ProgramData SysDir Temp Print-HtmlReport

LOG REPORT
Generated by The Best Keylogger 3.54 ( Build 1 !

Re"ort su##ary
The information below is generated from the encrypted logs saved by The Best Keylogger
31$%$&14 &3'4('3& Date:
554 Total logs:
)15 $ 554 Mouse click logs :
15 $ 554 Keystrokes logs :
35% $ 554 Processes logs :
15 $ 554 System logs :
*ate +ser Ty"e ,indo- Te.t
31/07/2014
23:06:51
User
Mouse
click
Unlock
Active window : Unlock
Process name : ssdir
Mouse clicks : 1
31/07/2014
23:06:45
User !estrokes Unlock
Active window : Unlock
Process name : ssdir
!estrokes : cavalcante
31/07/2014
23:06:44
User
Mouse
click
"niciar
Active window : "niciar
Process name : e#$lorer
Mouse clicks : 1
31/07/2014
23:06:36
User !estrokes "niciar
Active window : "niciar
!estrokes : cac
31/07/2014
23:06:33
User
Mouse
click
%ace&ook ' Mo(illa %ire)o#
*e&$a+e : ,tt$s://www-)ace&ook-com/lo+in-$,$.lo+in/attem$t01
Active window : %ace&ook ' Mo(illa %ire)o#
Process name : )ire)o#
Mouse clicks : 1
31/07/2014
23:06:11
User Processes con,ost Process started
31/07/2014
23:06:16
User Processes a$$lo+re$orter Process started
31/07/2014
23:06:15
User Processes P2%Po$u$s-e#e Process sto$$ed
31/07/2014
23:06:07
User Processes $c)$o$u$s Process started
31/07/2014
23:06:07
User Processes searc,$rotocol,ost Process started
31/07/2014
23:06:07
User Processes searc,)ilter,ost Process started
31/07/2014
23:05:56
User
Mouse
click
!as$ersk Anti'3irus 2013
Active window : !as$ersk Anti'3irus 2013
Process name : av$
Mouse clicks : 1
31/07/2014
23:05:51
User Processes 4earc,%ilter5ost-e#e Process sto$$ed
31/07/2014
23:05:51
User Processes 4earc,Protocol5ost-e#e Process sto$$ed
31/07/2014
23:05:46
31/07/2014
23:05:47
User Processes tasken+-e#e Process sto$$ed
31/07/2014
23:05:42
User Processes audiod+-e#e Process sto$$ed
31/07/2014
23:05:34
User
Mouse
click
Unknown A$$lication
Active window : Unknown A$$lication
Mouse clicks : 2
31/07/2014
23:05:26
User
Mouse
click
%ace&ook ' Mo(illa %ire)o#
Mouse clicks : 2
31/07/2014
23:04:42
31/07/2014
23:04:42
User Processes searc,)ilter,ost Process started
31/07/2014
23:04:42
31/07/2014
23:04:21
User Processes wmi32-e#e Process sto$$ed
31/07/2014
23:04:17
User Processes a$$store/snc Process started
31/07/2014
23:03:35
User
Mouse
click
!as$ersk Anti'3irus 2013
Active window : !as$ersk Anti'3irus 2013
Process name : av$
Mouse clicks : 1
31/07/2014
23:03:32
User Processes av$ Process started
31/07/2014
23:03:27
User Processes svc,ost Process started
31/07/2014
23:03:25
User Processes s$$svc Process started
31/07/2014
23:03:11
User Processes U$dater-e#e Process sto$$ed
31/07/2014
23:02:57
User !estrokes %ace&ook ' Mo(illa %ire)o#
!estrokes : con)ianca
31/07/2014
23:02:57
Pgina 1 de 129 The Best Keylogger report generator
31/07/2014 file:///C:/Progra!ata/"ys!ir/Tep/Print#$tl%eport&ht
31/07/2014
23:02:57
User Processes SearchFilterHost.exe Process stopped
31/07/2014
23:02:50
User
Mouse
clic
Face!oo " Mo#illa Fire$ox
%e!pa&e : https://'''.$ace!oo.co(/lo&i).php*lo&i)+atte(pt,1
-cti.e 'i)do' : Face!oo " Mo#illa Fire$ox
Process )a(e : $ire$ox
Mouse clics : 2
31/07/2014
23:02:37
User Processes li.eupdate.exe Process stopped
31/07/2014
23:02:32
User /e0stroes
1e(".i)do/a ao Face!oo " 2)icia
sess34o5 re&ista"te ou sa!e (ais "
Mo#illa Fire$ox
%e!pa&e : https://'''.$ace!oo.co(/
-cti.e 'i)do' : 1e(".i)do/a ao Face!oo " 2)icia sess34o5 re&ista"te ou sa!e (ais " Mo#illa Fire$ox
/e0stroes : 678""9alico)$ia)3:a
31/07/2014
23:02:30
User
Mouse
clic
1e(".i)do/a ao Face!oo " 2)icia
sess34o5 re&ista"te ou sa!e (ais "
Mo#illa Fire$ox
%e!pa&e : https://'''.$ace!oo.co(/
-cti.e 'i)do' : 1e(".i)do/a ao Face!oo " 2)icia sess34o5 re&ista"te ou sa!e (ais " Mo#illa Fire$ox
Mouse clics : 3
31/07/2014
23:02:25
User Processes '(p)sc$&.exe Process stopped
31/07/2014
23:02:23
User Processes dllhost.exe Process stopped
31/07/2014
23:02:23
User Processes li.eupdate Process started
31/07/2014
23:02:23
User Processes '(p)sc$& Process started
31/07/2014
23:02:20
User Processes outloo Process started
31/07/2014
23:00:0;
User S0ste( <o&o)
User : User
=he co(puter ha.e lo&&ed o)
31/07/2014
22:34:2;
User Processes dllhost Process started
31/07/2014
22:34:1>
User /e0stroes U)loc
-cti.e 'i)do' : U)loc
Process )a(e : s0sdir
/e0stroes : ca.alca)e
ca.alca)te
31/07/2014
22:34:14
User Processes '(i32 Process started
31/07/2014
22:34:12
User /e0stroes U))o') -pplicatio)
-cti.e 'i)do' : U))o') -pplicatio)
31/07/2014
22:34:0>
User Processes s.chost Process started
31/07/2014
22:33:5?
User Processes outloo Process started
31/07/2014
22:32:2>
User S0ste( <o&o)
User : User
=he co(puter ha.e lo&&ed o)
31/07/2014
1?:22:3>
User S0ste( Shut@o')
User : User
=he co(puter ha.e shut do')
31/07/2014
1?:22:35
User Processes sparupdate Process started
31/07/2014
1?:22:35
User Processes tase)& Process started
31/07/2014
1?:22:35
User
Mouse
clic
Me)u 2)iciar
-cti.e 'i)do' : Me)u 2)iciar
Process )a(e : explorer
Mouse clics : 1
31/07/2014
1?:22:34
User
Mouse
clic
U))o') -pplicatio)
-cti.e 'i)do' : U))o') -pplicatio)
Mouse clics : 1
31/07/2014
1?:22:30
User
Mouse
clic
Ao(putador
-cti.e 'i)do' : Ao(putador
Mouse clics : 1
31/07/2014
1?:22:25
User
Mouse
clic
M3Bsicas
-cti.e 'i)do' : M3Bsicas
Mouse clics : 2
31/07/2014
1?:22:24
User
Mouse
clic
-CDU2EFS GF:H
-cti.e 'i)do' : -CDU2EFS GF:H
Mouse clics : 1
31/07/2014
1?:22:23
User
Mouse
clic
(usica
-cti.e 'i)do' : (usica
Mouse clics : 1
31/07/2014
1?:22:22
User
Mouse
clic
-CDU2EFS GF:H
Mouse clics : 1
31/07/2014
1?:22:21
User
Mouse
clic
FF=FS E-C2-@-S
-cti.e 'i)do' : FF=FS E-C2-@-S
Mouse clics : 1
31/07/2014
1?:22:10
31/07/2014
1?:22:05
User
Mouse
clic
-CDU2EFS GF:H
Mouse clics : 2
31/07/2014
1?:22:01
User
Mouse
clic
(usica
-cti.e 'i)do' : (usica
Mouse clics : 2
31/07/2014
1?:21:57
User Processes search$ilterhost Process started
31/07/2014
1?:21:57
User Processes li.eupdate Process started
31/07/2014
1?:21:51
User Processes 1a.1sCeport.exe Process stopped
31/07/2014
1?:21:4>
User Processes !a.!sreport Process started
31/07/2014
1?:21:22
User
Mouse
clic
-CDU2EFS GF:H
Mouse clics : 2
31/07/2014
1?:21:11
User
Mouse
clic
M3Bsicas
-cti.e 'i)do' : M3Bsicas
Mouse clics : 4
31/07/2014
18:21:09
31/07/2014
18:20:56
User Processes liveupdate Process started
31/07/2014
18:20:56
User Processes SearchFilterost!e"e Process stopped
31/07/2014
18:20:54
User Processes audiod# Process started
31/07/2014
18:20:52
User Processes dllhost!e"e Process stopped
31/07/2014
18:20:52
User
$ouse
clic%
&o'putador
(ctive )i*do) : &o'putador
Process *a'e : e"plorer
$ouse clic%s : 2
31/07/2014
18:20:46
31/07/2014
18:20:44
User S+ste' user active User )e*t active
31/07/2014
18:20:44
User
$ouse
clic%
Pro#ra' $a*a#er
(ctive )i*do) : Pro#ra' $a*a#er
$ouse clic%s : 1
31/07/2014
18:20:10
User Processes liveupdate!e"e Process stopped
31/07/2014
18:20:02
User Processes tas%e*#!e"e Process stopped
31/07/2014
18:19:57
31/07/2014
18:19:09
31/07/2014
18:18:57
User Processes search,ilterhost Process started
31/07/2014
18:18:57
31/07/2014
18:18:10
31/07/2014
18:17:56
31/07/2014
18:17:56
31/07/2014
18:17:43
User Processes $S-S./&!010 Process stopped
31/07/2014
18:17:10
31/07/2014
18:16:57
31/07/2014
18:16:09
31/07/2014
18:15:56
31/07/2014
18:15:56
31/07/2014
18:15:48
User Processes audiod#!e"e Process stopped
31/07/2014
18:15:10
31/07/2014
18:15:01
User Processes tas%e*# Process started
31/07/2014
18:14:57
31/07/2014
18:14:57
31/07/2014
18:14:09
31/07/2014
18:13:56
31/07/2014
18:13:16
User Processes 2rusted3*staller!e"e Process stopped
31/07/2014
18:13:10
31/07/2014
18:12:55
31/07/2014
18:12:47
User Processes Updater!e"e Process stopped
31/07/2014
18:12:45
User S+ste' user i*active User )e*t i*active
31/07/2014
18:12:13
User Processes updater Process started
31/07/2014
18:12:13
User Processes searchprotocolhost Process started
31/07/2014
18:12:13
31/07/2014
18:11:36
User Processes tas%host!e"e Process stopped
31/07/2014
18:11:12
User Processes 4avUpdater!e"e Process stopped
31/07/2014
18:10:56
31/07/2014
18:10:49
31/07/2014
18:10:47
User Processes audiod# Process started
31/07/2014
18:10:41
User Processes 5evice5ispla+-67ectProvider!e"e Process stopped
31/07/2014
18:10:38
User
$ouse
clic%
$edidor de 4ateria (ctive )i*do) : $edidor de 4ateria
Mouse clicks : 2
31/07/2014
18:10:34
User Processes devicedisplayobjectprovider Process started
31/07/2014
18:10:30
User
Mouse
click
Unknon !pplication
!ctive indo : Unknon !pplication
Process na"e : sysdir
Mouse clicks : 2
31/07/2014
18:0#:33
User Processes task$ost Process started
31/07/2014
18:08:%4
User Processes spark&e'e Process stopped
31/07/2014
18:08:%4
31/07/2014
18:08:%4
31/07/2014
18:08:%1
31/07/2014
18:08:28
User Processes !ppPopUp(ip&e'e Process stopped
31/07/2014
18:08:28
31/07/2014
18:08:18
User Processes apppopuptip Process started
31/07/2014
18:08:18
User Processes !pp)toreUtil*'e&e'e Process stopped
31/07/2014
18:08:1+
User Processes appstoreutile'e Process started
31/07/2014
18:08:1+
User Processes spark Process started
31/07/2014
18:08:08
User
Mouse
click
,ova -uia . )park /roser
!ctive indo : ,ova -uia . )park /roser
Process na"e : spark
Mouse clicks : 4
31/07/2014
18:08:07
31/07/2014
18:08:0%
31/07/2014
18:08:04
User
Mouse
click
n01o est02 dispon0vel . )park
/roser
!ctive indo : n01o est02 dispon0vel . )park /roser
Mouse clicks : 1
31/07/2014
18:08:00
31/07/2014
18:07:%2
31/07/2014
18:07:47
User
Mouse
click
Mouse clicks : 4
31/07/2014
18:07:41
31/07/2014
18:07:41
31/07/2014
18:07:3#
User Processes M)3)4,5&*6* Process stopped
31/07/2014
18:07:3#
User
Mouse
click
/roser
Mouse clicks : 1
31/07/2014
18:07:37
User Processes "sosync Process started
31/07/2014
18:07:3%
31/07/2014
18:07:22
31/07/2014
18:07:1%
User 7eystrokes ,ova -uia . )park /roser
7eystrokes : &8ace
31/07/2014
18:07:13
User
Mouse
click
Mouse clicks : 2
31/07/2014
18:07:11
31/07/2014
18:07:11
31/07/2014
18:07:10
User
Mouse
click
/roser
Mouse clicks : 1
31/07/2014
18:07:07
31/07/2014
18:0+:%4
31/07/2014
18:0+:%3
User
Mouse
click
Mouse clicks : 2
31/07/2014
18:0+:%2
31/07/2014
18:0+:%2
31/07/2014
18:0+:%0
User
Mouse
click
/roser
Mouse clicks : 1
31/07/2014
18:0+:48
31/07/2014
18:0+:31
31/07/2014
18:0+:2#
User
Mouse
click
Mouse clicks : 2
31/07/2014
18:0+:2+
31/07/2014
18:0+:24
31/07/2014
18:0+:24
User
Mouse
click
/roser
Mouse clicks : 1
31/07/2014
18:0%:02
User Processes tasken-&e'e Process stopped
31/07/2014
18:04:23
User 7eystrokes
/e".vindo ao 9acebook . acesse:
cadastre.se ou saiba "ais& . )park
/roser
!ctive indo : /e".vindo ao 9acebook . acesse: cadastre.se ou saiba "ais& . )park /roser
7eystrokes : lucialelisnery;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=;<..=lucialelis3242042#
31/07/2014
18:04:23
User )yste" user active User ent active
31/07/2014
18:04:1%
User Processes bavupdater Process started
31/07/2014
18:03:%+
User Processes !pp)toreUpdater&e'e Process stopped
31/07/2014
18:03:18
User Processes )earc$Protocol>ost&e'e Process stopped
31/07/2014
18:03:18
User Processes )earc$9ilter>ost&e'e Process stopped
31/07/2014
18:03:1+
User Processes appstoreupdater Process started
31/07/2014
18:03:12
User Processes "sie'ec&e'e Process stopped
31/07/2014
18:03:01
User Processes trustedinstaller Process started
31/07/2014
18:02:14
User Processes Updater&e'e Process stopped
31/07/2014
18:02:12
31/07/2014
18:02:12
User Processes searc$protocol$ost Process started
31/07/2014
18:02:12
User Processes searc$8ilter$ost Process started
31/07/2014
18:00:2#
User Processes sppsvc&e'e Process stopped
31/07/2014
18:00:01
User Processes tasken- Process started
31/07/2014
17:%#:1#
User Processes so8t"-r?update&e'e Process stopped
31/07/2014
17:%#:1#
User Processes con$ost&e'e Process stopped
31/07/2014
17:%#:17
User Processes so8t"-r?update Process started
31/07/2014
17:%#:17
User Processes con$ost Process started
31/07/2014
17:%#:0+
31/07/2014
17:%#:0+
31/07/2014
17:%8:4%
User )yste" user inactive User ent inactive
31/07/2014
17:%8:41
User Processes rundll32&e'e Process stopped
31/07/2014
17:%8:38
User Processes con$ost&e'e Process stopped
31/07/2014
17:%8:38
31/07/2014
17:%8:38
User Processes !pp@o-Aeporter&e'e Process stopped
31/07/2014
17:%8:38
User Processes rundll32 Process started
31/07/2014
17:%8:38
31/07/2014
17:%8:17
User Processes con$ost Process started
31/07/2014
17:%8:17
User Processes applo-reporter Process started
31/07/2014
17:%8:04
User Processes P59Popups&e'e Process stopped
31/07/2014
17:%7:%8
User Processes searc$8ilter$ost Process started
31/07/2014
17:%7:%+
User Processes audiod-&e'e Process stopped
31/07/2014
17:%7:%+
User Processes pc8popups Process started
31/07/2014
17:%7:%+
User Processes searc$protocol$ost Process started
31/07/2014
17:%7:%4
31/07/2014
17:%7:%4
31/07/2014
17:%7:%4
31/07/2014
17:%7:3%
31/07/2014
17:%7:2+
User Processes appstore?sync&e'e Process stopped
31/07/2014
17:%7:14
User Processes dll$ost&e'e Process stopped
31/07/2014
17:%7:0#
User Processes dll$ost Process started
31/07/2014 file:///:/Progra!"ata/#ys"ir/Te!p/Print$%t!l&eport'ht!
