Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-11-2017 Executado por User (administrador) em FISCAL (22-11-2017 11:49:32) Executando a partir de C:\Downloads Perfis Carregados: User (Perfis Disponíveis: User & 50-E5-49-F3-97-E0) Platform: Windows 7 Home Basic Service Pack 1 (X64) Idioma: Português (Brasil) Internet Explorer Versão 11 (Navegador padrão: IE) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe (© 2015 Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe () C:\Program Files (x86)\IPMServicosLocais\IPMServicosLocais.exe (Serasa Experian) C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe () C:\myrp\mysql\bin\mysqld.exe (Serasa Experian) C:\Program Files (x86)\Serasa Experian\Service\SerasaUpdate.exe () C:\Contabil\Utilitários\ServicoAgendador.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{81AA9DC3-9DF3-484D-8186-7C2F99CF19CE}\YSearchUtilSVC.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [25600 2013-03-04] (A.E.T. Europe B.V.) HKLM\...\Run: [WebServicePortalFederal] => [X] HKLM\...\Run: [ConsultaNF-e_SEFAZ_RS] => [X] HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\ GbPluginScd: C:\Program Files (x86)\GbPlugin\gbiehScd.dll [2017-06-09] (Sicredi) Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2017-02-07] (Banco Itaú Unibanco) HKU\S-1-5-21-2906659642-1519450751-903730741-1000\...\Run: [BingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-04] (© 2015 Microsoft Corporation) HKU\S-1-5-21-2906659642-1519450751-903730741-1000\...\Run: [Svtsc.dll] => C:\Windows\System32\rundll32.exe "C:\Users\Public\Microsoft\Svtsc.dll" _12345 HKU\S-1-5-21-2906659642-1519450751-903730741-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-2906659642-1519450751-903730741-1000\...\Run: [ADFDD090BD41B62A] => C:\Users\User\AppData\Roaming\MXlXTu\svrJnY.exe [34496 2017-03-15] (Microsoft) HKU\S-1-5-21-2906659642-1519450751-903730741-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964576 2017-10-17] (SUPERAntiSpyware) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1951968 2017-02-07] (Banco Itaú Unibanco) ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399011} - C:\Program Files (x86)\GbPlugin\gbiehscd.dll [1915104 2017-06-09] (Sicredi) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IPM - Serviços Locais.lnk [2017-06-09] ShortcutTarget: IPM - Serviços Locais.lnk -> C:\Program Files (x86)\IPMServicosLocais\IPMServicosLocais.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serasa Update.lnk [2017-06-21] ShortcutTarget: Serasa Update.lnk -> C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe (Serasa Experian) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) ProxyEnable: [HKLM] => Proxy está habilitado. ProxyServer: [HKLM] => 127.0.0.1:27158 ProxyEnable: [S-1-5-21-2906659642-1519450751-903730741-1000] => Proxy está habilitado. ProxyServer: [S-1-5-21-2906659642-1519450751-903730741-1000] => 127.0.0.1:27158 Hosts: 2.22.139.66 guardiao.itau.com.br # GbPlugin Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{379138D8-9ABF-472B-BF1B-5248B9914773}: [NameServer] 200.175.89.139,200.175.5.139 Tcpip\..\Interfaces\{C9079DB0-944F-455B-ACCF-66B28118631C}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{C9079DB0-944F-455B-ACCF-66B28118631C}: [DhcpNameServer] 192.168.1.1 192.168.1.1 ManualProxies: 1127.0.0.1:54481 Internet Explorer: ================== HKU\S-1-5-21-2906659642-1519450751-903730741-1000\Software\Microsoft\Internet Explorer\Main,Start Page = SearchScopes: HKU\S-1-5-21-2906659642-1519450751-903730741-1000 -> {A82129E2-C7F9-42B3-A096-FF26DF9FE285} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&intl=br&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-09] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-13] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-09] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-09] (Oracle Corporation) BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-01-13] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2017-02-07] (Banco Itaú Unibanco) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540011} -> C:\Program Files (x86)\GbPlugin\gbiehScd.dll [2017-06-09] (Sicredi) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-09] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-13] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-01-13] (Google Inc.) Toolbar: HKU\S-1-5-21-2906659642-1519450751-903730741-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-13] (Google Inc.) DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://tlr.webex.com/client/T30L10NSP14EP2/support/ieatgpc1.cab FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c0ka7zr6.default [2017-11-22] FF Homepage: Mozilla\Firefox\Profiles\c0ka7zr6.default -> hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=pt-br hxxps://br.