13:37 - 00308086 _____ C:\Users\Isaela\Desktop\boletoECO-14022017-9600.pdf 2017-02-09 10:45 - 2017-02-09 10:45 - 00000000 ____D C:\Users\Isaela\AppData\Local\mqtmvtiqc 2017-02-09 10:09 - 2017-02-09 10:09 - 00307973 _____ C:\Users\Isaela\Downloads\boletoECO-09022017-9600 (1).pdf 2017-02-09 09:24 - 2017-02-09 09:24 - 00307973 _____ C:\Users\Isaela\Downloads\boletoECO-09022017-9600.pdf 2017-02-09 09:14 - 2017-02-09 09:14 - 00003520 _____ C:\Users\Isaela\Downloads\Formulario-Sonegacao-Fiscal-(258747859).zip 2017-02-09 09:14 - 2017-02-09 09:14 - 00000000 ____D C:\Users\Isaela\AppData\Local\vzuxpnczm 2017-02-09 09:14 - 2017-02-09 09:14 - 00000000 ____D C:\Users\Isaela\AppData\Local\nnppcrvem 2017-02-09 09:13 - 2017-02-09 09:13 - 00003520 _____ C:\Users\Isaela\Downloads\Formulario-Sonegacao-Fiscal-(435788555).zip 2017-01-30 09:03 - 2017-01-30 09:03 - 00000182 _____ C:\Users\Isaela\Downloads\30 01 2017.html 2017-01-26 15:06 - 2017-01-26 15:06 - 00005192 _____ C:\Users\Isaela\Desktop\Bradesco_26012017_160550.OFX 2017-01-26 11:37 - 2017-03-07 10:49 - 00000000 ____D C:\Users\Isaela\Desktop\XML FORNCEDOR 2017-01-26 11:36 - 2017-01-26 11:36 - 00005368 _____ C:\Users\Isaela\Downloads\51170103382668000139550010000078151000078150.xml 2017-01-26 11:26 - 2017-01-26 11:27 - 20853080 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\BOIE9_PTBR_BO0085_VIS.EXE 2017-01-26 11:21 - 2017-01-26 11:23 - 60959120 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\EIE11_PT-BR_WOL_WIN764.EXE 2017-01-26 11:19 - 2017-01-26 11:20 - 36860720 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\IE9-WindowsVista-x64-ptb.exe 2017-01-26 11:16 - 2017-01-26 11:17 - 58491088 _____ (Microsoft Corporation) C:\Users\Isaela\Downloads\IE11-Windows6.1-x64-pt-br.exe 2017-01-25 16:14 - 2017-01-27 14:55 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft Games 2017-01-25 14:39 - 2017-01-25 14:40 - 02589033 _____ C:\Users\Isaela\Downloads\Fatura_012017_MARIA_4348_MASTER_00080875110087 (1).PDF 2017-01-25 10:38 - 2017-01-25 10:39 - 02589033 _____ C:\Users\Isaela\Downloads\Fatura_012017_MARIA_4348_MASTER_00080875110087.PDF 2017-01-24 13:34 - 2017-01-24 13:34 - 00091334 _____ C:\Users\Isaela\Downloads\Mineração Abelha - Solução de Consulta 67-2012 - Trib. Ouro.pdf 2017-01-24 10:49 - 2017-01-24 10:49 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlugin 2017-01-24 10:49 - 2017-01-24 10:49 - 00000000 ____D C:\Program Files (x86)\webrec 2017-01-24 08:30 - 2017-01-24 08:30 - 00031797 _____ C:\Users\Isaela\Downloads\JAYME (3).pdf 2017-01-24 08:30 - 2017-01-24 08:30 - 00019153 _____ C:\Users\Isaela\Downloads\208277.pdf 2017-01-23 13:49 - 2017-01-23 13:49 - 00194249 _____ C:\Users\Isaela\Downloads\JAYME VICENTE (1).pdf 2017-01-23 09:46 - 2017-01-23 09:46 - 00191138 _____ C:\Users\Isaela\Downloads\JAYME VICENTE.pdf 2017-01-19 17:07 - 2017-01-19 17:07 - 00075584 _____ C:\Users\Isaela\Downloads\documento_1267501_19_01_2017.pdf 2017-01-19 17:07 - 2017-01-19 17:07 - 00075052 _____ C:\Users\Isaela\Downloads\documento_1267501_19_01_2017 (1).pdf 2017-01-19 17:06 - 2017-01-19 17:06 - 00074715 _____ C:\Users\Isaela\Downloads\documento_1072236_19_01_2017.pdf 2017-01-18 16:59 - 2017-01-18 16:59 - 00331896 _____ C:\Users\Isaela\Downloads\boletoenotasreferente.zip 2017-01-18 16:59 - 2017-01-18 16:59 - 00331896 _____ C:\Users\Isaela\Downloads\boletoenotasreferente (1).zip 2017-01-18 13:58 - 2017-01-18 13:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2017-01-13 13:32 - 2017-01-13 13:33 - 00000000 ____D C:\Users\Isaela\Desktop\quitacao carregadeira 2017-01-13 13:18 - 2017-01-13 13:19 - 00000000 ____D C:\Users\Isaela\Desktop\EXTRATO DE PAGTO VOLVO EC 250 2017-01-12 16:26 - 2017-01-13 09:29 - 00000000 ____D C:\Users\Isaela\Desktop\Nota Fiscal Maquinários 2017-01-11 14:21 - 2017-01-11 14:21 - 00110561 _____ C:\Users\Isaela\Downloads\0720_019.PDF 2017-01-11 13:35 - 2017-01-11 13:35 - 00056811 _____ C:\Users\Isaela\Downloads\danfe52549.pdf 2017-01-09 16:54 - 2017-01-09 16:54 - 00030415 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES 06-03.pdf 2017-01-09 16:53 - 2017-01-09 16:53 - 00030409 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES 06-02.pdf 2017-01-09 16:50 - 2017-01-09 16:50 - 00030420 _____ C:\Users\Isaela\Downloads\JAYME VICENTE VALADARES ME 05-04.pdf 2017-01-09 15:57 - 2017-01-09 15:57 - 00041160 _____ C:\Users\Isaela\Downloads\1Extrato (1).pdf 2017-01-09 15:50 - 2017-01-09 15:50 - 00041160 _____ C:\Users\Isaela\Downloads\1Extrato.pdf 2017-01-09 14:50 - 2017-01-09 14:50 - 00037974 _____ C:\Users\Isaela\Downloads\pedido 18935 (1).PDF 2017-01-09 14:49 - 2017-01-09 14:49 - 00080222 _____ C:\Users\Isaela\Downloads\nf 2525.pdf 2017-01-09 14:49 - 2017-01-09 14:49 - 00072064 _____ C:\Users\Isaela\Downloads\NF SERVICO 1484.pdf 2017-01-09 14:49 - 2017-01-09 14:49 - 00037974 _____ C:\Users\Isaela\Downloads\pedido 18935.PDF 2017-01-09 14:47 - 2017-01-09 14:47 - 00072423 _____ C:\Users\Isaela\Downloads\nf servico 1483.pdf 2017-01-09 14:47 - 2017-01-09 14:47 - 00031600 _____ C:\Users\Isaela\Downloads\NF 2524 Jayme.pdf 2017-01-09 14:47 - 2017-01-09 14:47 - 00019154 _____ C:\Users\Isaela\Downloads\Pedido 18778.PDF 2017-01-09 10:04 - 2017-01-09 10:04 - 00110783 _____ C:\Users\Isaela\Desktop\51170137525771000455550040002102001002343340-nfe.pdf 2017-01-09 10:03 - 2017-01-09 10:03 - 01748772 _____ C:\Users\Isaela\Desktop\NFe Nacional - mineracaoabelha@gmail.com - Gmail.html 2017-01-09 10:03 - 2017-01-09 10:03 - 00000000 ____D C:\Users\Isaela\Desktop\NFe Nacional - mineracaoabelha@gmail.com - Gmail_files 2017-01-09 09:25 - 2017-01-09 09:25 - 00075584 _____ C:\Users\Isaela\Downloads\documento_1267501_09_01_2017.pdf 2017-01-09 09:19 - 2017-01-09 09:19 - 00074741 _____ C:\Users\Isaela\Downloads\documento_1072236_09_01_2017 (1).pdf 2017-01-09 09:17 - 2017-01-09 09:17 - 00075152 _____ C:\Users\Isaela\Downloads\documento_1072236_09_01_2017.pdf 2017-01-09 08:45 - 2017-01-09 08:45 - 00000000 ____D C:\Users\Isaela\Desktop\doc. funcionarios 2017-01-06 16:22 - 2017-01-06 16:22 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto (2).htm 2017-01-06 13:13 - 2017-01-06 13:13 - 04683517 _____ C:\Users\Isaela\Downloads\JAYME VICENTE BOLETO 7055 NFE 9870.pdf 2017-01-05 16:45 - 2017-01-05 16:45 - 00013480 _____ C:\Users\Isaela\Downloads\relatorio.pdf 2017-01-05 10:31 - 2017-01-05 10:31 - 00000000 ____D C:\Users\Isaela\Desktop\comp. de pagamento 2017-01-05 10:29 - 2017-01-05 10:29 - 00000000 ____D C:\Users\Isaela\Documents\Meu Scanner 2017-01-04 08:41 - 2017-01-12 11:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-01-03 11:33 - 2017-01-03 11:33 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto.htm 2017-01-03 11:33 - 2017-01-03 11:33 - 00045948 _____ C:\Users\Isaela\Downloads\Boleto (1).htm 2017-01-02 11:35 - 2017-03-03 19:40 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Scpad 2017-01-02 11:10 - 2017-01-02 11:10 - 00000938 _____ C:\Users\Public\Desktop\Navegador Exclusivo Bradesco.lnk 2017-01-02 11:10 - 2017-01-02 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Exclusivo Bradesco 2017-01-02 11:10 - 2017-01-02 11:10 - 00000000 ____D C:\Program Files (x86)\AppBrad 2017-01-02 11:07 - 2017-01-02 11:09 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador (2).exe 2017-01-02 10:31 - 2017-01-02 10:32 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador (1).exe 2016-12-29 16:28 - 2016-12-29 16:28 - 00116532 _____ C:\Users\Isaela\Downloads\IMG_7115.JPG 2016-12-29 16:28 - 2016-12-29 16:28 - 00113707 _____ C:\Users\Isaela\Downloads\IMG_7114.JPG 2016-12-29 12:43 - 2016-12-29 12:43 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Mozilla 2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Todos os Usuários\scpbrad 2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Users\Isaela\AppData\Local\Geckofx 2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\ProgramData\scpbrad 2016-12-29 12:42 - 2016-12-29 12:42 - 00000000 ____D C:\Program Files (x86)\scpbrad 2016-12-29 12:41 - 2016-12-29 12:41 - 00000000 ____D C:\Windows\Sun 2016-12-29 12:40 - 2017-03-03 19:40 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\NetExpress50 2016-12-29 10:56 - 2016-12-29 10:56 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME (2).pdf 2016-12-29 10:56 - 2016-12-29 10:56 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME (1).pdf 2016-12-29 10:54 - 2016-12-29 10:54 - 00032796 _____ C:\Users\Isaela\Downloads\JAYME.pdf 2016-12-29 09:08 - 2016-12-29 09:11 - 54254840 _____ (Copyright © 2016 Scopus Tecnologia Ltda. ) C:\Users\Isaela\Downloads\Instalador.exe 2016-12-29 08:40 - 2016-12-29 17:00 - 00000251 _____ C:\Windows\SysWOW64\LogBackupServer29122016.txt 2016-12-28 16:29 - 2016-12-28 16:29 - 00001153 _____ C:\Users\Isaela\Desktop\BACKUP ECO CENTAURO.lnk 2016-12-28 15:16 - 2016-12-28 15:18 - 12223223 _____ C:\Users\Isaela\Downloads\EcoBackup v.1.0.6.000.rar 2016-12-28 14:58 - 2016-12-28 14:58 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\HK-Software 2016-12-28 14:57 - 2016-12-28 14:57 - 00001213 _____ C:\Users\Isaela\Desktop\IBExpertLive.lnk 2016-12-28 14:57 - 2016-12-28 14:57 - 00001163 _____ C:\Users\Isaela\Desktop\IBExpert.lnk 2016-12-28 14:57 - 2016-12-28 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HK-Software 2016-12-28 14:57 - 2016-12-28 14:57 - 00000000 ____D C:\Program Files (x86)\HK-Software 2016-12-28 14:23 - 2016-06-16 18:43 - 00036984 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddntf.sys 2016-12-28 14:23 - 2016-06-16 18:43 - 00008811 _____ C:\Windows\system32\Drivers\wsddntf.cat 2016-12-28 14:23 - 2016-06-16 14:06 - 00002708 _____ C:\Windows\system32\Drivers\wsddntf.inf 2016-12-28 14:23 - 2016-06-08 18:43 - 00097376 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys 2016-12-28 13:46 - 2016-12-28 13:46 - 00000000 ____D C:\Users\Isaela\Desktop\fluxo Eco sistemas 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 ____N C:\Users\Isaela\AppData\Local\winlogon.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 ____H C:\Windows\eksplorasi.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Windows\SysWOW64\Isaela's Setting.scr 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\Documents\Documents.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\smss.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\services.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\lsass.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\inetinfo.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 00041385 _____ C:\Users\Isaela\AppData\Local\csrss.exe 2016-12-28 13:42 - 2016-12-28 13:42 - 00000000 ____D C:\Users\Todos os Usuários\AMMYY 2016-12-28 13:42 - 2016-12-28 13:42 - 00000000 ____D C:\ProgramData\AMMYY 2016-12-28 13:18 - 2017-03-07 07:41 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2016-12-28 13:18 - 2016-12-28 13:19 - 00001024 _____ C:\.rnd 2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia 2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ___HD C:\Program Files (x86)\Diebold 2016-12-28 13:18 - 2016-12-28 13:18 - 00000000 ____D C:\Program Files\Diebold 2016-12-28 13:12 - 2017-03-07 16:08 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys 2016-12-28 13:12 - 2017-03-07 13:42 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-12-28 13:12 - 2017-03-07 13:42 - 00000000 ____D C:\ProgramData\GbPlugin 2016-12-28 13:12 - 2017-03-07 07:41 - 00000000 ____D C:\Program Files (x86)\GbPlugin 2016-12-28 13:04 - 2016-12-28 13:12 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia 2016-12-28 13:04 - 2016-12-28 13:12 - 00000000 ____D C:\ProgramData\GAS Tecnologia 2016-12-28 13:04 - 2016-12-28 13:04 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess 2016-12-28 13:04 - 2016-12-28 13:04 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-12-28 13:02 - 2016-12-28 13:20 - 00002911 _____ C:\Users\Isaela\Downloads\Diagnóstico Sicredi.log 2016-12-28 12:42 - 2016-12-28 12:46 - 00000000 ____D C:\Users\Isaela\ISAELA 2016-12-28 12:39 - 2016-12-28 12:39 - 00001042 _____ C:\Users\Isaela\Desktop\ammy.lnk 2016-12-28 12:39 - 2016-12-28 12:39 - 00000000 ____D C:\Program Files (x86)\DoroPDFWriter 2016-12-28 12:38 - 2012-05-02 16:38 - 07017723 _____ (CompSoft ) C:\Users\Isaela\Downloads\DoroSetup.exe 2016-12-28 12:37 - 2016-12-28 12:38 - 06987290 _____ C:\Users\Isaela\Downloads\DoroSetup.zip 2016-12-28 12:21 - 2017-03-07 15:12 - 00000000 ____D C:\Users\Todos os Usuários\firebird 2016-12-28 12:21 - 2017-03-07 15:12 - 00000000 ____D C:\ProgramData\firebird 2016-12-28 12:19 - 2016-12-28 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoCentauro ® 2016-12-28 12:19 - 2007-06-09 10:31 - 01069056 _____ (Daruma Automação) C:\Windows\SysWOW64\Daruma32.dll 2016-12-28 12:19 - 2002-08-28 