31/07/2014
17:56:48
31/07/2014
17:56:48
User Processes searchilterhost Process started
31/07/2014
17:56:48
31/07/2014
17:56:3!
31/07/2014
17:56:33
31/07/2014
17:56:33
User
"o#se
clic$
%e&'(i)do ao Face*oo$ ' acesse+
cadastre'se o# sai*a &ais. ' Spar$
%ro,ser
-cti(e ,i)do, : %e&'(i)do ao Face*oo$ ' acesse+ cadastre'se o# sai*a &ais. ' Spar$ %ro,ser
Process )a&e : spar$
"o#se clic$s : 3
31/07/2014
17:56:2!
User Processes ,&i32.exe Process stopped
31/07/2014
17:56:16
User Processes appstore.s/)c Process started
31/07/2014
17:56:10
31/07/2014
17:56:03
31/07/2014
17:56:01
User Processes spar$#pdate Process started
31/07/2014
17:55:25
User Processes spps(c Process started
31/07/2014
17:55:25
User Processes s(chost Process started
31/07/2014
17:55:25
User Processes s(chost Process started
31/07/2014
17:55:16
User Processes Updater.exe Process stopped
31/07/2014
17:55:08
User Processes 0&iPr(S1.exe Process stopped
31/07/2014
17:55:06
31/07/2014
17:55:01
31/07/2014
17:54:48
User Processes spar$ Process started
31/07/2014
17:54:48
31/07/2014
17:54:46
User Processes li(e#pdate.exe Process stopped
31/07/2014
17:54:46
31/07/2014
17:54:45
User
"o#se
clic$
Pro2ra& "a)a2er
-cti(e ,i)do, : Pro2ra& "a)a2er
Process )a&e : explorer
"o#se clic$s : 1
31/07/2014
17:54:25
User
"o#se
clic$
3ie, -(aila*le 4et,or$s
-cti(e ,i)do, : 3ie, -(aila*le 4et,or$s
"o#se clic$s : 1
31/07/2014
17:54:25
User
"o#se
clic$
U)$)o,) -pplicatio)
-cti(e ,i)do, : U)$)o,) -pplicatio)
Process )a&e : idle
"o#se clic$s : 4
31/07/2014
17:54:23
31/07/2014
17:54:1!
31/07/2014
17:54:17
User
"o#se
clic$
U)$)o,) -pplicatio)
-cti(e ,i)do, : U)$)o,) -pplicatio)
Process )a&e : s/sdir
"o#se clic$s : 1
31/07/2014
17:54:02
User Processes ,&i32 Process started
31/07/2014
17:54:02
User Processes li(e#pdate Process started
31/07/2014
17:53:5!
User Processes sot&2r.#pdate.exe Process stopped
31/07/2014
17:53:5!
User Processes co)host.exe Process stopped
31/07/2014
17:53:5!
User Processes UpdatePopUp.exe Process stopped
31/07/2014
17:53:57
User Processes o#tloo$ Process started
31/07/2014
17:51:47
User S/ste& 5o2o)
User : User
6he co&p#ter ha(e lo22ed o)
31/07/2014
17:46:50
User
"o#se
clic$
"essa2e%ox
-cti(e ,i)do, : "essa2e%ox
Process )a&e : (i(o 32
"o#se clic$s : 1
31/07/2014
17:46:45
User Processes e7ectdis$.exe Process stopped
31/07/2014
17:46:43
User
"o#se
clic$
3ie, -(aila*le 4et,or$s
-cti(e ,i)do, : 3ie, -(aila*le 4et,or$s
"o#se clic$s : 1
31/07/2014
17:46:25
31/07/2014
17:46:25
User Processes e7ectdis$ Process started
31/07/2014
17:46:23
User Processes a#diod2 Process started
31/07/2014
17:46:12
User Processes li(e#pdate Process started
31/07/2014
17:46:07
31/07/2014
17:45:57
User Processes -ppStoreUpdater.exe Process stopped
31/07/2014
17:45:54
31/07/2014
17:45:52
User Processes BavUpdater.exe Process stopped
31/07/2014
17:45:50
31/07/2014
17:45:50
User Processes msiexec.exe Process stopped
31/07/2014
17:45:46
User Processes ejectdis.exe Process stopped
31/07/2014
17:45:43
User Processes !avupdater Process started
31/07/2014
17:45:35
User Processes trustedi"staller Process started
31/07/2014
17:45:35
User
#ouse
clic
$#Updater
%ctive &i"do& : $#Updater
Process "ame : cmupdater
#ouse clics : 1
31/07/2014
17:45:35
User
#ouse
clic
U""o&" %pplicatio"
%ctive &i"do& : U""o&" %pplicatio"
Process "ame : vivo 3'
#ouse clics : 6
31/07/2014
17:45:2(
User Processes svc)ost Process started
31/07/2014
17:45:26
User Processes ejectdis Process started
31/07/2014
17:45:24
User Processes cmupdater Process started
31/07/2014
17:45:24
User Processes liveupdate.exe Process stopped
31/07/2014
17:45:21
User Processes vivo 3' Process started
31/07/2014
17:45:21
User
#ouse
clic
U""o&" %pplicatio"
Process "ame : s*sdir
#ouse clics : 1
31/07/2014
17:45:21
User
#ouse
clic
Pro'ram #a"a'er
%ctive &i"do& : Pro'ram #a"a'er
Process "ame : explorer
#ouse clics : 1
31/07/2014
17:45:15
User Processes dll)ost.exe Process stopped
31/07/2014
17:45:11
User Processes dll)ost Process started
31/07/2014
17:45:10
User Processes sparupdate.exe Process stopped
31/07/2014
17:45:10
31/07/2014
17:45:0(
31/07/2014
17:45:04
User Processes sparupdate Process started
31/07/2014
17:45:01
User
#ouse
clic
$e"tral de +ede e $ompartil)ame"to
%ctive &i"do& : $e"tral de +ede e $ompartil)ame"to
#ouse clics : 1
31/07/2014
17:44:55
User Processes searc),ilter)ost Process started
31/07/2014
17:44:53
31/07/2014
17:44:45
User
#ouse
clic
-ie& %vaila!le .et&ors
%ctive &i"do& : -ie& %vaila!le .et&ors
#ouse clics : 1
31/07/2014
17:44:36
User
#ouse
clic
Pro'ram #a"a'er
%ctive &i"do& : Pro'ram #a"a'er
#ouse clics : 2
31/07/2014
17:44:33
User Processes spar.exe Process stopped
31/07/2014
17:44:33
31/07/2014
17:44:33
31/07/2014
17:44:33
31/07/2014
17:44:32
User
#ouse
clic
U""o&" %pplicatio"
Process "ame : s*sdir
#ouse clics : 1
31/07/2014
17:44:31
User /*stem user active User &e"t active
31/07/2014
17:44:31
User
#ouse
clic
"01o est02 dispo"0vel 3 /par
Bro&ser
%ctive &i"do& : "01o est02 dispo"0vel 3 /par Bro&ser
Process "ame : spar
#ouse clics : 1
31/07/2014
17:44:25
31/07/2014
17:44:12
31/07/2014
17:44:12
User Processes /earc)4ilter5ost.exe Process stopped
31/07/2014
17:44:07
31/07/2014
17:43:54
31/07/2014
17:43:24
31/07/2014
17:43:17
User Processes sppsvc.exe Process stopped
31/07/2014
17:43:10
31/07/2014
17:43:0(
User Processes audiod'.exe Process stopped
31/07/2014
17:43:06
31/07/2014
17:42:55
31/07/2014
17:42:53
31/07/2014
17:42:53
31/07/2014
17:42:48
31/07/2014
17:42:44
31/07/2014
17:42:44
User Processes sparkupdate.exe Process stopped
31/07/2014
17:42:38
User Processes taske! Process started
31/07/2014
17:42:38
User Processes sparkupdate Process started
31/07/2014
17:42:24
31/07/2014
17:42:11
31/07/2014
17:42:07
31/07/2014
17:41:54
31/07/2014
17:41:54
User Processes search"ilterhost Process started
31/07/2014
17:41:54
User Processes cohost.exe Process stopped
31/07/2014
17:41:54
User Processes so"t#!r$update.exe Process stopped
31/07/2014
17:41:54
User Processes %earch&ilter'ost.exe Process stopped
31/07/2014
17:41:4(
User Processes cohost Process started
31/07/2014
17:41:4(
User Processes so"t#!r$update Process started
31/07/2014
17:41:31
User %)ste# user iactive User *et iactive
31/07/2014
17:41:25
31/07/2014
17:41:12
31/07/2014
17:41:12
31/07/2014
17:41:08
31/07/2014
17:41:08
31/07/2014
17:40:54
31/07/2014
17:40:52
User Processes +pp%toreUtil,xe.exe Process stopped
31/07/2014
17:40:52
User Processes cohost.exe Process stopped
31/07/2014
17:40:50
User Processes appstoreutilexe Process started
31/07/2014
17:40:50
User Processes cohost Process started
31/07/2014
17:40:48
User Processes %earchProtocol'ost.exe Process stopped
31/07/2014
17:40:24
31/07/2014
17:40:21
User Processes P-&Popups.exe Process stopped
31/07/2014
17:40:21
User Processes ./0+1+P.exe Process stopped
31/07/2014
17:40:1(
31/07/2014
17:40:15
User Processes 2dutil.exe Process stopped
31/07/2014
17:40:15
31/07/2014
17:40:13
User Processes pc"popups Process started
31/07/2014
17:40:13
User Processes 2dutil Process started
31/07/2014
17:40:12
31/07/2014
17:40:10
31/07/2014
17:40:08
User Processes taske!.exe Process stopped
31/07/2014
17:40:08
31/07/2014
17:40:06
User Processes svchost.exe Process stopped
31/07/2014
17:3(:55
31/07/2014
17:3(:44
31/07/2014
17:39:44 User Processes searchprotocolhost Process started
31/07/2014
17:39:44
User Processes searchfilterhost Process started
31/07/2014
17:39:23
31/07/2014
17:39:19
31/07/2014
17:39:17
31/07/2014
17:39:14
31/07/2014
17:39:12
User Processes wi32.exe Process stopped
31/07/2014
17:39:12
User Processes appstore!s"#c.exe Process stopped
31/07/2014
17:39:12
31/07/2014
17:39:10
User Processes wiadap Process started
31/07/2014
17:39:07
31/07/2014
17:39:03
31/07/2014
17:39:03
31/07/2014
17:39:00
31/07/2014
17:3$:%$
User Processes firefox.exe Process stopped
31/07/2014
17:3$:%&
User
'ouse
click
U#k#ow# (pplicatio#
(ctive wi#dow : U#k#ow# (pplicatio#
Process #ae : s"sdir
'ouse clicks : 1
31/07/2014
17:3$:%&
User
'ouse
click
Pro)ra 'a#a)er
(ctive wi#dow : Pro)ra 'a#a)er
Process #ae : explorer
'ouse clicks : 3
31/07/2014
17:3$:%4
31/07/2014
17:3$:49
User Processes appstore!s"#c Process started
31/07/2014
17:3$:41
User *e"strokes
+alha #o carre)ae#to da p,-)i#a .