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset FF NewTab: Mozilla\Firefox\Profiles\c0ka7zr6.default -> yafd:tabs FF Keyword.URL: Mozilla\Firefox\Profiles\c0ka7zr6.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q= FF NetworkProxy: Mozilla\Firefox\Profiles\c0ka7zr6.default -> http", "127.0.0.1" FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c0ka7zr6.default\searchplugins\bing-.xml [2016-02-04] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c0ka7zr6.default\searchplugins\yahoo-ysp.xml [2015-07-06] FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c0ka7zr6.default\searchplugins\yqs-barff-yandex.xml [2016-08-16] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] () FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-09] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] () FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-11-10] (Cisco WebEx LLC) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2017-11-22] <==== ATENÇÃO (Aponta para arquivo *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2017-11-22] <==== ATENÇÃO (Aponta para arquivo *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\warsaw.cfg [2017-11-22] <==== ATENÇÃO FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2017-11-22] <==== ATENÇÃO Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> msn.com CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-11-22] CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-07] CHR Extension: (Bing) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-11-06] CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14] CHR Extension: (Certisign) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjoehgfmpefldljiipnmgnfmcbfjkaad [2016-11-23] CHR Extension: (Cisco WebEx Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-14] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-07-17] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16] CHR Extension: (ICPBravo Access) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmndhfiofdlcgahoinehedbincopilm [2016-09-26] CHR HKU\S-1-5-21-2906659642-1519450751-903730741-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-01] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-01] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.) R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [590048 2017-11-21] (GAS Tecnologia) S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Arquivo não assinado] S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [Arquivo não assinado] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-05-29] () [Arquivo não assinado] S2 MSSQL$DEVI; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DEVI\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation) R2 myrp.mysql; C:\myrp\mysql\bin\mysqld.exe [8150016 2015-05-04] () [Arquivo não assinado] R2 SerasaUpdate; C:\Program Files (x86)\Serasa Experian\Service\SerasaUpdate.exe [400384 2016-12-09] (Serasa Experian) [Arquivo não assinado] R2 ServicoAgendador; C:\Contabil\Utilitários\ServicoAgendador.exe [12288 2013-10-31] () [Arquivo não assinado] S3 ServicoBackupNuvem; C:\Contabil\Agente de Backup em Nuvem\ServicoBackupNuvem.exe [120320 2017-11-08] (Domínio Sistemas Ltda.) [Arquivo não assinado] S3 ServicoDominioAtendimento; C:\Contabil\Agente de Comunicação com o Domínio Atendimento\Servico\ServicoDominioAtendimento.exe [369152 2017-11-16] () [Arquivo não assinado] S3 ServicoGerenciadorAtualizacao; C:\Contabil\Utilitários\ServicoGerenciadorAtualizacao.exe [6656 2013-10-31] () [Arquivo não assinado] S4 SQLAgent$DEVI; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DEVI\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado] R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1068376 2017-10-26] (GAS Tecnologia LTDA) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{81AA9DC3-9DF3-484D-8186-7C2F99CF19CE}\YSearchUtilSvc.exe [182736 2017-01-18] (Yahoo Inc.) ===================== Drivers (Whitelisted) ====================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 A38CCID; C:\Windows\System32\DRIVERS\a38ccid.sys [62976 2014-11-13] (Advanced Card Systems Ltd.) R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-11-22] (GAS Tecnologia) R1 gbpddfac; C:\Windows\SysWOW64\drivers\gbpddfac64.sys [28888 2017-02-07] (GAS Tecnologia) R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2017-11-22] (GAS Tecnologia) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2016-11-07] (Sony Mobile Communications) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider) R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-01-09] (Synaptics Incorporated) R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-22] (TP-LINK TECHNOLOGIES CO., LTD) S3 usbprint; C:\Windows\SysWOW64\DRIVERS\usbprint.sys [25856 2011-12-05] (Microsoft Corporation) [Arquivo não assinado] S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2017-11-22] (GAS Tecnologia LTDA) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-11-22] (GAS Tecnologia) R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2017-03-22] (GAS Tecnologia) S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2017-10-26] (GAS Tecnologia) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2017-03-22] (GAS Tecnologia) S3 dbx; system32\DRIVERS\dbx.