15:40 - 00061440 _____ (ZANTHUS Indústria e Comércio de Equipamentos Eletrônicos Ltda.) C:\Windows\SysWOW64\qzecf32.dll 2016-12-28 12:18 - 2017-02-23 15:21 - 00000000 ____D C:\ecosis 2016-12-28 12:18 - 2017-01-26 13:06 - 00000681 _____ C:\Users\Public\Desktop\ECO SISTEMAS®.lnk 2016-12-28 12:18 - 2016-12-28 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoCentauro® 2016-12-28 12:17 - 2016-12-28 12:24 - 00000480 _____ C:\Windows\ODBC.INI 2016-12-28 12:17 - 2016-12-28 12:17 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports 9.lnk 2016-12-28 12:17 - 2016-12-28 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crystal Reports 9 Tools 2016-12-28 12:16 - 2016-12-28 12:17 - 00000000 ____D C:\Program Files (x86)\Crystal Decisions 2016-12-28 12:16 - 2016-12-28 12:16 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk 2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\Users\Todos os Usuários\InstallShield 2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\ProgramData\InstallShield 2016-12-28 12:16 - 2016-12-28 12:16 - 00000000 ____D C:\Program Files (x86)\Centauro Sistemas Ltda 2016-12-28 12:16 - 2004-08-09 05:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl 2016-12-28 12:15 - 2016-12-28 12:18 - 00000000 ____D C:\Program Files (x86)\Firebird 2016-12-28 12:15 - 2016-12-28 12:17 - 00001754 _____ C:\Windows\ODBCINST.INI 2016-12-28 12:15 - 2016-12-28 12:15 - 00225280 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\IscDbc.dll 2016-12-28 12:15 - 2016-12-28 12:15 - 00200704 _____ (IBPhoenix Inc) C:\Windows\SysWOW64\OdbcJdbc.dll 2016-12-28 12:15 - 2016-12-28 12:15 - 00086016 _____ (IBPhoenix Inc.) C:\Windows\SysWOW64\OdbcJdbcSetup.dll 2016-12-28 12:15 - 2016-12-28 12:15 - 00028947 _____ C:\Windows\SysWOW64\OdbcJdbc.chm 2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\Users\Isaela\AppData\Local\OdbcJdbcSetup 2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (Win32) 2016-12-28 12:15 - 2016-12-28 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2016-12-28 12:15 - 2011-10-03 07:28 - 00548864 _____ (Firebird Project) C:\Windows\SysWOW64\GDS32.DLL 2016-12-28 12:12 - 2016-12-28 12:12 - 00206355 _____ C:\Users\Isaela\Documents\Digitalizador.jpg 2016-12-28 12:12 - 2016-12-28 12:12 - 00001030 _____ C:\Users\Isaela\Desktop\Digitalizar para.lnk 2016-12-28 12:09 - 2016-12-28 12:09 - 00000000 ____D C:\Users\Todos os Usuários\HP 2016-12-28 12:09 - 2016-12-28 12:09 - 00000000 ____D C:\ProgramData\HP 2016-12-28 12:06 - 2016-12-28 12:06 - 01594828 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-12-28 12:06 - 2016-12-28 12:06 - 00000199 _____ C:\Windows\SysWOW64\msiexec.log 2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY 2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard 2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\HPSSUPPLY 2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-12-28 12:06 - 2016-12-28 12:06 - 00000000 ____D C:\Program Files (x86)\HP 2016-12-28 12:04 - 2009-11-25 11:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2016-12-28 12:04 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe 2016-12-28 12:04 - 2009-11-25 11:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll 2016-12-28 12:04 - 2009-11-25 11:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2016-12-28 12:03 - 2016-12-28 12:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf 2016-12-28 12:03 - 2012-11-08 07:32 - 00126856 _____ (HP) C:\Windows\system32\HPSIsvc.exe 2016-12-28 12:03 - 2012-11-08 00:00 - 00081920 _____ C:\Windows\SysWOW64\mvusbews.dll 2016-12-28 12:03 - 2012-09-29 12:26 - 01366528 _____ C:\Windows\system32\HPM1210SM.exe 2016-12-28 12:03 - 2012-09-29 12:25 - 00409088 _____ C:\Windows\system32\HPM1210LM.DLL 2016-12-28 12:02 - 2016-12-28 12:02 - 00000000 ____D C:\Program Files\HP 2016-12-28 12:02 - 2012-11-08 00:00 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2016-12-28 12:02 - 2012-11-08 00:00 - 00089600 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\m1130wia2.dll 2016-12-28 12:02 - 2012-11-08 00:00 - 00082944 _____ C:\Windows\system32\mvusbews.dll 2016-12-28 12:02 - 2012-11-08 00:00 - 00052224 _____ C:\Windows\system32\HPM1210SMs.dll 2016-12-28 12:02 - 2012-11-08 00:00 - 00038912 _____ C:\Windows\system32\HPImgFlt.dll 2016-12-28 12:02 - 2012-11-08 00:00 - 00019968 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys 2016-12-28 12:02 - 2012-09-29 02:05 - 00350720 _____ C:\Windows\system32\mvhlewsi.dll 2016-12-28 11:52 - 2016-10-26 15:29 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-12-28 11:48 - 2016-12-28 11:50 - 00000000 ____D C:\Users\Isaela\Desktop\UTEIS 2016-12-28 11:44 - 2016-12-28 10:49 - 00000000 ____D C:\Windows\Panther 2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Adobe 2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Adobe 2016-12-28 11:32 - 2016-12-28 11:32 - 00000000 ____D C:\Users\Isaela\AppData\Local\Adobe 2016-12-28 11:31 - 2017-03-07 15:19 - 00000000 ___RD C:\Users\Isaela\Documents\Scanned Documents 2016-12-28 11:31 - 2017-01-10 10:50 - 00000000 ____D C:\Users\Isaela\Documents\Fax 2016-12-28 11:30 - 2016-12-28 12:00 - 222998632 _____ C:\Users\Isaela\Downloads\LJM1130_M1210_MFP_Full_Solution.exe 2016-12-28 11:27 - 2017-03-07 15:30 - 00000000 ____D C:\Users\Isaela\AppData\Local\ElevatedDiagnostics 2016-12-28 11:22 - 2017-03-06 13:26 - 01854260 ____H C:\Users\Isaela\AppData\Local\IconCache.db 2016-12-28 11:20 - 2017-03-07 15:43 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-12-28 11:20 - 2017-03-07 15:43 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-28 11:20 - 2016-12-28 11:20 - 00000000 ____D C:\Program Files\Intel 2016-12-28 11:18 - 2016-12-28 12:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-12-28 11:18 - 2016-12-28 11:18 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e 2016-12-28 11:14 - 2016-12-28 11:22 - 00000408 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2016-12-28 11:14 - 2016-12-28 11:14 - 00003814 _____ C:\Windows\System32\Tasks\DriverEasy Scheduled Scan 2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Easeware 2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy 2016-12-28 11:14 - 2016-12-28 11:14 - 00000000 ____D C:\Program Files\Easeware 2016-12-28 11:11 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-12-28 11:11 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-12-28 11:11 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-12-28 11:11 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-12-28 11:11 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-12-28 11:11 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-12-28 11:11 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-12-28 11:11 - 2012-06-02 14:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-12-28 11:11 - 2012-06-02 14:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-12-28 11:08 - 2016-12-28 11:08 - 01065376 _____ (Google Inc.) C:\Users\Isaela\Downloads\ChromeSetup.exe 2016-12-28 11:05 - 2017-03-01 15:17 - 00001856 _____ C:\Windows\PFRO.log 2016-12-28 11:04 - 2017-01-12 11:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2016-12-28 11:04 - 2016-12-29 12:42 - 00085712 _____ C:\Users\Isaela\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-28 11:04 - 2016-12-28 11:04 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Windows\SysWOW64\Wat 2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Windows\system32\Wat 2016-12-28 11:04 - 2016-12-28 11:04 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\WinRAR 2016-12-28 11:03 - 2017-01-02 10:23 - 00000000 ____D C:\Users\Todos os Usuários\Adobe 2016-12-28 11:03 - 2017-01-02 10:23 - 00000000 ____D C:\ProgramData\Adobe 2016-12-28 11:03 - 2016-12-28 11:03 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-12-28 11:02 - 2016-12-28 11:02 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry 2016-12-28 11:01 - 2017-01-30 10:31 - 00000000 ____D C:\Users\Isaela\AppData\Local\Diagnostics 2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\Users\Public\Foxit Software 2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-12-28 11:00 - 2016-12-28 11:00 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2016-12-28 11:00 - 2014-02-06 15:00 - 00127488 _____ C:\Windows\system32\ff_vfw.dll 2016-12-28 11:00 - 2014-02-06 15:00 - 00112640 _____ C:\Windows\SysWOW64\ff_vfw.dll 2016-12-28 11:00 - 2013-12-01 10:10 - 00257624 _____ C:\Windows\system32\unrar64.dll 2016-12-28 11:00 - 2013-12-01 10:10 - 00218200 _____ C:\Windows\SysWOW64\unrar.dll 2016-12-28 11:00 - 2013-03-17 15:22 - 03554304 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll 2016-12-28 11:00 - 2013-03-17 14:21 - 03649536 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll 2016-12-28 11:00 - 2012-07-21 08:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm 2016-12-28 11:00 - 2012-07-21 08:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm 2016-12-28 11:00 - 2011-12-07 15:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll 2016-12-28 11:00 - 2011-12-07 15:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll 2016-12-28 11:00 - 2011-06-24 12:45 - 00258560 _____ C:\Windows\system32\xvidvfw.dll 2016-12-28 11:00 - 2011-06-24 12:44 - 00243200 _____ C:\Windows\SysWOW64\xvidvfw.dll 2016-12-28 11:00 - 2011-06-24 12:31 - 00703488 _____ C:\Windows\system32\xvidcore.dll 2016-12-28 11:00 - 2011-06-24 12:28 - 00650752 _____ C:\Windows\SysWOW64\xvidcore.dll 2016-12-28 10:59 - 2016-12-28 11:00 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Foxit Software 2016-12-28 10:59 - 2016-12-28 10:59 - 00000000 ____D C:\Users\Isaela\AppData\Local\Programs 2016-12-28 10:59 - 2016-12-28 10:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software 2016-12-28 10:57 - 2017-02-17 09:10 - 00000000 ____D C:\Program Files (x86)\Google 2016-12-28 10:57 - 2017-02-07 09:05 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-28 10:57 - 2017-02-07 09:05 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-28 10:57 - 2016-12-28 11:34 - 00000000 ____D C:\Users\Isaela\AppData\Local\Google 2016-12-28 10:57 - 2016-12-28 11:17 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-28 10:57 - 2016-12-28 11:17 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-28 10:57 - 2016-12-28 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-12-28 10:56 - 2016-12-28 12:04 - 00000000 ____D C:\Program Files (x86)\Microsoft.NET 2016-12-28 10:56 - 2016-12-28 10:56 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2016-12-28 10:56 - 2016-12-28 10:56 - 00001166 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk 2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Windows\PCHEALTH 2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Sun 2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2016-12-28 10:56 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2016-12-28 10:55 - 2017-03-07 15:59 - 00000000 __SHD C:\Windows\Installer 2016-12-28 10:55 - 2016-12-28 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2016-12-28 10:55 - 2016-12-28 12:18 - 00000000 ____D C:\ProgramData\Microsoft Help 2016-12-28 10:55 - 2016-12-28 10:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-28 10:55 - 2016-12-28 10:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-28 10:55 - 2016-12-28 10:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 __RHD C:\MSOCache 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft Help 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files\WinRAR 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files\Microsoft Office 2016-12-28 10:55 - 2016-12-28 10:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-12-28 10:53 - 2017-02-17 15:15 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\DRPSu 2016-12-28 10:53 - 2016-12-28 11:07 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow\Microsoft 2016-12-28 10:50 - 2016-12-28 10:50 - 00001389 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2016-12-28 10:50 - 2016-12-28 10:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-12-28 10:49 - 2017-03-07 16:08 - 02097152 ___SH C:\Users\Isaela\NTUSER.DAT 2016-12-28 10:49 - 2017-03-07 16:08 - 00262144 ___SH C:\Users\Isaela\ntuser.dat.LOG1 2016-12-28 10:49 - 2017-03-07 16:08 - 00000000 ___RD C:\Users\Isaela\Documents 2016-12-28 10:49 - 2017-03-07 16:08 - 00000000 ____D C:\Users\Isaela\AppData\Local\Temp 2016-12-28 10:49 - 2017-03-07 16:05 - 00000000 ___RD C:\Users\Isaela\Downloads 2016-12-28 10:49 - 2017-03-07 16:03 - 00000000 ____D C:\Users\Isaela\AppData\Roaming 2016-12-28 10:49 - 2017-03-07 15:50 - 00000000 ___RD C:\Users\Isaela\Desktop 2016-12-28 10:49 - 2017-03-07 15:43 - 01896101 _____ C:\Windows\WindowsUpdate.log 2016-12-28 10:49 - 2017-03-07 15:35 - 00000000 ____D C:\Users\Isaela\AppData\Local 