'o/illa +irefox
0e1pa)e : http://www.)oo)le.co.1r/
(ctive wi#dow : +alha #o carre)ae#to da p,-)i#a . 'o/illa +irefox
Process #ae : firefox
*e"strokes : 23..4www
31/07/2014
17:3$:34
User
'ouse
click
+alha #o carre)ae#to da p,-)i#a .
'o/illa +irefox
0e1pa)e : http://www.)oo)le.co.1r/
(ctive wi#dow : +alha #o carre)ae#to da p,-)i#a . 'o/illa +irefox
Process #ae : firefox
'ouse clicks : 4
31/07/2014
17:3$:27
User
'ouse
click
U#k#ow# (pplicatio#
Process #ae : idle
'ouse clicks : 2
31/07/2014
17:3$:24
User Processes firefox Process started
31/07/2014
17:3$:23
User
'ouse
click
Pro)ra 'a#a)er
'ouse clicks : 1
31/07/2014
17:3$:13
31/07/2014
17:3$:12
User
'ouse
click
U#k#ow# (pplicatio#
'ouse clicks : 1
31/07/2014
17:3$:0&
User Processes scorsvw.exe Process stopped
31/07/2014
17:3$:0&
User Processes svchost Process started
31/07/2014
17:3$:0&
31/07/2014
17:3$:0&
User Processes sppsvc Process started
31/07/2014
17:3$:0&
31/07/2014
17:3$:0%
User
'ouse
click
,co#es da ,rea de 5otifica,6,7o
(ctive wi#dow : ,co#es da ,rea de 5otifica,6,7o
'ouse clicks : 3
31/07/2014
17:3$:0%
User
'ouse
click
U#k#ow# (pplicatio#
Process #ae : s"sdir
'ouse clicks : 1
31/07/2014
17:3$:0%
User
'ouse
click
Pro)ra 'a#a)er
'ouse clicks : %
31/07/2014
17:3$:04
User Processes scorsvw Process started
31/07/2014
17:37:%9
User
'ouse
click
U#k#ow# (pplicatio#
Process #ae : avp
'ouse clicks : 3
31/07/2014
17:37:%$
31/07/2014
17:37:%$
User
'ouse
click
,co#es da ,rea de 5otifica,6,7o
(ctive wi#dow : ,co#es da ,rea de 5otifica,6,7o
'ouse clicks : 1
31/07/2014
17:37:%3
31/07/2014
17:37:49
User
'ouse
click
U#k#ow# (pplicatio#
'ouse clicks : 1
31/07/2014
17:37:4&
User
'ouse
click
Pro)ra 'a#a)er
'ouse clicks : 1
31/07/2014
17:37:36
User
Mouse
click
Unknown Application
Active window : Unknown Application
Process name : eplorer
Mouse clicks : 1
31/07/2014
17:37:27
User
Mouse
click
Pro!ram Mana!er
Active window : Pro!ram Mana!er
Mouse clicks : 1
31/07/2014
17:37:24
User Processes liveupdate"ee Process stopped
31/07/2014
17:37:20
User Processes re!svr32"ee Process stopped
31/07/2014
17:37:1#
User Processes re!svr32 Process started
31/07/2014
17:37:11
31/07/2014
17:37:07
User Processes liveupdate"ee Process stopped
31/07/2014
17:36:$#
User Processes dll%ost"ee Process stopped
31/07/2014
17:36:$4
User Processes dll%ost Process started
31/07/2014
17:36:$4
31/07/2014
17:36:41
User Processes searc%protocol%ost Process started
31/07/2014
17:36:41
User Processes searc%&ilter%ost Process started
31/07/2014
17:36:34
User Processes outlook Process started
31/07/2014
17:34:3'
User ()stem *o!on
User : User
+%e computer %ave lo!!ed on
31/07/2014
1$:0$:$0
User ()stem (%ut,own
User : User
+%e computer %ave s%ut down
31/07/2014
1$:0$:4'
User Processes lo!onui Process started
31/07/2014
1$:0$:47
User
Mouse
click
Menu -niciar
Active window : Menu -niciar
Mouse clicks : 1
31/07/2014
1$:0$:4$
User
Mouse
click
Pro!ram Mana!er
Mouse clicks : 1
31/07/2014
1$:0$:40
User Processes dll%ost"ee Process stopped
31/07/2014
1$:0$:40
User Processes .+.am(uite"ee Process stopped
31/07/2014
1$:0$:3'
User
Mouse
click
/erenciador de +are&as
Active window : /erenciador de +are&as
Process name : avp
Mouse clicks : 1
31/07/2014
1$:0$:37
User
Mouse
click
Unknown Application
Process name : ctcamsuite
Mouse clicks : 1
31/07/2014
1$:0$:34
31/07/2014
1$:0$:33
User
Mouse
click
.amera(uite
Active window : .amera(uite
Mouse clicks : 3
31/07/2014
1$:0$:32
User
Mouse
click
.amera(uite
Active window : .amera(uite
Mouse clicks : 1
31/07/2014
1$:0$:32
User
Mouse
click
Pro!ram Mana!er
Mouse clicks : $
31/07/2014
1$:0$:31
User
Mouse
click
Unknown Application
Mouse clicks : 2
31/07/2014
1$:0$:27
31/07/2014
1$:0$:27
31/07/2014
1$:0$:2$
User Processes ctcamsuite Process started
31/07/2014
1$:0$:20
User
Mouse
click
Pro!ram Mana!er
Mouse clicks : 4
31/07/2014
1$:04:4#
User
Mouse
click
/erenciador de +are&as
Active window : /erenciador de +are&as
Process name : avp
Mouse clicks : 1
31/07/2014
1$:04:43
User Processes (earc%0ilter1ost"ee Process stopped
31/07/2014
1$:04:43
User Processes (earc%Protocol1ost"ee Process stopped
31/07/2014
1$:04:07
User 2e)strokes .omputador
Active window : .omputador
2e)strokes : t
31/07/2014
1$:03:3#
31/07/2014
1$:03:3#
31/07/2014
1$:03:1'
User Processes audiod! Process started
31/07/2014
1$:02:41
User Processes audiod!"ee Process stopped
31/07/2014
1$:02:40
User
Mouse
click
.omputador
Active window : .omputador
Mouse clicks : 11
31/07/2014
1$:02:26
User 2e)strokes Pro!ram Mana!er
2e)strokes : %c
31/07/2014
15:02:11
User
Mouse
click
Program Manager
Active window : Program Manager
Process name : e!lorer
Mouse clicks : 13
31/07/2014
15:01:1"
User Processes #evice#is!la$%&'ectProvider(ee Process sto!!ed
31/07/2014
15:01:15
User
Mouse
click
Medidor de )ateria
Active window : Medidor de )ateria
Mouse clicks : 2
31/07/2014
15:01:12
User Processes devicedis!la$o&'ect!rovider Process started
31/07/2014
15:01:11
User
Mouse
click
Unknown A!!lication
Active window : Unknown A!!lication
Mouse clicks : 1
31/07/2014
15:00:03
User Processes *ire*o(ee Process sto!!ed
31/07/2014
15:00:02
User
Mouse
click
+erenciador de ,are*as
Active window : +erenciador de ,are*as
Process name : av!
Mouse clicks : 1
31/07/2014
15:00:02
User
Mouse
click
Program Manager
Mouse clicks : 2
31/07/2014
15:00:01
User
Mouse
click
-al.a no carregamento da !/0gina 1
Mo2illa -ire*o
Active window : -al.a no carregamento da !/0gina 1 Mo2illa -ire*o
Process name : *ire*o
Mouse clicks : 1
31/07/2014
14:53:5"
User 4e$strokes
-al.a no carregamento da !/0gina 1
Mo2illa -ire*o
5e&!age : .tt!://www(google(com(&r/
Active window : -al.a no carregamento da !/0gina 1 Mo2illa -ire*o
Process name : *ire*o
4e$strokes : 67118
31/07/2014
14:53:50
User Processes *ire*o Process started
31/07/2014
14:53:43
User
Mouse
click
Unknown A!!lication
Process name : idle
Mouse clicks : 1
31/07/2014
14:5":33
User
Mouse
click
Process name : av!
Mouse clicks : 1
31/07/2014
14:5":33
User
Mouse
click
Program Manager
Mouse clicks : 11
31/07/2014
14:5":39
User
Mouse
click
:om!utador
Active window : :om!utador
Mouse clicks : 3
31/07/2014
14:5":07
User
Mouse
click
-ormatar #isco
Active window : -ormatar #isco
Mouse clicks : 1
31/07/2014
14:59:30
User
Mouse
click
:om!utador
Mouse clicks : 3
31/07/2014
14:55:03
User
Mouse
click
Program Manager
Mouse clicks : 11
31/07/2014
14:55:0"
User
Mouse
click
Process name : av!
Mouse clicks : 1
31/07/2014
14:54:33
User
Mouse
click
:om!utador
Mouse clicks : 22
31/07/2014
14:54:3"
User Processes ;earc.-ilter<ost(ee Process sto!!ed
31/07/2014
14:54:3"
User Processes ;earc.Protocol<ost(ee Process sto!!ed
31/07/2014
14:54:35
User
Mouse
click
=nserir disco
Active window : =nserir disco
Mouse clicks : 1
31/07/2014
14:54:24
User 4e$strokes :om!utador
31/07/2014
14:54:07
User
Mouse
click
:om!utador
Mouse clicks : 9
31/07/2014
14:53:37
User Processes searc.*ilter.ost Process started
31/07/2014
14:53:37
User Processes searc.!rotocol.ost Process started
31/07/2014
14:53:22
User Processes m!c1.c(ee Process sto!!ed
31/07/2014
14:53:22
User
Mouse
click
Program Manager
Mouse clicks : 3
31/07/2014
14:53:21
User
Mouse
click
Process name : av!
Mouse clicks : 1
31/07/2014
14:53:1"
User
Mouse
click
Program Manager
Mouse clicks : 2
31/07/2014
14:52:50
User
Mouse
click
Media Pla$er :lassic <ome :inema
Active window : Media Pla$er :lassic <ome :inema
Process name : m!c1.c
Mouse clicks : 2
31/07/2014
14:52:3"
User Processes m!c1.c Process started
31/07/2014
14:52:37
User
Mouse
click
Process name : av!