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-11-22 11:48 - 2017-11-22 11:49 - 000000000 ____D C:\FRST 2017-11-22 11:35 - 2017-11-22 11:35 - 000144821 _____ C:\Users\User\Desktop\Resumo Mensal.pdf 2017-11-22 08:31 - 2017-11-22 08:32 - 000000000 ____D C:\Users\Todos os Usuários\GbPlugin 2017-11-22 08:31 - 2017-11-22 08:32 - 000000000 ____D C:\ProgramData\GbPlugin 2017-11-21 16:38 - 2017-11-21 16:38 - 000028273 _____ C:\Users\User\Desktop\Razão Adto Sócios.pdf 2017-11-21 16:36 - 2017-11-21 16:36 - 000032793 _____ C:\Users\User\Desktop\Razão.pdf 2017-11-21 16:36 - 2017-11-21 16:36 - 000011776 _____ C:\Users\User\Desktop\Razão Adto Sócios.xls 2017-11-21 11:33 - 2017-11-21 14:27 - 000141707 _____ C:\Users\User\Desktop\Cópia de Controle de Parcelamento.xlsx 2017-11-21 08:44 - 2017-11-22 08:31 - 000000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia 2017-11-21 08:44 - 2017-11-22 08:31 - 000000000 ____D C:\ProgramData\GAS Tecnologia 2017-11-20 17:42 - 2017-11-21 14:41 - 000060232 _____ C:\Users\User\Desktop\Cópia de Fiscal - Agendamentos.xlsx 2017-11-20 14:13 - 2017-11-20 14:14 - 000152166 _____ C:\Users\User\Desktop\Microsoft Outlook - Estilo de memorando.pdf 2017-11-17 16:04 - 2017-11-17 16:04 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-11-16 08:50 - 2017-11-16 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-11-15 15:25 - 2017-10-18 05:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-11-15 15:25 - 2017-10-18 04:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-11-15 15:25 - 2017-10-18 00:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2017-11-15 15:25 - 2017-10-18 00:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2017-11-15 15:25 - 2017-10-18 00:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2017-11-15 15:25 - 2017-10-18 00:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2017-11-15 15:25 - 2017-10-18 00:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2017-11-15 15:25 - 2017-10-18 00:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2017-11-15 15:25 - 2017-10-16 21:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-11-15 15:25 - 2017-10-16 20:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-11-15 15:25 - 2017-10-16 19:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-11-15 15:25 - 2017-10-14 06:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-11-15 15:25 - 2017-10-14 06:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-11-15 15:25 - 2017-10-14 06:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-11-15 15:25 - 2017-10-14 06:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-11-15 15:25 - 2017-10-14 06:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-11-15 15:25 - 2017-10-14 06:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-11-15 15:25 - 2017-10-14 06:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-11-15 15:25 - 2017-10-14 06:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-11-15 15:25 - 2017-10-14 06:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-11-15 15:25 - 2017-10-14 06:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-11-15 15:25 - 2017-10-14 06:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-11-15 15:25 - 2017-10-14 06:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-11-15 15:25 - 2017-10-14 06:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-11-15 15:25 - 2017-10-14 06:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-11-15 15:25 - 2017-10-14 06:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-11-15 15:25 - 2017-10-14 06:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-11-15 15:25 - 2017-10-14 06:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-11-15 15:25 - 2017-10-14 05:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-11-15 15:25 - 2017-10-14 05:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-11-15 15:25 - 2017-10-14 05:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-11-15 15:25 - 2017-10-14 05:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-11-15 15:25 - 2017-10-14 05:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-11-15 15:25 - 2017-10-14 05:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-11-15 15:25 - 2017-10-14 05:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-11-15 15:25 - 2017-10-14 05:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-11-15 15:25 - 2017-10-14 05:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-11-15 15:25 - 2017-10-14 05:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-11-15 15:25 - 2017-10-14 05:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-11-15 15:25 - 2017-10-14 05:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-11-15 15:25 - 2017-10-14 05:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-11-15 15:25 - 2017-10-14 05:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-11-15 15:25 - 2017-10-14 05:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-11-15 15:25 - 2017-10-14 05:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-11-15 15:25 - 2017-10-14 05:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-11-15 15:25 - 2017-10-14 05:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-11-15 15:25 - 2017-10-14 05:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-11-15 15:25 - 2017-10-14 04:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-11-15 15:25 - 2017-10-14 04:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-11-15 15:25 - 2017-10-14 04:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-11-15 15:25 - 2017-10-14 04:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-11-15 15:25 - 2017-10-14 04:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-11-15 15:25 - 2017-10-14 04:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-11-15 15:25 - 2017-10-14 04:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-11-15 15:25 - 2017-10-14 04:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-11-15 15:25 - 2017-10-14 04:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-11-15 15:25 - 2017-10-14 04:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-11-15 15:25 - 2017-10-14 04:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-11-15 15:25 - 2017-10-14 04:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-11-15 15:25 - 2017-10-14 04:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-11-15 15:25 - 2017-10-14 04:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-11-15 15:25 - 2017-10-14 04:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-11-15 15:25 - 2017-10-14 04:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-11-15 15:25 - 2017-10-14 04:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-11-15 15:25 - 2017-10-14 04:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-11-15 15:25 - 2017-10-14 04:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-11-15 15:25 - 2017-10-14 04:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-11-15 15:25 - 2017-10-14 04:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-11-15 15:25 - 2017-10-14 04:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-11-15 15:25 - 2017-10-14 04:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-11-15 15:25 - 2017-10-14 04:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-11-15 15:25 - 2017-10-14 04:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-11-15 15:25 - 2017-10-14 04:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-11-15 15:25 - 2017-10-14 04:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-11-15 15:25 - 2017-10-14 04:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-11-15 15:25 - 2017-10-14 04:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-11-15 15:25 - 2017-10-14 04:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-11-15 15:25 - 2017-10-11 22:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2017-11-15 15:25 - 2017-10-11 22:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2017-11-15 15:25 - 2017-10-11 22:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2017-11-15 15:25 - 2017-10-11 22:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2017-11-15 15:25 - 2017-10-11 22:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-11-15 15:25 - 2017-10-11 22:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-11-15 15:25 - 2017-10-11 22:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-11-15 15:25 - 2017-10-11 22:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-11-15 15:25 - 2017-10-11 22:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2017-11-15 15:25 - 2017-10-11 22:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2017-11-15 15:25 - 2017-10-11 22:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2017-11-15 15:25 - 2017-10-11 22:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-11-15 15:25 - 2017-10-11 22:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-11-15 15:25 - 2017-10-11 22:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-11-15 15:25 - 2017-10-11 22:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2017-11-15 15:25 - 2017-10-11 22:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2017-11-15 15:25 - 2017-10-11 22:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2017-11-15 15:25 - 2017-10-11 22:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2017-11-15 15:25 - 2017-10-11 22:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2017-11-15 