2016-12-28 10:49 - 2017-03-07 15:13 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-12-28 10:49 - 2017-02-24 17:44 - 00000000 ___SD C:\Users\Isaela\AppData\Roaming\Microsoft 2016-12-28 10:49 - 2017-02-23 08:23 - 00000000 ___RD C:\Users\Isaela\Pictures 2016-12-28 10:49 - 2017-02-23 08:23 - 00000000 ____D C:\Users\Isaela\AppData\LocalLow 2016-12-28 10:49 - 2017-02-17 15:06 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-28 10:49 - 2017-02-17 15:06 - 00000000 ____D C:\Users\Isaela\AppData\Local\Microsoft 2016-12-28 10:49 - 2017-02-17 15:05 - 00000000 ____D C:\Users\Isaela 2016-12-28 10:49 - 2017-02-13 10:12 - 00000000 ___RD C:\Users\Isaela\Videos 2016-12-28 10:49 - 2017-01-25 16:14 - 00000000 ___RD C:\Users\Isaela\Saved Games 2016-12-28 10:49 - 2017-01-24 10:51 - 00000000 ____D C:\Users\Isaela\AppData\Local\VirtualStore 2016-12-28 10:49 - 2017-01-24 10:50 - 00000000 ___RD C:\Users\Isaela\Favorites 2016-12-28 10:49 - 2016-12-28 12:04 - 00000000 ____D C:\Windows\SoftwareDistribution 2016-12-28 10:49 - 2016-12-28 11:05 - 00524288 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms 2016-12-28 10:49 - 2016-12-28 11:05 - 00524288 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms 2016-12-28 10:49 - 2016-12-28 11:05 - 00065536 ___SH C:\Users\Isaela\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf 2016-12-28 10:49 - 2016-12-28 10:50 - 00001423 _____ C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-12-28 10:49 - 2016-12-28 10:50 - 00000476 ___SH C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-28 10:49 - 2016-12-28 10:50 - 00000402 ___SH C:\Users\Isaela\Documents\desktop.ini 2016-12-28 10:49 - 2016-12-28 10:50 - 00000282 ___SH C:\Users\Isaela\Downloads\desktop.ini 2016-12-28 10:49 - 2016-12-28 10:50 - 00000282 ___SH C:\Users\Isaela\Desktop\desktop.ini 2016-12-28 10:49 - 2016-12-28 10:50 - 00000174 ___SH C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini 2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Searches 2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Music 2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Links 2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\Contacts 2016-12-28 10:49 - 2016-12-28 10:50 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-12-28 10:49 - 2016-12-28 10:49 - 00000020 ___SH C:\Users\Isaela\ntuser.ini 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Usuário Padrão 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Todos os Usuários 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\SendTo 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Recent 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Modelos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Meus documentos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Menu Iniciar 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Minhas músicas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Minhas imagens 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Documents\Meus vídeos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Cookies 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Configurações locais 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Temporary Internet Files 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Histórico 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\AppData\Local\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Ambiente de rede 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Isaela\Ambiente de impressão 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Modelos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Meus documentos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Menu Iniciar 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Configurações locais 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Ambiente de rede 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Modelos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Menu Iniciar 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Favoritos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Documentos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Program Files\Common Files\Sistema 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Program Files\Arquivos