Mouse clicks : 1
31/07/2014
14:52:37
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
14:51:22
User Processes U!datePo!U!(ee Process sto!!ed
31/07/2014
14:51:20
User Processes u!date!o!u! Process started
31/07/2014
14:51:10
User
Mouse
click
Computador
Process name : explorer
Mouse clicks : 13
31/07/2014
14:50:50
User
Mouse
click
Gerenciador de are!as
"cti#e $indo$ : Gerenciador de are!as
Process name : a#p
Mouse clicks : 1
31/07/2014
14:50:50
User
Mouse
click
Pro%ram Mana%er
"cti#e $indo$ : Pro%ram Mana%er
Mouse clicks : 3
31/07/2014
14:4&:4'
User
Mouse
click
Computador
"cti#e $indo$ : Computador
Mouse clicks : 12
31/07/2014
14:4&:42
User
Mouse
click
Gerenciador de are!as
"cti#e $indo$ : Gerenciador de are!as
Process name : a#p
Mouse clicks : 1
31/07/2014
14:4&:42
User
Mouse
click
Pro%ram Mana%er
Mouse clicks : 1
31/07/2014
14:4&:24
User Processes so!tm%r(update)exe Process stopped
31/07/2014
14:4&:24
User Processes con*ost)exe Process stopped
31/07/2014
14:4&:22
User Processes so!tm%r(update Process started
31/07/2014
14:4&:22
User Processes con*ost Process started
31/07/2014
14:4':41
User
Mouse
click
Computador
Mouse clicks : 1
31/07/2014
14:4':33
User Processes $mpla+er)exe Process stopped
31/07/2014
14:4':32
User
Mouse
click
,indo$s Media Pla+er
"cti#e $indo$ : ,indo$s Media Pla+er
Process name : $mpla+er
Mouse clicks : 1
31/07/2014
14:4':31
User -+stem user acti#e User $ent acti#e
31/07/2014
14:47:31
User -+stem user inacti#e User $ent inacti#e
31/07/2014
14:45:10
User
Mouse
click
.ull-creen/ottom0a+out
"cti#e $indo$ : .ull-creen/ottom0a+out
Mouse clicks : 2
31/07/2014
14:45:01
User
Mouse
click
.ull-creenop0a+out
"cti#e $indo$ : .ull-creenop0a+out
Mouse clicks : 1
31/07/2014
14:44:41
User
Mouse
click
,MPransition
"cti#e $indo$ : ,MPransition
Mouse clicks : 1
31/07/2014
14:44:40
User Processes -earc*.ilter2ost)exe Process stopped
31/07/2014
14:44:40
User Processes -earc*Protocol2ost)exe Process stopped
31/07/2014
14:43:41
User Processes /a#Updater)exe Process stopped
31/07/2014
14:43:37
User Processes searc*!ilter*ost Process started
31/07/2014
14:43:37
User Processes searc*protocol*ost Process started
31/07/2014
14:43:37
User -+stem user acti#e User $ent acti#e
31/07/2014
14:43:32
User Processes 3a#updater Process started
31/07/2014
14:43:31
User -+stem user inacti#e User $ent inacti#e
31/07/2014
14:41:23
User
Mouse
click
Mouse clicks : &
31/07/2014
14:41:11
User
Mouse
click
,MPransition
"cti#e $indo$ : ,MPransition
Mouse clicks : 1
31/07/2014
14:41:14
User
Mouse
click
.ull-creenop0a+out
Mouse clicks : 1
31/07/2014
14:3&:4'
User
Mouse
click
Mouse clicks : 3
31/07/2014
14:3&:3&
User
Mouse
click
.ull-creenop0a+out
Mouse clicks : 1
31/07/2014
14:3':51
User Processes tasken%)exe Process stopped
31/07/2014
14:3':33
User
Mouse
click
Mouse clicks : 1
31/07/2014
14:3':21
User
Mouse
click
.ull-creenop0a+out
Mouse clicks : 2
31/07/2014
14:37:31
User Processes $mpla+er Process started
31/07/2014
14:37:30
User
Mouse
click
Computador
Mouse clicks : 2
31/07/2014
14:37:20
User
Mouse
click
Pro%ram Mana%er
Mouse clicks : 5
31/07/2014
14:31:52
User
Mouse
click
Medidor de /ateria
"cti#e $indo$ : Medidor de /ateria
Mouse clicks : 1
31/07/2014
14:31:51
User Processes 4e#ice4ispla+536ectPro#ider)exe Process stopped
31/07/2014
14:36:47
31/07/2014
14:36:45
User
Mouse
click
Uko! "pplicatio
"ctive !ido! : Uko! "pplicatio
Process a#e : e$plorer
Mouse clicks : 1
31/07/2014
14:36:3%
User
Mouse
click
Pro&ra# Maa&er
"ctive !ido! : Pro&ra# Maa&er
Mouse clicks : 1
31/07/2014
14:36:36
User
Mouse
click
Medidor de 'ateria
"ctive !ido! : Medidor de 'ateria
Mouse clicks : 1
31/07/2014
14:36:25
User Processes (evice(isplay)bjectProvider*e$e Process stopped
31/07/2014
14:36:1%
31/07/2014
14:36:1+
User
Mouse
click
Uko! "pplicatio
Mouse clicks : 1
31/07/2014
14:35:33
User Processes !#player*e$e Process stopped
31/07/2014
14:35:32
User
Mouse
click
,ereciador de -are.as
"ctive !ido! : ,ereciador de -are.as
Process a#e : avp
Mouse clicks : 1
31/07/2014
14:35:32
User
Mouse
click
Pro&ra# Maa&er
"ctive !ido! : Pro&ra# Maa&er
Mouse clicks : +
31/07/2014
14:35:1%
User
Mouse
click
/ido!s Media Player
"ctive !ido! : /ido!s Media Player
Process a#e : !#player
Mouse clicks : 5
31/07/2014
14:35:0%
User Processes 0earc12ilter3ost*e$e Process stopped
31/07/2014
14:35:0%
User Processes 0earc1Protocol3ost*e$e Process stopped
31/07/2014
14:33:5%
User
Mouse
click
4o#putador
"ctive !ido! : 4o#putador
Mouse clicks : 1
31/07/2014
14:33:57
User
Mouse
click
5serir disco
"ctive !ido! : 5serir disco
Mouse clicks : 1
31/07/2014
14:33:55
User Processes co1ost*e$e Process stopped
31/07/2014
14:33:55
User Processes c#d*e$e Process stopped
31/07/2014
14:33:55
User Processes .idstr*e$e Process stopped
31/07/2014
14:33:53
User 0yste# user active User !et active
31/07/2014
14:33:47
User Processes !ud.1ost Process started
31/07/2014
14:33:42
User Processes /U(23ost*e$e Process stopped
31/07/2014
14:33:42
User Processes task1ost*e$e Process stopped
31/07/2014
14:33:40
User Processes 6o&oU5*e$e Process stopped
31/07/2014
14:33:40
User Processes .idstr Process started
31/07/2014
14:33:3+
User Processes 2las1PlayerUpdate0ervice*e$e Process stopped
31/07/2014
14:33:36
User Processes 6o&7eporter*e$e Process stopped
31/07/2014
14:33:36
User Processes searc1.ilter1ost Process started
31/07/2014
14:33:36
User Processes taske& Process started
31/07/2014
14:33:36
User Processes co1ost Process started
31/07/2014
14:33:36
User Processes c#d Process started
31/07/2014
14:33:36
User Processes searc1protocol1ost Process started
31/07/2014
14:33:36
User Processes .las1playerupdateservice Process started
31/07/2014
14:33:34
User Processes lo&reporter Process started
31/07/2014
14:33:34
User Processes 0earc1Protocol3ost*e$e Process stopped
31/07/2014
14:33:34
User Processes 0earc12ilter3ost*e$e Process stopped
31/07/2014
14:13:06
User Processes lo&oui Process started
31/07/2014
14:12:3+
User Processes 6o&7eporter*e$e Process stopped
31/07/2014
14:12:3+
User Processes co1ost*e$e Process stopped
31/07/2014
14:12:36
User Processes lo&reporter Process started
31/07/2014
14:12:36
User Processes searc1protocol1ost Process started
31/07/2014
14:12:36
User Processes searc1.ilter1ost Process started
31/07/2014
14:12:36
31/07/2014
14:12:21
User Processes task1ost Process started
31/07/2014
14:03:42
31/07/2014
14:03:42
User Processes SearchProtocolHost.exe Process stopped
31/07/2014
14:02:37
31/07/2014
14:02:37
31/07/2014
13:53:39
31/07/2014
13:53:39
31/07/2014
13:52:35
31/07/2014
13:52:35
31/07/2014
13:50:02
User Sste! "ser i#acti$e User %e#t i#acti$e
31/07/2014
13:47:52
User
&o"se
clic'
(i#do%s &edia Plaer
)cti$e %i#do% : (i#do%s &edia Plaer
Process #a!e : %!plaer
&o"se clic's : 3
31/07/2014
13:47:4*
31/07/2014
13:47:40
31/07/2014
13:47:39
User
&o"se
clic'
+),-&
)cti$e %i#do% : +),-&
Process #a!e : explorer
&o"se clic's : 2
31/07/2014
13:47:35
31/07/2014
13:47:29
31/07/2014
13:47:27
User +estro'es +),-&
)cti$e %i#do% : +),-&
31/07/2014
13:47:25
31/07/2014
13:47:21
31/07/2014
13:47:1.
User Sste! "ser acti$e User %e#t acti$e
31/07/2014
13:47:1.
User
&o"se
clic'
(i#do%s &edia Plaer
&o"se clic's : 1
31/07/2014
13:4*:02
User Sste! "ser i#acti$e User %e#t i#acti$e
31/07/2014
13:43:53
31/07/2014
13:43:49
User Processes %!plaer Process started
31/07/2014
13:43:49
31/07/2014
13:43:47
User
&o"se
clic'
+),-&
)cti$e %i#do% : +),-&
&o"se clic's : 2
31/07/2014
13:43:4*
31/07/2014
13:43:4*
31/07/2014
13:43:20
User
&o"se
clic'
/isco re!o$0$el 12:3
)cti$e %i#do% : /isco re!o$0$el 12:3
&o"se clic's : 2
31/07/2014
13:43:11
User
&o"se
clic'
4ideos da )li#e
)cti$e %i#do% : 4ideos da )li#e
&o"se clic's : 1
31/07/2014
13:43:0*
User Processes %!plaer.exe Process stopped
31/07/2014
13:42:40
User
&o"se
clic'
(i#do%s &edia Plaer
&o"se clic's : 3
31/07/2014
13:42:3*
31/07/2014
13:42:30
User Processes P5F6S,eport.exe Process stopped
31/07/2014
13:42:30
User Processes %!plaer Process started
31/07/2014
13:42:29
User
&o"se
clic'
4ideos da )li#e
)cti$e %i#do% : 4ideos da )li#e
&o"se clic's : 2
31/07/2014
13:42:25
User Processes pcf7sreport Process started
31/07/2014
13:42:25
31/07/2014
13:42:24
User
&o"se
clic'
/isco re!o$0$el 12:3
&o"se clic's : 2
31/07/2014
13:42:21
31/07/2014
13:42:12
31/07/2014
13:42:12
31/07/2014
13:42:10
31/07/2014
13:42:07
User +estro'es /isco re!o$0$el 12:3
31/07/2014
13:42:03
User
Mouse
click
Images
Active window : Images
Mouse clicks : 1
31/07/2014
13:41:"7
User
Mouse
click
#isco remov$vel %I:&
Active window : #isco remov$vel %I:&
Mouse clicks : 2
31/07/2014
13:41:4'
User
Mouse
click
102(()AM
Active window : 102(()AM
Mouse clicks : 1
31/07/2014
13:41:47
User Processes dll*ost+ee Process sto!!ed
31/07/2014
13:41:41
31/07/2014
13:41:3,
User
Mouse
click
(#)10002 - .isuali/ador de 0otos do
1indows
Active window : (#)10002 - .isuali/ador de 0otos do 1indows
Process name : dll*ost
Mouse clicks : 2
31/07/2014
13:41:34
User Processes dll*ost Process started
31/07/2014
13:41:33
User
Mouse
click
102(()AM
Active window : 102(()AM
Mouse clicks : 2
31/07/2014
13:41:32
31/07/2014
13:41:30
31/07/2014
13:41:30
User
Mouse
click
Mouse clicks : 2
31/07/2014
13:41:27
User
Mouse
click
2luetoot*
Active window : 2luetoot*
Mouse clicks : 1
31/07/2014
13:41:24
31/07/2014
13:41:23
User
Mouse
click
Mouse clicks : 2
31/07/2014
13:41:17
31/07/2014
13:41:17
User Processes audiodg Process started
31/07/2014
13:41:1"
User
Mouse
click
Images moni3ue
Active window : Images moni3ue
Mouse clicks : 1
31/07/2014
13:41:0'
User Processes audiodg+ee Process sto!!ed
31/07/2014
13:41:0'
User
Mouse
click
An4in*a da mam$5ee - .isuali/ador
de 0otos do 1indows
Active window : An4in*a da mam$5ee - .isuali/ador de 0otos do 1indows
Mouse clicks : 2
31/07/2014
13:41:0"
User 6e7strokes
aline - .isuali/ador de 0otos do
1indows
Active window : aline - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:0"
User 6e7strokes
Andr$8 0eli!e - .isuali/ador de
0otos do 1indows
Active window : Andr$8 0eli!e - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:04
User 6e7strokes
Ag - .isuali/ador de 0otos do
1indows
Active window : Ag - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:04
User 6e7strokes
Al - .isuali/ador de 0otos do
1indows
Active window : Al - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:03
User 6e7strokes
A9 - .isuali/ador de 0otos do
1indows
Active window : A9 - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:03
User 6e7strokes
a9m - .isuali/ador de 0otos do
1indows
Active window : a9m - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:02
User 6e7strokes
137,,470""122 - .isuali/ador de
0otos do 1indows
Active window : 137,,470""122 - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:02
User 6e7strokes
Ad - .isuali/ador de 0otos do
1indows
Active window : Ad - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:01
User 6e7strokes
20131224:1;4233 - .isuali/ador de
0otos do 1indows
Active window : 20131224:1;4233 - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:00
User 6e7strokes
;4401,:34'032,,,"4402":204;001377:n
- .isuali/ador de 0otos do 1indows
Active window : ;4401,:34'032,,,"4402":204;001377:n - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:00
User 6e7strokes
20131224:1444"1 - .isuali/ador de
0otos do 1indows
Active window : 20131224:1444"1 - .isuali/ador de 0otos do 1indows
31/07/2014
13:41:00
User 6e7strokes
20131224:1;420" - .isuali/ador de
0otos do 1indows
Active window : 20131224:1;420" - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"'
User 6e7strokes
www+elsa+com+2r - .isuali/ador de
0otos do 1indows
Active window : www+elsa+com+2r - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"'
User 6e7strokes
<o7o - .isuali/ador de 0otos do
1indows
Active window : <o7o - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:",
User 6e7strokes
P*oto=rid:13'7000;2;0,, -
.isuali/ador de 0otos do 1indows
Active window : P*oto=rid:13'7000;2;0,, - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:",
User 6e7strokes
UM - .isuali/ador de 0otos do
1indows
Active window : UM - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"3
User 6e7strokes
UM - .isuali/ador de 0otos do