15:25 - 2017-10-11 22:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2017-11-15 15:25 - 2017-09-07 11:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2017-11-15 15:12 - 2017-10-18 00:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-11-15 15:12 - 2017-10-04 11:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2017-11-15 15:12 - 2017-10-04 11:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-11-15 15:12 - 2017-10-04 11:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-11-15 15:11 - 2017-10-18 00:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-11-15 15:11 - 2017-10-15 20:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-11-15 15:11 - 2017-10-04 11:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-11-15 15:11 - 2017-10-04 11:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-11-15 15:11 - 2017-10-04 11:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-11-15 15:11 - 2017-10-04 11:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-11-14 18:52 - 2017-10-26 11:50 - 000025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys 2017-11-13 14:42 - 2017-11-14 09:58 - 000007168 _____ C:\fiscal.txt 2017-11-13 08:26 - 2017-11-13 08:26 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-11-13 08:26 - 2017-11-13 08:26 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2017-11-13 08:26 - 2017-11-13 08:26 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2017-11-13 08:26 - 2017-11-13 08:26 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2017-11-08 10:59 - 2017-11-08 13:38 - 000000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9628f1c2-1215-4e7e-a19e-92a9d83e56eb.job 2017-11-08 10:59 - 2017-11-08 10:59 - 000003580 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 9628f1c2-1215-4e7e-a19e-92a9d83e56eb 2017-11-08 10:59 - 2017-11-08 10:59 - 000003506 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task cb3ec82e-7d3a-4651-a632-d15b2db53880 2017-11-08 10:58 - 2017-11-22 10:58 - 000000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task cb3ec82e-7d3a-4651-a632-d15b2db53880.job 2017-11-08 10:58 - 2017-11-08 10:58 - 000000000 ____D C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com 2017-11-08 10:57 - 2017-11-08 10:58 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2017-11-08 10:57 - 2017-11-08 10:57 - 000000000 ____D C:\Users\Todos os Usuários\SUPERAntiSpyware.com 2017-11-08 10:57 - 2017-11-08 10:57 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2017-11-08 10:57 - 2017-11-08 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2017-11-08 10:00 - 2017-11-08 10:05 - 000023552 _____ C:\Users\User\Desktop\Razão.xls 2017-10-30 15:04 - 2017-10-30 15:06 - 000114821 _____ C:\Users\User\Desktop\2012 Provisão de Décimo Terceiro Salário.pdf 2017-10-30 10:12 - 2017-10-30 10:12 - 000069681 _____ C:\Users\User\Desktop\2012 Provisão de Férias.pdf ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2017-11-22 11:51 - 2017-02-08 08:37 - 000028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys 2017-11-22 11:45 - 2016-03-01 18:23 - 000001016 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-11-22 11:34 - 2015-05-29 15:24 - 000000000 ____D C:\Users\User\Documents\Arquivos do Outlook 2017-11-22 08:43 - 2009-07-14 02:45 - 000016624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-11-22 08:43 - 2009-07-14 02:45 - 000016624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-11-22 08:32 - 2015-06-09 12:54 - 000000000 ____D C:\Program Files (x86)\GbPlugin 2017-11-22 08:31 - 2017-04-19 19:11 - 000028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2017-11-22 08:31 - 2017-03-06 12:48 - 000014374 _____ C:\debug.txt 2017-11-22 08:30 - 2016-03-01 18:23 - 000001012 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-11-22 08:30 - 2009-07-14 03:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-11-21 11:56 - 2017-05-04 17:22 - 000974697 _____ C:\Users\User\Desktop\Planilha cálculos ST.xlsx 2017-11-21 08:42 - 2017-10-13 09:47 - 000003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1443016790 2017-11-21 08:42 - 2015-09-23 11:59 - 000000000 ____D C:\Program Files (x86)\Opera 2017-11-20 18:19 - 2017-02-02 09:48 - 000581799 _____ C:\Users\User\Desktop\Planejamento.xlsx 2017-11-20 15:55 - 2015-06-01 18:52 - 000000000 ____D C:\Program Files (x86)\ValidaPR 2017-11-20 09:35 - 2015-05-29 11:13 - 000002286 ____H C:\Users\User\Documents\Default.rdp 2017-11-20 09:33 - 2009-07-14 03:32 - 000000000 ____D C:\Windows\system32\FxsTmp 2017-11-20 09:31 - 2017-08-10 18:18 - 000061952 _____ C:\Users\User\Desktop\Controle de senhas ISS e outras geral.xls 2017-11-20 09:19 - 2015-05-29 10:49 - 000000000 ____D C:\Contabil 2017-11-20 09:19 - 2009-07-14 15:55 - 000805442 _____ C:\Windows\system32\prfh0416.dat 2017-11-20 09:19 - 2009-07-14 15:55 - 000181628 _____ C:\Windows\system32\prfc0416.dat 