Comuns 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 _SHDL C:\Arquivos de Programas 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 __SHD C:\Recovery 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ___SH C:\Users\Isaela\ntuser.dat.LOG2 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ___HD C:\Users\Isaela\AppData 2016-12-28 10:49 - 2016-12-28 10:49 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Identities 2016-12-28 10:49 - 2009-07-14 15:11 - 00000000 ____D C:\Users\Isaela\AppData\Roaming\Media Center Programs 2016-12-28 10:49 - 2009-07-14 01:54 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-12-28 10:49 - 2009-07-14 01:49 - 00000000 ___RD C:\Users\Isaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-12-28 10:47 - 2016-12-28 10:47 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-12-28 10:47 - 2016-12-28 10:47 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-12-28 10:47 - 2016-12-28 10:47 - 00001313 _____ C:\Windows\TSSysprep.log 2016-12-28 10:45 - 2017-03-07 16:05 - 00000000 ____D C:\Windows\Prefetch 2016-12-28 10:45 - 2017-03-07 15:58 - 00000000 __SHD C:\System Volume Information 2016-12-28 10:45 - 2017-03-07 07:41 - 3982843904 ___SH C:\pagefile.sys 2016-12-28 10:45 - 2017-03-07 07:41 - 2987130880 ___SH C:\hiberfil.sys ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-03-07 15:13 - 2009-07-14 15:11 - 00000000 ____D C:\Windows\ShellNew 2017-03-07 07:46 - 2009-07-14 14:55 - 00702882 _____ C:\Windows\system32\prfh0416.dat 2017-03-07 07:46 - 2009-07-14 14:55 - 00145668 _____ C:\Windows\system32\prfc0416.dat 2017-03-07 07:46 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-07 07:46 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2017-03-07 07:41 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-17 15:03 - 2009-07-14 00:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2017-02-17 15:03 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy ==================== Arquivos na raiz de alguns diretórios ======= 2017-02-18 07:44 - 2017-03-07 07:42 - 0000269 _____ () C:\Users\Isaela\AppData\Roaming\WB.CFG 2017-03-07 15:19 - 2017-03-07 15:19 - 0400607 _____ () C:\Users\Isaela\AppData\Local\Bron.tok.A9.em.bin 2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\csrss.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\inetinfo.exe 2017-03-07 15:14 - 2017-03-07 15:14 - 0402607 _____ () C:\Users\Isaela\AppData\Local\ListHost9.txt 2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\lsass.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\services.exe 2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 _____ () C:\Users\Isaela\AppData\Local\smss.exe 2017-03-07 15:35 - 2017-03-07 15:35 - 0408568 _____ () C:\Users\Isaela\AppData\Local\Update.9.Bron.Tok.bin 2016-12-28 13:46 - 2008-06-15 16:58 - 0041385 ____N () C:\Users\Isaela\AppData\Local\winlogon.exe Arquivos para serem movidos ou deletados: ==================== C:\Windows\Tasks\{28A7159C-0698-70E8-0621-32059762567D}.job C:\Windows\Tasks\{53BA838C-A5C1-00D4-2483-7CB8E78AB6AF}.job Alguns arquivos em TEMP: ==================== 2017-02-27 12:38 - 2017-02-27 12:38 - 0022016 _____ () C:\Users\Isaela\AppData\Local\Temp\1llcvnob.dll 2017-02-17 15:16 - 2017-02-17 15:16 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\BSvcProcessor.exe 2017-02-17 15:16 - 2017-02-17 15:16 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\BSvcUpdater.exe 2017-03-07 15:30 - 2017-03-07 15:30 - 0004096 _____ () C:\Users\Isaela\AppData\Local\Temp\d4ssqpoy.dll 2017-03-07 15:50 - 2017-03-07 15:50 - 1806392 _____ ( ) C:\Users\Isaela\AppData\Local\Temp\ICReinstall_Baixaki_skype_V76BqM.exe 2017-02-24 15:09 - 2017-02-24 15:09 - 0022016 _____ () C:\Users\Isaela\AppData\Local\Temp\v12cafxo.dll 2017-03-07 15:19 - 2017-03-07 15:58 - 14456872 _____ (Microsoft Corporation) C:\Users\Isaela\AppData\Local\Temp\vc_redist.x86.exe ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll [2009-07-13 20:38] - [2016-12-28 11:04] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79 C:\Windows\SysWOW64\User32.dll [2009-07-13 20:24] - [2016-12-28 11:04] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2017-03-04 18:06 ==================== Fim de FRST.txt ============================