1indows
Active window : UM - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"2
User 6e7strokes
P*oto=rid:13'7000;2;0,, -
.isuali/ador de 0otos do 1indows
Active window : P*oto=rid:13'7000;2;0,, - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"1
User 6e7strokes
meus !eneados - .isuali/ador de
0otos do 1indows
Active window : meus !eneados - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"0
User 6e7strokes
IM=0443A - .isuali/ador de 0otos do
1indows
Active window : IM=0443A - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:"0
User 6e7strokes
1indows
31/07/2014
13:40:4'
User 6e7strokes
IM=00"3A - .isuali/ador de 0otos do
1indows
Active window : IM=00"3A - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:4'
User 6e7strokes
IM=00"4A - .isuali/ador de 0otos do
1indows
Active window : IM=00"4A - .isuali/ador de 0otos do 1indows
31/07/2014
13:40:4'
User 6e7strokes
1indows
31/07/2014
13:40:48
User Keystrokes
IMG0043A - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0043A - Visualizador de otos do !i"do#s
&ro$ess "a'e : dll(ost
31/07/2014
13:40:48
User Keystrokes
!i"do#s
31/07/2014
13:40:48
User Keystrokes
IMG004)A - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG004)A - Visualizador de otos do !i"do#s
31/07/2014
13:40:47
User Keystrokes
!i"do#s
31/07/2014
13:40:47
User Keystrokes
!i"do#s
31/07/2014
13:40:4)
User Keystrokes
!i"do#s
31/07/2014
13:40:4)
User Keystrokes
IMG003*A - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG003*A - Visualizador de otos do !i"do#s
31/07/2014
13:40:4+
User Keystrokes
IMG002*A - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002*A - Visualizador de otos do !i"do#s
31/07/2014
13:40:4+
User Keystrokes
!i"do#s
31/07/2014
13:40:44
User Keystrokes
IMG002), - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002), - Visualizador de otos do !i"do#s
31/07/2014
13:40:43
User Keystrokes
IMG002)- - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002)- - Visualizador de otos do !i"do#s
31/07/2014
13:40:43
User Keystrokes
IMG002). - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002). - Visualizador de otos do !i"do#s
31/07/2014
13:40:42
User Keystrokes
IMG002+/ - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+/ - Visualizador de otos do !i"do#s
31/07/2014
13:40:41
User Keystrokes
IMG002+G - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+G - Visualizador de otos do !i"do#s
31/07/2014
13:40:41
User Keystrokes
IMG002+0 - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+0 - Visualizador de otos do !i"do#s
31/07/2014
13:40:40
User Keystrokes
IMG002+ - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+ - Visualizador de otos do !i"do#s
31/07/2014
13:40:3*
User Keystrokes
IMG002+. - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+. - Visualizador de otos do !i"do#s
31/07/2014
13:40:3*
User Keystrokes
IMG002+, - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+, - Visualizador de otos do !i"do#s
31/07/2014
13:40:38
User Keystrokes
IMG002+A - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG002+A - Visualizador de otos do !i"do#s
31/07/2014
13:40:37
User Keystrokes
IMG0024I - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0024I - Visualizador de otos do !i"do#s
31/07/2014
13:40:3+
User Keystrokes
IMG0024, - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0024, - Visualizador de otos do !i"do#s
31/07/2014
13:40:31
User Keystrokes
IMG0024. - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0024. - Visualizador de otos do !i"do#s
31/07/2014
13:40:30
User Keystrokes
IMG0024- - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0024- - Visualizador de otos do !i"do#s
31/07/2014
13:40:2*
User Keystrokes
IMG0023K - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0023K - Visualizador de otos do !i"do#s
31/07/2014
13:40:2*
User Keystrokes
IMG00231 - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG00231 - Visualizador de otos do !i"do#s
31/07/2014
13:40:28
User Keystrokes
IMG0023/ - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0023/ - Visualizador de otos do !i"do#s
31/07/2014
13:40:27
User Keystrokes
!i"do#s
31/07/2014
13:40:27
User Keystrokes
!i"do#s
31/07/2014
13:40:18
User Keystrokes
IMG0023G - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0023G - Visualizador de otos do !i"do#s
31/07/2014
13:40:17
User Keystrokes
IMG0023, - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0023, - Visualizador de otos do !i"do#s
31/07/2014
13:40:17
User Keystrokes
!i"do#s
31/07/2014
13:40:1)
User Keystrokes
IMG0023. - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0023. - Visualizador de otos do !i"do#s
31/07/2014
13:40:12
User Keystrokes
IMG0023- - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0023- - Visualizador de otos do !i"do#s
31/07/2014
13:40:11
User Keystrokes
!i"do#s
31/07/2014
13:40:10
User Keystrokes
!i"do#s
31/07/2014
13:40:10
User Keystrokes
!i"do#s
31/07/2014
13:40:0*
User Keystrokes
IMG0022V - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0022V - Visualizador de otos do !i"do#s
31/07/2014
13:40:08
User Keystrokes
IMG0022U - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0022U - Visualizador de otos do !i"do#s
31/07/2014
13:40:07
User Keystrokes
!i"do#s
31/07/2014
13:40:07
User Keystrokes
!i"do#s
31/07/2014
13:3*:+1
User Keystrokes
IMG0022& - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0022& - Visualizador de otos do !i"do#s
31/07/2014
13:3*:44
User Keystrokes
IMG0022M - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0022M - Visualizador de otos do !i"do#s
31/07/2014
13:3*:3+
User Keystrokes
IMG0022K - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0022K - Visualizador de otos do !i"do#s
31/07/2014
13:3*:34
User Keystrokes
IMG0022/ - Visualizador de otos do
!i"do#s
A$ti%e #i"do# : IMG0022/ - Visualizador de otos do !i"do#s
31/07/2014
13:3*:33
User Keystrokes
!i"do#s
31/07/2014
13:3*:30
User Keystrokes
!i"do#s
31/07/2014 IMG0022 - Visualizador de otos do A$ti%e #i"do# : IMG0022 - Visualizador de otos do !i"do#s
13:39:21 User Keystrokes Windows Process name : dllhost
31/07/2014
13:39:20
User Keystrokes
I!0022" # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0022" # $is%ali&ador de 'otos do Windows
Process name : dllhost
31/07/2014
13:39:19
User Keystrokes
I!0022* # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0022* # $is%ali&ador de 'otos do Windows
31/07/2014
13:39:19
User Keystrokes
I!0022+ # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0022+ # $is%ali&ador de 'otos do Windows
31/07/2014
13:39:1,
User Keystrokes
I!0022( # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0022( # $is%ali&ador de 'otos do Windows
31/07/2014
13:39:17
User Keystrokes
I!0021$ # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021$ # $is%ali&ador de 'otos do Windows
31/07/2014
13:39:17
User Keystrokes
I!0021- # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021- # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:41
User Keystrokes
I!0021. # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021. # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:41
User Keystrokes
I!0021/ # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021/ # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:40
User Keystrokes
I!0021P # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021P # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:39
User Keystrokes
I!00210 # $is%ali&ador de 'otos do
Windows
(cti)e window : I!00210 # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:39
User Keystrokes
Windows
31/07/2014
13:3,:37
User Keystrokes
I!0021K # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021K # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:32
User Keystrokes
Windows
31/07/2014
13:3,:27
User Keystrokes
I!0021' # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021' # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:23
User Keystrokes
Windows
31/07/2014
13:3,:24
User Keystrokes
Windows
31/07/2014
13:3,:22
User Keystrokes
I!0021( # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0021( # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:20
User Keystrokes
I!0020- # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020- # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:1,
User Keystrokes
Windows
31/07/2014
13:3,:17
User Keystrokes
I!0020W # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020W # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:13
User Keystrokes
I!0020U # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020U # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:14
User Keystrokes
Windows
31/07/2014
13:3,:0,
User Keystrokes
I!0020U # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020U # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:07
User Keystrokes
Windows
31/07/2014
13:3,:03
User Keystrokes
I!0020. # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020. # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:06
User Keystrokes
Windows
31/07/2014
13:3,:06
User Keystrokes
Windows
31/07/2014
13:3,:04
User Keystrokes
Windows
31/07/2014
13:3,:04
User Keystrokes
I!0020P # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020P # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:03
User Keystrokes
I!0020! # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020! # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:03
User Keystrokes
Windows
31/07/2014
13:3,:02
User Keystrokes
I!0020" # $is%ali&ador de 'otos do
Windows
(cti)e window : I!0020" # $is%ali&ador de 'otos do Windows
31/07/2014
13:3,:01
User Keystrokes
Windows
31/07/2014
13:3,:01
User Keystrokes
Windows
31/07/2014
13:3,:00
User Keystrokes
I!92014031,9W(0002 # $is%ali&ador
de 'otos do Windows
(cti)e window : I!92014031,9W(0002 # $is%ali&ador de 'otos do Windows
31/07/2014
13:37:6,
User Keystrokes
I!9201403149W(0002 # $is%ali&ador
de 'otos do Windows
(cti)e window : I!9201403149W(0002 # $is%ali&ador de 'otos do Windows
31/07/2014
13:37:62
User Keystrokes
I!92014031,9W(0002 # $is%ali&ador
de 'otos do Windows
(cti)e window : I!92014031,9W(0002 # $is%ali&ador de 'otos do Windows
31/07/2014
13:37:47
User Keystrokes
I!9201403149W(0002 # $is%ali&ador
de 'otos do Windows
31/07/2014
13:37:10
User Keystrokes
I!9201403149W(0001 # $is%ali&ador
de 'otos do Windows
31/07/2014
13:37:09
User Keystrokes
I!9201403079W(0002 # $is%ali&ador
de 'otos do Windows
31/07/2014
13:33:43
User Keystrokes
I!9201403079W(0001 # $is%ali&ador
de 'otos do Windows
31/07/2014
13:33:34
User Keystrokes
I!9201309069W(0066 # $is%ali&ador
de 'otos do Windows
31/07/2014
13:33:33
User Keystrokes
'oto03799001 # $is%ali&ador de
'otos do Windows
(cti)e window : 'oto03799001 # $is%ali&ador de 'otos do Windows
31/07/2014
13:33:32
User Keystrokes
'oto0439 # $is%ali&ador de 'otos do
Windows
31/07/2014
13:33:31
User Keystrokes
Windows
31/07/2014
13:33:30
User Keystrokes
Windows
31/07/2014
13:36:29
User Keystrokes
Foto0432 - Visualizador de Fotos do
Windos
!"ti#e indo : Foto0432 - Visualizador de Fotos do Windos
$ro"ess na%e : dll&ost
31/07/2014
13:36:2'
User Keystrokes
(oto0343)001 - Visualizador de
Fotos do Windos
!"ti#e indo : (oto0343)001 - Visualizador de Fotos do Windos
31/07/2014
13:36:2'
User Keystrokes
(oto03'1* - Visualizador de Fotos
do Windos
!"ti#e indo : (oto03'1* - Visualizador de Fotos do Windos
31/07/2014
13:36:27
User Keystrokes
Foto0094 - Visualizador de Fotos do
Windos
!"ti#e indo : Foto0094 - Visualizador de Fotos do Windos
31/07/2014
13:36:26
User Keystrokes
Foto00'' - Visualizador de Fotos do
Windos
!"ti#e indo : Foto00'' - Visualizador de Fotos do Windos
31/07/2014
13:36:26
User Keystrokes
Foto00'9 - Visualizador de Fotos do
Windos
!"ti#e indo : Foto00'9 - Visualizador de Fotos do Windos
31/07/2014
13:36:2+
User Keystrokes
(% - Visualizador de Fotos do
Windos
!"ti#e indo : (% - Visualizador de Fotos do Windos
31/07/2014
13:36:2+
User Keystrokes
Foto001')001 - Visualizador de
Fotos do Windos
!"ti#e indo : Foto001')001 - Visualizador de Fotos do Windos
31/07/2014
13:36:24
User Keystrokes
(eli, -ia - Visualizador de Fotos
do Windos
!"ti#e indo : (eli, -ia - Visualizador de Fotos do Windos