2017-11-20 09:19 - 2009-07-14 03:13 - 001847106 _____ C:\Windows\system32\PerfStringBackup.INI 2017-11-20 09:19 - 2009-07-14 01:20 - 000000000 ____D C:\Windows\inf 2017-11-20 09:18 - 2015-05-29 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Domínio Contábil 2017-11-17 16:04 - 2015-05-29 16:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-11-17 08:44 - 2009-07-14 01:20 - 000000000 ____D C:\Windows\system32\NDF 2017-11-16 12:40 - 2015-07-10 12:47 - 000000000 ____D C:\Windows\rescache 2017-11-16 09:09 - 2015-05-29 11:25 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-11-16 09:08 - 2015-05-29 11:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-11-16 08:50 - 2016-03-01 18:23 - 000000000 ____D C:\Program Files (x86)\Dropbox 2017-11-15 15:56 - 2009-07-14 02:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-11-15 15:55 - 2009-07-14 02:45 - 000413352 _____ C:\Windows\system32\FNTCACHE.DAT 2017-11-15 15:52 - 2015-06-03 09:00 - 000000000 ____D C:\Windows\system32\appraiser 2017-11-15 15:41 - 2015-06-02 16:11 - 001873086 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-11-15 15:40 - 2015-05-29 10:23 - 000000000 ____D C:\Users\Todos os Usuários\Microsoft Help 2017-11-15 15:37 - 2017-01-13 08:53 - 000000000 ____D C:\Windows\system32\MRT 2017-11-15 15:29 - 2017-10-13 16:15 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2017-11-15 15:28 - 2017-01-13 08:53 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-11-15 14:41 - 2017-01-02 15:11 - 000001780 _____ C:\Users\User\Desktop\EMPRESAS - Atalho.lnk 2017-11-14 19:06 - 2015-05-29 10:29 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-14 10:23 - 2015-05-29 10:42 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-11-14 10:23 - 2015-05-29 10:42 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-11-14 10:23 - 2015-05-29 10:42 - 000004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-11-14 10:22 - 2015-05-29 10:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-11-14 10:22 - 2015-05-29 10:42 - 000000000 ____D C:\Windows\system32\Macromed 2017-11-14 08:50 - 2015-05-29 10:29 - 000003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-11-14 08:50 - 2015-05-29 10:29 - 000003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-11-13 10:07 - 2015-05-29 11:09 - 000000000 ____D C:\Users\User\.receitanet 2017-11-10 08:37 - 2015-05-29 10:32 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software 2017-11-10 08:37 - 2015-05-29 10:32 - 000000000 ____D C:\ProgramData\AVAST Software 2017-11-08 13:34 - 2017-03-15 18:13 - 000000000 ____D C:\Users\User\AppData\Roaming\LNZk6t 2017-11-08 13:34 - 2017-03-15 18:13 - 000000000 ____D C:\Users\User\AppData\Roaming\2DR8y0 2017-11-03 08:45 - 2015-11-10 16:19 - 000000000 ____D C:\Users\Todos os Usuários\WebEx 2017-11-03 08:45 - 2015-11-10 16:19 - 000000000 ____D C:\ProgramData\WebEx 2017-10-31 18:01 - 2017-06-16 12:34 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda 2017-10-25 17:57 - 2017-08-23 17:38 - 000000000 ____D C:\Users\User\Desktop\RENATO 2017-10-23 09:12 - 2016-07-29 16:43 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics ==================== Arquivos na raiz de alguns diretórios ======= 2015-05-29 11:09 - 2012-07-25 16:32 - 149205424 _____ (Serasa Experian ) C:\Users\User\AssistenteCertificadoDigital.exe 2015-05-29 11:09 - 2012-04-05 14:45 - 008822785 _____ () C:\Users\User\DACONMSv2.5.exe 2015-05-29 11:09 - 2012-06-20 15:13 - 009000601 _____ () C:\Users\User\DIPJ2012v1.01.exe 2015-05-29 11:09 - 2012-09-11 09:34 - 056877679 _____ () C:\Users\User\PVA_EFD_w32-2.0.28.exe 2015-05-29 11:09 - 2013-07-04 15:57 - 000057344 _____ (DBA Engenharia de Sistemas) C:\Users\User\signver.dll 2015-05-29 11:09 - 2015-11-09 17:37 - 000057344 _____ (DBA Engenharia de Sistemas) C:\Users\User\signver1.dll 2015-05-29 11:09 - 2013-07-12 09:33 - 000442368 _____ (Flexera Software) C:\Users\User\spedContribuicoes.exe 2015-05-29 11:09 - 2013-07-23 10:23 - 000442368 _____ (Flexera Software) C:\Users\User\spedfiscal.exe 2017-06-16 12:34 - 2017-06-16 12:34 - 000005472 _____ () C:\Program Files (x86)\emissorNFe.jnlp 2015-10-16 14:57 - 2015-10-16 14:57 - 002146552 _____ () C:\Program Files (x86)\remoto.exe 2017-03-15 18:13 - 2017-03-15 18:13 - 000000262 _____ () C:\Users\User\AppData\Roaming\dcca49af 2017-03-15 18:13 - 2017-03-15 18:16 - 000000001 _____ () C:\Users\User\AppData\Roaming\f4e79564 2017-09-25 09:37 - 2017-09-25 09:37 - 000000000 _____ () C:\Users\User\AppData\Local\{0802FD4B-0ADC-46E2-9A45-121C1C5C50D6} 2016-10-21 08:58 - 2016-10-21 08:58 - 000000000 _____ () C:\Users\User\AppData\Local\{8E69F98A-F0C0-4617-825D-5DB745E56C97} ==================== Bamital & volsnap ====================== (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2017-11-20 12:17 ==================== Fim de FRST.txt ============================