31/07/2014
13:36:23
User Keystrokes
.lsa/0 - Visualizador de Fotos do
Windos
!"ti#e indo : .lsa/0 - Visualizador de Fotos do Windos
31/07/2014
13:36:23
User Keystrokes
.u . 1in&a $rin"esa 2indas -
Visualizador de Fotos do Windos
!"ti#e indo : .u . 1in&a $rin"esa 2indas - Visualizador de Fotos do Windos
31/07/2014
13:36:22
User Keystrokes
3u,415617)20130902)W!0007 -
!"ti#e indo : 3u,415617)20130902)W!0007 - Visualizador de Fotos do Windos
31/07/2014
13:36:22
User Keystrokes
.28! - Visualizador de Fotos do
Windos
!"ti#e indo : .28! - Visualizador de Fotos do Windos
31/07/2014
13:36:21
User Keystrokes
9:1.;!)20131020)1636++ -
!"ti#e indo : 9:1.;!)20131020)1636++ - Visualizador de Fotos do Windos
31/07/2014
13:36:20
User Keystrokes
9oral da .sta"a 1a"a,<= -
!"ti#e indo : 9oral da .sta"a 1a"a,<= - Visualizador de Fotos do Windos
31/07/2014
13:36:20
User Keystrokes
9:1.;!)20131014)07233' -
!"ti#e indo : 9:1.;!)20131014)07233' - Visualizador de Fotos do Windos
31/07/2014
13:36:19
User Keystrokes
9!100166)001 - Visualizador de
Fotos do Windos
!"ti#e indo : 9!100166)001 - Visualizador de Fotos do Windos
31/07/2014
13:36:19
User Keystrokes
9!100169)001 - Visualizador de
Fotos do Windos
!"ti#e indo : 9!100169)001 - Visualizador de Fotos do Windos
31/07/2014
13:36:1'
User Keystrokes
aylla3 - Visualizador de Fotos do
Windos
!"ti#e indo : aylla3 - Visualizador de Fotos do Windos
31/07/2014
13:36:17
User Keystrokes
!, - Visualizador de Fotos do
Windos
!"ti#e indo : !, - Visualizador de Fotos do Windos
31/07/2014
13:36:17
User Keystrokes
aylla1 - Visualizador de Fotos do
Windos
!"ti#e indo : aylla1 - Visualizador de Fotos do Windos
31/07/2014
13:36:17
User $ro"esses dll&ost>e?e $ro"ess sto,,ed
31/07/2014
13:36:16
User Keystrokes
!nna e elsa - Visualizador de Fotos
do Windos
!"ti#e indo : !nna e elsa - Visualizador de Fotos do Windos
31/07/2014
13:36:1+
User Keystrokes
!ndr<@ Feli,e - Visualizador de
Fotos do Windos
!"ti#e indo : !ndr<@ Feli,e - Visualizador de Fotos do Windos
31/07/2014
13:36:1+
User Keystrokes
!nAin&a da %a%<Bee - Visualizador
de Fotos do Windos
!"ti#e indo : !nAin&a da %a%<Bee - Visualizador de Fotos do Windos
31/07/2014
13:36:13
User $ro"esses dll&ost $ro"ess started
31/07/2014
13:36:13
31/07/2014
13:36:11
User
1ouse
"li"k
6%aCes %oniDue
!"ti#e indo : 6%aCes %oniDue
$ro"ess na%e : e?,lorer
1ouse "li"ks : 2
31/07/2014
13:36:07
31/07/2014
13:36:06
User
1ouse
"li"k
3is"o re%o#<#el 46:5
!"ti#e indo : 3is"o re%o#<#el 46:5
1ouse "li"ks : 3
31/07/2014
13:36:03
31/07/2014
13:3+:+'
31/07/2014
13:3+:+'
User
1ouse
"li"k
%oniDue
!"ti#e indo : %oniDue
1ouse "li"ks : 1
31/07/2014
13:3+:+4
User
1ouse
"li"k
1ouse "li"ks : 2
31/07/2014
13:3+:4'
31/07/2014
13:3+:46
User Keystrokes 3is"o re%o#<#el 46:5
31/07/2014
13:3+:39
31/07/2014
13:3+:37
User
1ouse
"li"k
6%aCes
!"ti#e indo : 6%aCes
1ouse "li"ks : 1
31/07/2014
13:3+:33
31/07/2014
13:3+:30
User
1ouse
"li"k
9:1.;!)20130'2+)190126 -
!"ti#e indo : 9:1.;!)20130'2+)190126 - Visualizador de Fotos do Windos
1ouse "li"ks : 2
31/07/2014
13:3+:27
31/07/2014
13:3+:27
31/07/2014
13:3+:2+
User
1ouse
"li"k
6%aCes
!"ti#e indo : 6%aCes
1ouse "li"ks : 2
31/07/2014
13:3+:19
User
1ouse
"li"k
Mouse clicks : 2
31/07/2014
13:35:14
31/07/2014
13:35:10
User
Mouse
click
FOTO !"#$"%"
"cti&e 'i(do' : FOTO !"#$"%"
Process ()*e : explorer
Mouse clicks : 1
31/07/2014
13:35:04
User
Mouse
click
FOTO TO%" +10, - !isu)li.)dor de
Fotos do /i(do's
"cti&e 'i(do' : FOTO TO%" +10, - !isu)li.)dor de Fotos do /i(do's
Process ()*e : dllhost
Mouse clicks : 2
31/07/2014
13:35:00
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:45
User Processes e)rchProtocol2ost.exe Process stopped
31/07/2014
13:33:45
User Processes e)rchFilter2ost.exe Process stopped
31/07/2014
13:33:34
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:34
User 0e1strokes
%450647 - !isu)li.)dor de Fotos do
/i(do's
"cti&e 'i(do' : %450647 - !isu)li.)dor de Fotos do /i(do's
31/07/2014
13:33:33
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:32
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:31
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:30
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:26
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:27
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:23
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:23
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:22
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:21
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:33:20
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:51
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:51
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:50
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:46
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:46
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:47
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:41
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:40
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:40
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:37
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:36
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:36
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:37
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:33
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:35
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:35
User Processes se)rchprotocolhost Process st)rted
31/07/2014
13:32:35
User Processes se)rch8ilterhost Process st)rted
31/07/2014
13:32:34
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:34
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:33
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:27
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:26
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:26
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:23
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:22
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:22
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:21
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:20
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:17
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:15
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:15
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:12
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:11
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:03
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:32:02
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:56
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:57
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:53
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:55
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:54
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:53
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:43
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:45
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:44
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:43
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:42
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:41
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:40
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:40
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:37
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:36
User 0e1strokes
Fotos do /i(do's
31/07/2014
13:31:36
31/07/2014
13:31:37
User 0e1strokes
%450647 - !isu)li.)dor de Fotos do
/i(do's
"cti&e 'i(do' : %450647 - !isu)li.)dor de Fotos do /i(do's
31/07/2014
13:31:34
User Processes dllhost Process st)rted
31/07/2014
13:31:34
31/07/2014
13:31:34
31/07/2014
13:31:32
User
Mouse
click
FOTO !"#$"%"
"cti&e 'i(do' : FOTO !"#$"%"
Mouse clicks : 2
31/07/2014
13:31:27
31/07/2014
13:31:23
User
Mouse
click
%isco re*o&9&el +$:,
"cti&e 'i(do' : %isco re*o&9&el +$:,
Mouse clicks : 2
31/07/2014
13:31:25
User Processes e)rchProtocol2ost.exe Process stopped
31/07/2014
13:31:25
User Processes e)rchFilter2ost.exe Process stopped
31/07/2014
13:31:15
User
Mouse
click
4o*put)dor
"cti&e 'i(do' : 4o*put)dor
Mouse clicks : 2
31/07/2014
13:31:07
User
Mouse
click
$*):e(s
"cti&e 'i(do' : $*):e(s
Mouse clicks : 1
31/07/2014
13:31:03
User
Mouse
click
Mo(i;ue
"cti&e 'i(do' : Mo(i;ue
Mouse clicks : 1
31/07/2014
13:30:46
User
Mouse
click
4opi)r P)st)
"cti&e 'i(do' : 4opi)r P)st)
Mouse clicks : 2
31/07/2014
13:30:40
User
Mouse
click
Mo(i;ue
"cti&e 'i(do' : Mo(i;ue
Mouse clicks : 1
31/07/2014
13:30:37
User
Mouse
click
%4$M
"cti&e 'i(do' : %4$M
Mouse clicks : 1
31/07/2014
13:30:32
User
Mouse
click
1035$0O5
"cti&e 'i(do' : 1035$0O5
Mouse clicks : 1
31/07/2014
13:30:26
31/07/2014
13:30:20
User
Mouse
click
DCIM
Active window : DCIM
Process nae : e!"lorer
Mouse clicks : 2
31/07/2014
13:30:1#
User Processes searc$"rotocol$ost Process started
31/07/2014
13:30:1#
User Processes searc$%ilter$ost Process started
31/07/2014
13:30:17
31/07/2014
13:30:17
User
Mouse
click
Moni&ue
Active window : Moni&ue
Mouse clicks : 2
31/07/2014
13:30:13
User Processes dll$ost'e!e Process sto""ed
31/07/2014
13:30:13
User
Mouse
click
100(I)*(
Active window : 100(I)*(
Mouse clicks : 1
31/07/2014
13:30:0#
31/07/2014
13:30:07
User
Mouse
click
Moni&ue
Mouse clicks : 2
31/07/2014
13:30:0+
User
Mouse
click
101(I)*(
Active window : 101(I)*(
Mouse clicks : 1
31/07/2014
13:30:02
31/07/2014
13:2#:+,
31/07/2014
13:2#:++
User
Mouse
click
Moni&ue
Mouse clicks : 2
31/07/2014
13:2#:+3
User
Mouse
click
Ia-ens
Active window : Ia-ens
Mouse clicks : 2
31/07/2014
13:2#:4.
User Processes /earc$0ilter1ost'e!e Process sto""ed
31/07/2014
13:2#:4.
User Processes /earc$Protocol1ost'e!e Process sto""ed
31/07/2014
13:2#:33
31/07/2014
13:2#:31
User
Mouse
click
*ri-inals
Active window : *ri-inals
Mouse clicks : 1
31/07/2014
13:2#:2,
31/07/2014
13:2#:2,
31/07/2014
13:2#:2,
User
Mouse
click
Ia-ens
Mouse clicks : 2
31/07/2014
13:2#:0+
User
Mouse
click
20140,2.20.01+. 3 4isuali5ador de
0otos do 6indows
Active window : 20140,2.20.01+. 3 4isuali5ador de 0otos do 6indows
Process nae : dll$ost
Mouse clicks : 3
31/07/2014
13:2.:+3
31/07/2014
13:2.:+1
User
Mouse
click
Ia-ens
Mouse clicks : 2
31/07/2014
13:2.:+0
31/07/2014
13:2.:4.
User
Mouse
click
out"ut
Active window : out"ut
Mouse clicks : 1
31/07/2014
13:2.:4,
User Processes searc$%ilter$ost Process started
31/07/2014
13:2.:4,
User Processes searc$"rotocol$ost Process started
31/07/2014
13:2.:44
31/07/2014
13:2.:44
User
Mouse
click
Ia-ens
Mouse clicks : 2
31/07/2014
13:2.:42
31/07/2014
13:2.:40
User
Mouse
click
DCIM
Mouse clicks : 1
31/07/2014
13:2.:3#
User
Mouse
click
Caera
Active window : Caera
Mouse clicks : 1
31/07/2014
13:2.:37
User
Mouse
click
DCIM
Mouse clicks : 2
31/07/2014
13:2.:3+
31/07/2014
13:2.:3+
User
Mouse
click
Ia-ens
Mouse clicks : 2
31/07/2014
13:2.:1+
User
Mouse
click
Co"iar Pasta
Active window : Co"iar Pasta
Mouse clicks : 2
31/07/2014
13:2.:02
User
Mouse
click
Ia-ens
Mouse clicks : 1
31/07/2014
13:27:+7
31/07/2014 Mouse Active window : Moni&ue
13:27:57
User
click
Monique
Mouse clicks : 1
31/07/2014
13:27:53
31/07/2014
13:27:51
User
Mouse
click
ma!ens
"cti#e $indo$ : ma!ens
Mouse clicks : 2
31/07/2014
13:27:04
User
Mouse
click
"%&U'() *+:,
"cti#e $indo$ : "%&U'() *+:,
Mouse clicks : 2
31/07/2014
13:2-:41
User Processes )earch+ilter.ost/exe Process stopped
31/07/2014
13:2-:41
User Processes )earchProtocol.ost/exe Process stopped
31/07/2014
13:2-:41
User
Mouse
click
ma!ens
Mouse clicks : 2
31/07/2014
13:2-:30
User
Mouse
click
+(1() '"%"2")
"cti#e $indo$ : +(1() '"%"2")
Mouse clicks : 1
31/07/2014
13:2-:34
User
Mouse
click
ma!ens
Mouse clicks : 2
31/07/2014
13:25:30
User Processes dllhost/exe Process stopped
31/07/2014
13:25:33
User Processes search3ilterhost Process started
31/07/2014
13:25:33
31/07/2014
13:25:33
31/07/2014
13:25:31
User
Mouse
click
4omputador
"cti#e $indo$ : 4omputador
Mouse clicks : 2
31/07/2014
13:25:23
31/07/2014
13:25:23
User
Mouse
click
5erenciador de 1are3as
"cti#e $indo$ : 5erenciador de 1are3as
Process name : a#p
Mouse clicks : 1
31/07/2014
13:25:23
User
Mouse
click
Pro!ram Mana!er
"cti#e $indo$ : Pro!ram Mana!er
Mouse clicks : 1
31/07/2014
13:25:16
User Processes spark/exe Process stopped
31/07/2014
13:25:16
31/07/2014
13:25:16
31/07/2014
13:25:16
31/07/2014
13:25:1-
31/07/2014
13:25:1-
31/07/2014
13:25:14
31/07/2014
13:25:12
User
Mouse
click
n78o est79 dispon7#el : )park
;ro$ser
"cti#e $indo$ : n78o est79 dispon7#el : )park ;ro$ser
Process name : spark
Mouse clicks : 2
31/07/2014
13:25:10
31/07/2014
13:25:10
31/07/2014
13:25:10
31/07/2014
13:25:00
31/07/2014
13:25:07
User
Mouse
click
Pro!ram Mana!er
"cti#e $indo$ : Pro!ram Mana!er
Mouse clicks : 1
31/07/2014
13:24:30
User Processes rundll32/exe Process stopped
31/07/2014
13:24:20
31/07/2014
13:24:2-
User Processes 2e#ice2ispla<(=>ectPro#ider/exe Process stopped
31/07/2014
13:24:2-
User
Mouse
click
Medidor de ;ateria
"cti#e $indo$ : Medidor de ;ateria
Mouse clicks : 2
31/07/2014
13:24:16
User Processes de#icedispla<o=>ectpro#ider Process started
31/07/2014
13:24:10
User
Mouse
click
Unkno$n "pplication
"cti#e $indo$ : Unkno$n "pplication
Mouse clicks : 1
31/07/2014
13:24:1-
User
Mouse
click
"cti#e $indo$ : 5erenciador de 1are3as
Process name : a#p
Mouse clicks : 1
31/07/2014
13:24:10
User
Mouse
click
24M
"cti#e $indo$ : 24M
Mouse clicks : 1
31/07/2014
13:23:35
User Processes audiod! Process started
31/07/2014
13:23:35
User Processes )earch+ilter.ost/exe Process stopped
31/07/2014
13:23:35
User Processes )earchProtocol.ost/exe Process stopped
31/07/2014
13:23:35 User Processes dllhost/exe Process stopped
31/07/2014
13:23:33
User
Mouse
click
100))4"M
"cti#e $indo$ : 100))4"M
Mouse clicks : 1
31/07/2014
13:23:27
User
Mouse
click
)2411371 : 'isuali?ador de +otos do
@indo$s
"cti#e $indo$ : )2411371 : 'isuali?ador de +otos do @indo$s
Mouse clicks : 2
31/07/2014
13:23:23
User Ae<strokes
)24113-0 : 'isuali?ador de +otos do
@indo$s
"cti#e $indo$ : )24113-0 : 'isuali?ador de +otos do @indo$s
31/07/2014
13:23:21
User Ae<strokes
@indo$s
31/07/2014
13:23:20
User Ae<strokes
@indo$s
31/07/2014
13:22:50
User Ae<strokes
)241135- : 'isuali?ador de +otos do
@indo$s
"cti#e $indo$ : )241135- : 'isuali?ador de +otos do @indo$s
31/07/2014
13:22:57
User Ae<strokes
@indo$s
31/07/2014
13:22:5-
User Ae<strokes
@indo$s
31/07/2014
13:22:55
User Ae<strokes
@indo$s
31/07/2014
13:22:51
User Ae<strokes
@indo$s
31/07/2014
13:22:40
User Ae<strokes
@indo$s
31/07/2014
13:22:42
User Ae<strokes
@indo$s
31/07/2014
13:22:41
User Ae<strokes
@indo$s
31/07/2014
13:22:37
User Ae<strokes
@indo$s
31/07/2014
13:22:34
31/07/2014
13:22:34
31/07/2014
13:22:32
User Ae<strokes
@indo$s
31/07/2014
13:22:31
User Ae<strokes
@indo$s
31/07/2014
13:22:26
User Ae<strokes
)24112-- : 'isuali?ador de +otos do
@indo$s
"cti#e $indo$ : )24112-- : 'isuali?ador de +otos do @indo$s
31/07/2014
13:22:21
User Ae<strokes
@indo$s
31/07/2014
13:21:57
User Ae<strokes
@indo$s
31/07/2014
13:21:31
User Ae<strokes
@indo$s
31/07/2014
13:21:21
User Ae<strokes
@indo$s
31/07/2014
13:21:20
User Ae<strokes
@indo$s
31/07/2014
13:21:16
User Ae<strokes
@indo$s
31/07/2014
13:21:10
User Ae<strokes
@indo$s
31/07/2014
13:21:10
User Ae<strokes
@indo$s
31/07/2014
13:21:17
User Ae<strokes
@indo$s
31/07/2014
13:21:1-
User Ae<strokes
@indo$s
31/07/2014
13:21:15
User Ae<strokes
@indo$s
31/07/2014
13:21:14
User Ae<strokes
@indo$s
31/07/2014
13:21:14
User Ae<strokes
@indo$s
31/07/2014
13:21:13
User Ae<strokes
@indo$s
31/07/2014
13:21:12
User Ae<strokes
@indo$s
31/07/2014
13:21:11
User Ae<strokes
@indo$s
31/07/2014
13:21:11
User Ae<strokes
@indo$s
31/07/2014
13:21:10
User Ae<strokes
@indo$s
31/07/2014
13:21:07
User Ae<strokes
@indo$s
31/07/2014
13:21:00
User Ae<strokes
@indo$s
31/07/2014
13:20:56
User Ae<strokes
@indo$s
31/07/2014
13:20:52
User Ae<strokes
@indo$s
31/07/2014
13:20:42
User Ae<strokes
@indo$s
31/07/2014
13:20:30
User Ae<strokes
@indo$s
31/07/2014
13:20:3-
User Ae<strokes
@indo$s
31/07/2014
13:20:31
User Ae<strokes
@indo$s
31/07/2014
13:20:17
User Ae<strokes
@indo$s
31/07/2014
13:20:10
User Ae<strokes
@indo$s
31/07/2014
13:20:00
User Ae<strokes
@indo$s
31/07/2014
13:20:07
User Ae<strokes
@indo$s
31/07/2014
13:20:01
User Processes tasken!/exe Process stopped
31/07/2014
13:16:50
User Ae<strokes
@indo$s
31/07/2014
13:16:5-
User Ae<strokes
@indo$s
31/07/2014
13:16:00
User Ae<strokes
@indo$s
31/07/2014
13:16:0-
User Ae<strokes
@indo$s
31/07/2014
13:16:05
User Ae<strokes
@indo$s
31/07/2014
13:16:01
User Ae<strokes
@indo$s
31/07/2014
13:10:40
User Ae<strokes
@indo$s
31/07/2014
13:10:40
User Processes audiod!/exe Process stopped
31/07/2014
13:10:47
User Ae<strokes
@indo$s
31/07/2014
13:10:4-
User Ae<strokes
@indo$s
31/07/2014
13:10:45
User Ae<strokes
@indo$s
31/07/2014
13:10:45
User Ae<strokes
@indo$s
31/07/2014
13:10:44
User Ae<strokes
@indo$s
31/07/2014
13:10:40
User Ae<strokes
@indo$s
31/07/2014
13:10:37
User Ae<strokes
@indo$s
31/07/2014
13:10:3-
User Ae<strokes
@indo$s
31/07/2014
13:10:35
User Ae<strokes
@indo$s
31/07/2014
13:10:26
User Ae<strokes
@indo$s
31/07/2014
13:10:20
User Ae<strokes
@indo$s
31/07/2014
13:10:27
User Ae<strokes
@indo$s
31/07/2014
13:10:2-
User Ae<strokes
@indo$s
31/07/2014
13:10:2-
User Ae<strokes
@indo$s
31/07/2014
13:10:11
User Ae<strokes
@indo$s
31/07/2014
13:10:0-
User Ae<strokes
@indo$s
31/07/2014
13:10:05
User Ae<strokes
@indo$s
31/07/2014
13:10:05
User Ae<strokes
@indo$s
31/07/2014
13:10:04
User Ae<strokes
@indo$s
31/07/2014
13:10:03
User Ae<strokes
@indo$s
31/07/2014
13:10:02
User Ae<strokes
@indo$s
31/07/2014
13:17:56
User Ae<strokes
@indo$s
31/07/2014
13:17:50
User Ae<strokes
@indo$s
31/07/2014
13:17:5-
User Ae<strokes
@indo$s
31/07/2014
13:17:10
User Ae<strokes
@indo$s
31/07/2014
13:17:17
User Ae<strokes
@indo$s
31/07/2014
13:17:15
User Ae<strokes
@indo$s
31/07/2014
13:17:14
User Ae<strokes
@indo$s
31/07/2014
13:17:12
User Ae<strokes
@indo$s
31/07/2014
13:17:11
User Ae<strokes
@indo$s
31/07/2014
13:17:06
User Ae<strokes
@indo$s
31/07/2014
13:17:00
User Ae<strokes
@indo$s
31/07/2014
13:17:0-
User Ae<strokes
@indo$s
31/07/2014 )241142- : 'isuali?ador de +otos do "cti#e $indo$ : )241142- : 'isuali?ador de +otos do @indo$s
13:17:04 User Ae<strokes @indo$s Process name : dllhost
31/07/2014
13:1-:35
User Ae<strokes
@indo$s
31/07/2014
13:1-:34
User Ae<strokes
@indo$s
31/07/2014
13:1-:31
User Ae<strokes
@indo$s
31/07/2014
13:1-:30
User Ae<strokes
@indo$s
31/07/2014
13:1-:26
User Ae<strokes
@indo$s
31/07/2014
13:1-:20
User Ae<strokes
@indo$s
31/07/2014
13:1-:20
User Ae<strokes
@indo$s
31/07/2014
13:1-:16
User Ae<strokes
@indo$s
31/07/2014
13:1-:1-
User Ae<strokes
@indo$s
31/07/2014
13:1-:15
User Ae<strokes
@indo$s
31/07/2014
13:1-:03
User Ae<strokes
@indo$s
31/07/2014
13:15:57
User Ae<strokes
@indo$s
31/07/2014
13:15:44
User Ae<strokes
@indo$s
31/07/2014
13:15:42
User Ae<strokes
@indo$s
31/07/2014
13:15:37
User Ae<strokes
@indo$s
31/07/2014
13:15:2-
User Ae<strokes
@indo$s
31/07/2014
13:15:10
User Ae<strokes
@indo$s
31/07/2014
13:15:17
User Ae<strokes
@indo$s
31/07/2014
13:15:12
User Ae<strokes
@indo$s
31/07/2014
13:15:11
User Ae<strokes
@indo$s
31/07/2014
13:15:06
User Ae<strokes
@indo$s
31/07/2014
13:15:00
User Ae<strokes
@indo$s
31/07/2014
13:15:01
User Processes tasken! Process started
31/07/2014
13:14:56
User Ae<strokes
@indo$s
31/07/2014
13:14:30
User Ae<strokes
@indo$s
31/07/2014
13:14:37
User Ae<strokes
@indo$s
31/07/2014
13:14:3-
User Ae<strokes
@indo$s
31/07/2014
13:14:33
User Ae<strokes
@indo$s
31/07/2014
13:14:32
User Ae<strokes
@indo$s
31/07/2014
13:14:22
User Ae<strokes
@indo$s
31/07/2014
13:14:21
User Ae<strokes
@indo$s
31/07/2014
13:14:20
User Ae<strokes
@indo$s
31/07/2014
13:14:16
User Ae<strokes
@indo$s
31/07/2014
13:14:10
User Ae<strokes
@indo$s
31/07/2014
13:14:1-
User Ae<strokes
@indo$s
31/07/2014
13:14:15
User Ae<strokes
@indo$s
31/07/2014
13:14:14
User Ae<strokes
@indo$s
31/07/2014
13:14:13
User Ae<strokes
@indo$s
31/07/2014
13:14:13
User Ae<strokes
@indo$s
31/07/2014
13:13:56
User Ae<strokes
@indo$s
31/07/2014
13:13:50
User Ae<strokes
)24112-- : 'isuali?ador de +otos do
@indo$s
"cti#e $indo$ : )24112-- : 'isuali?ador de +otos do @indo$s
31/07/2014
13:13:57
User Ae<strokes
@indo$s
31/07/2014
13:13:54
User Ae<strokes
@indo$s
31/07/2014
13:13:51
31/07/2014
13:13:50
User
Mouse
click
100))4"M
"cti#e $indo$ : 100))4"M
Mouse clicks : 2
31/07/2014
13:13:49 User Processes dllhost.exe Process stopped
31/07/2014
13:13:47
User
Mouse
click
Nova pasta
ctive !i"do! : Nova pasta
Process "a#e : explorer
Mouse clicks : 1
31/07/2014
13:13:4$
31/07/2014
13:13:4$
31/07/2014
13:13:43
User Processes %earchProtocol&ost.exe Process stopped
31/07/2014
13:13:43
User Processes spark.exe Process stopped
31/07/2014
13:13:43
31/07/2014
13:13:43
User Processes %earch'ilter&ost.exe Process stopped
31/07/2014
13:13:43
31/07/2014
13:13:43
User
Mouse
click
100%%(M
ctive !i"do! : 100%%(M
Mouse clicks : 2
31/07/2014
13:13:40
31/07/2014
13:13:39
User
Mouse
click
)(*M
ctive !i"do! : )(*M
Mouse clicks : 3
31/07/2014
13:13:3+
31/07/2014
13:13:3+
31/07/2014
13:13:3$
User
Mouse
click
",-o est,. dispo",vel / %park
0ro!ser
ctive !i"do! : ",-o est,. dispo",vel / %park 0ro!ser
Process "a#e : spark
Mouse clicks : 1
31/07/2014
13:13:30
31/07/2014
13:13:21
31/07/2014
13:13:21
31/07/2014
13:13:21
31/07/2014
13:13:20
User
Mouse
click
)(*M
ctive !i"do! : )(*M
Mouse clicks : 2
31/07/2014
13:13:17
User
Mouse
click
10$%%(M
ctive !i"do! : 10$%%(M
Mouse clicks : 1
31/07/2014
13:13:12
User
Mouse
click
%)(10011 / 2isuali3ador de 'otos do
4i"do!s
ctive !i"do! : %)(10011 / 2isuali3ador de 'otos do 4i"do!s
Process "a#e : dllhost
Mouse clicks : 2
31/07/2014
13:13:07
User 5e6strokes
4i"do!s
31/07/2014
13:13:0+
User 5e6strokes
%)(1001+ / 2isuali3ador de 'otos do
4i"do!s
ctive !i"do! : %)(1001+ / 2isuali3ador de 'otos do 4i"do!s
31/07/2014
13:13:04
User 5e6strokes
4i"do!s
31/07/2014
13:13:03
User 5e6strokes
4i"do!s
31/07/2014
13:13:02
User 5e6strokes
4i"do!s
31/07/2014
13:13:02
User 5e6strokes
4i"do!s
31/07/2014
13:13:01
User 5e6strokes
4i"do!s
31/07/2014
13:12:$$
User 5e6strokes
4i"do!s
31/07/2014
13:12:43
User 5e6strokes
4i"do!s
31/07/2014
13:12:39
User Processes %earchProtocol&ost.exe Process stopped
31/07/2014
13:12:34
User Processes 7o89eporter.exe Process stopped
31/07/2014
13:12:34
31/07/2014
13:12:32
User Processes lo8reporter Process started
31/07/2014
13:12:21
User 5e6strokes
4i"do!s
31/07/2014
13:12:1+
User 5e6strokes
4i"do!s
31/07/2014
13:12:13
User
Mouse
click
4i"do!s
Mouse clicks : 1
31/07/2014
13:12:01
User 5e6strokes
4i"do!s
31/07/2014
13:12:0$
User
Mouse
click
4i"do!s
Mouse clicks : 1
31/07/2014
13:11:$7
User 5e6strokes
%)(1031$ / 2isuali3ador de 'otos do
4i"do!s
ctive !i"do! : %)(1031$ / 2isuali3ador de 'otos do 4i"do!s
31/07/2014
13:11:4$
User
Mouse
click
%)(1031$ / 2isuali3ador de 'otos do
4i"do!s
ctive !i"do! : %)(1031$ / 2isuali3ador de 'otos do 4i"do!s
Mouse clicks : 1
31/07/2014
13:11:37
User 5e6strokes
4i"do!s
31/07/2014
13:11:36
User Keystrokes
SDC10313 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC10313 - Visualizador de Fotos do i!do"s
&ro$ess !a'e : dll(ost
31/07/2014
13:11:34
User
)ouse
$li$k
i!do"s
)ouse $li$ks : 1
31/07/2014
13:11:27
User &ro$esses sear$(*ilter(ost &ro$ess started
31/07/2014
13:11:27
User &ro$esses sear$(+roto$ol(ost &ro$ess started
31/07/2014
13:11:26
User Keystrokes
i!do"s
31/07/2014
13:11:21
User Keystrokes
i!do"s
31/07/2014
13:11:20
User Keystrokes
i!do"s
31/07/2014
13:11:16
User Keystrokes
i!do"s
31/07/2014
13:11:14
User Keystrokes
i!do"s
31/07/2014
13:11:0,
User Keystrokes
i!do"s
31/07/2014
13:11:0-
User Keystrokes
i!do"s
31/07/2014
13:11:02
User Keystrokes
SDC1030, - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC1030, - Visualizador de Fotos do i!do"s
31/07/2014
13:10:-0
User Keystrokes
SDC1030. - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC1030. - Visualizador de Fotos do i!do"s
31/07/2014
13:10:46
User &ro$esses audiod/ &ro$ess started
31/07/2014
13:10:44
User Keystrokes
i!do"s
31/07/2014
13:10:43
User Keystrokes
i!do"s
31/07/2014
13:10:42
User Keystrokes
SDC1030- - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC1030- - Visualizador de Fotos do i!do"s
31/07/2014
13:10:3.
User Keystrokes
i!do"s
31/07/2014
13:10:34
User Keystrokes
i!do"s
31/07/2014
13:10:2.
User
)ouse
$li$k
i!do"s
)ouse $li$ks : 1
31/07/2014
13:10:23
User Keystrokes
i!do"s
31/07/2014
13:10:1-
User
)ouse
$li$k
i!do"s
)ouse $li$ks : 1
31/07/2014
13:10:11
User Keystrokes
i!do"s
31/07/2014
13:10:10
User Keystrokes
i!do"s
31/07/2014
13:10:0,
User Keystrokes
SDC102,, - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102,, - Visualizador de Fotos do i!do"s
31/07/2014
13:0,:-,
User Keystrokes 01$luir #r2ui%o
#$ti%e "i!do" : 01$luir #r2ui%o
31/07/2014
13:0,:4,
User Keystrokes
i!do"s
31/07/2014
13:0,:4.
User Keystrokes
SDC102.- - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102.- - Visualizador de Fotos do i!do"s
31/07/2014
13:0,:4.
31/07/2014
13:0,:4-
User Keystrokes
SDC102.4 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102.4 - Visualizador de Fotos do i!do"s
31/07/2014
13:0,:4-
31/07/2014
13:0,:43
31/07/2014
13:0,:42
User Keystrokes
i!do"s
31/07/2014
13:0,:40
User Keystrokes
i!do"s
31/07/2014
13:0,:3.
User Keystrokes
i!do"s
31/07/2014
13:0,:34
31/07/2014
13:0,:31
User Keystrokes
i!do"s
31/07/2014
13:0,:2,
User Keystrokes
i!do"s
31/07/2014
13:0,:2.
31/07/2014
13:0,:26
User Keystrokes
i!do"s
31/07/2014
13:0,:23
User Keystrokes
i!do"s
31/07/2014
13:0,:23
31/07/2014
13:0,:1.
User Keystrokes
i!do"s
31/07/2014
13:0,:1.
31/07/2014
13:0,:14
User Keystrokes
i!do"s
31/07/2014
13:0,:13
User Keystrokes
i!do"s
31/07/2014
13:0,:11
User Keystrokes
i!do"s
31/07/2014
13:0,:10
User Keystrokes
i!do"s
31/07/2014
13:0,:0,
User Keystrokes
i!do"s
31/07/2014
13:0,:0.
User Keystrokes
i!do"s
31/07/2014
13:0,:07
User Keystrokes
i!do"s
31/07/2014
13:0,:06
User Keystrokes
SDC102-, - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102-, - Visualizador de Fotos do i!do"s
31/07/2014
13:0,:0-
User Keystrokes
SDC102-. - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102-. - Visualizador de Fotos do i!do"s
31/07/2014
13:0,:01
User Keystrokes
SDC102-7 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102-7 - Visualizador de Fotos do i!do"s
31/07/2014
13:0,:00
User Keystrokes
i!do"s
31/07/2014
13:0.:-,
User Keystrokes
SDC102-- - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC102-- - Visualizador de Fotos do i!do"s
31/07/2014
13:0.:-7
User Keystrokes
i!do"s
31/07/2014
13:0.:-2
User Keystrokes
i!do"s
31/07/2014
13:0.:-1
User Keystrokes
i!do"s
31/07/2014
13:0.:4,
User Keystrokes
i!do"s
31/07/2014
13:0.:47
User Keystrokes
i!do"s
31/07/2014
13:0.:46
User Keystrokes
i!do"s
31/07/2014
13:0.:46
User Keystrokes
i!do"s
31/07/2014
13:0.:4-
User Keystrokes
i!do"s
31/07/2014
13:0.:44
User Keystrokes
i!do"s
31/07/2014
13:0.:42
User Keystrokes
i!do"s
31/07/2014
13:0.:41
User Keystrokes
i!do"s
31/07/2014
13:0.:3,
User Keystrokes
i!do"s
31/07/2014
13:0.:37
User Keystrokes
i!do"s
31/07/2014
13:0.:3-
User Keystrokes
i!do"s
31/07/2014
13:0.:33
User Keystrokes
i!do"s
31/07/2014
13:0.:32
User Keystrokes
i!do"s
31/07/2014
13:0.:2,
User Keystrokes
i!do"s
31/07/2014
13:0.:27
User Keystrokes
i!do"s
31/07/2014
13:0.:24
User
)ouse
$li$k
U!k!o"! #++li$atio!
#$ti%e "i!do" : U!k!o"! #++li$atio!
)ouse $li$ks : 2
31/07/2014
13:0.:07
User
)ouse
$li$k
i!do"s
)ouse $li$ks : 14
31/07/2014
13:0.:06
User &ro$esses audiod/3e1e &ro$ess sto++ed
31/07/2014
13:0.:04
User
)ouse
$li$k
U!k!o"! #++li$atio!
#$ti%e "i!do" : U!k!o"! #++li$atio!
)ouse $li$ks : 1
31/07/2014
13:0.:03
User
)ouse
$li$k
i!do"s
)ouse $li$ks : 1
31/07/2014
13:07:-7
User Keystrokes
i!do"s
31/07/2014
13:07:--
User Keystrokes
i!do"s
31/07/2014
13:07:4,
User Keystrokes
i!do"s
31/07/2014
13:07:4,
User Keystrokes
i!do"s
31/07/2014
13:07:46
User Keystrokes
i!do"s
31/07/2014
13:07:4-
User Keystrokes
i!do"s
31/07/2014
13:07:42
User Keystrokes
i!do"s
31/07/2014
13:07:41
User Keystrokes
i!do"s
31/07/2014
13:07:40
User Keystrokes
i!do"s
31/07/2014
13:07:3,
User Keystrokes
i!do"s
31/07/2014
13:07:3.
User Keystrokes
i!do"s
31/07/2014
13:07:37
User Keystrokes
i!do"s
31/07/2014
13:07:3-
User Keystrokes
i!do"s
31/07/2014
13:07:27
User Keystrokes
i!do"s
31/07/2014
13:07:04
User Keystrokes
SDC101,4 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101,4 - Visualizador de Fotos do i!do"s
31/07/2014
13:06:-2
User Keystrokes
i!do"s
31/07/2014
13:06:4,
User Keystrokes
i!do"s
31/07/2014
13:06:43
User Keystrokes
SDC101., - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101., - Visualizador de Fotos do i!do"s
31/07/2014
13:06:42
User Keystrokes
i!do"s
31/07/2014
13:06:40
User Keystrokes
i!do"s
31/07/2014
13:06:22
User Keystrokes
i!do"s
31/07/2014
13:06:1.
User Keystrokes
i!do"s
31/07/2014
13:06:0.
User Keystrokes
i!do"s
31/07/2014
13:06:02
User Keystrokes
i!do"s
31/07/2014
13:06:01
User Keystrokes
i!do"s
31/07/2014
13:0-:-1
User Keystrokes
i!do"s
31/07/2014
13:0-:4,
User Keystrokes
i!do"s
31/07/2014
13:0-:42
User Keystrokes
i!do"s
31/07/2014
13:0-:37
User Keystrokes
i!do"s
31/07/2014
13:0-:36
User Keystrokes
i!do"s
31/07/2014
13:0-:32
User Keystrokes
i!do"s
31/07/2014
13:0-:30
User Keystrokes
i!do"s
31/07/2014
13:0-:2.
User Keystrokes
i!do"s
31/07/2014
13:0-:26
User Keystrokes
i!do"s
31/07/2014
13:0-:17
User Keystrokes
i!do"s
31/07/2014
13:0-:16
User Keystrokes
i!do"s
31/07/2014
13:0-:1-
User Keystrokes
SDC100,. - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC100,. - Visualizador de Fotos do i!do"s
31/07/2014
13:0-:14
User Keystrokes
i!do"s
31/07/2014
13:0-:13
User Keystrokes
SDC100,- - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC100,- - Visualizador de Fotos do i!do"s
31/07/2014
13:0-:12
User Keystrokes
i!do"s
31/07/2014
13:0-:10
User Keystrokes
i!do"s
31/07/2014
13:0-:0,
User Keystrokes
i!do"s
31/07/2014
13:0-:03
User Keystrokes
i!do"s
31/07/2014
13:0-:02
User Keystrokes
i!do"s
31/07/2014
13:0-:01
User Keystrokes
i!do"s
31/07/2014
13:04:-,
User Keystrokes
i!do"s
31/07/2014
13:04:-.
User Keystrokes
i!do"s
31/07/2014
13:04:--
User Keystrokes
i!do"s
31/07/2014
13:04:-4
User Keystrokes
i!do"s
31/07/2014
13:04:-2
User Keystrokes
i!do"s
31/07/2014
13:04:44
User Keystrokes
i!do"s
31/07/2014
13:04:37
User Keystrokes
i!do"s
31/07/2014
13:04:36
User Keystrokes
i!do"s
31/07/2014
13:04:01
User Keystrokes
i!do"s
31/07/2014
13:03:4-
User Keystrokes
i!do"s
31/07/2014
13:03:44
User Keystrokes
i!do"s
31/07/2014
13:03:43
User Keystrokes
i!do"s
31/07/2014
13:03:43 User &ro$esses Sear$(&roto$ol4ost3e1e &ro$ess sto++ed
31/07/2014
13:03:43
User &ro$esses Sear$(Filter4ost3e1e &ro$ess sto++ed
31/07/2014
13:03:42
User Keystrokes
i!do"s
31/07/2014
13:03:41
User Keystrokes
i!do"s
31/07/2014
13:03:40
User Keystrokes
SDC100-. - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC100-. - Visualizador de Fotos do i!do"s
31/07/2014
13:03:3,
User Keystrokes
i!do"s
31/07/2014
13:03:3.
User Keystrokes
i!do"s
31/07/2014
13:03:37
User Keystrokes
i!do"s
31/07/2014
13:03:36
User Keystrokes
i!do"s
31/07/2014
13:03:3-
User Keystrokes
i!do"s
31/07/2014
13:03:33
User Keystrokes
i!do"s
31/07/2014
13:03:31
User Keystrokes
i!do"s
31/07/2014
13:03:30
User Keystrokes
i!do"s
31/07/2014
13:03:2.
User Keystrokes
i!do"s
31/07/2014
13:03:27
User Keystrokes
i!do"s
31/07/2014
13:03:26
User Keystrokes
i!do"s
31/07/2014
13:03:2-
User Keystrokes
i!do"s
31/07/2014
13:03:24
User Keystrokes
i!do"s
31/07/2014
13:03:23
User Keystrokes
i!do"s
31/07/2014
13:03:22
User Keystrokes
i!do"s
31/07/2014
13:03:21
User Keystrokes
i!do"s
31/07/2014
13:03:20
User Keystrokes
i!do"s
31/07/2014
13:03:1.
User Keystrokes
i!do"s
31/07/2014
13:03:17
User Keystrokes
i!do"s
31/07/2014
13:03:16
User Keystrokes
i!do"s
31/07/2014
13:03:16
User &ro$esses dll(ost3e1e &ro$ess sto++ed
31/07/2014
13:03:1-
User Keystrokes
i!do"s
31/07/2014
13:03:14
User Keystrokes
i!do"s
31/07/2014
13:03:13
User Keystrokes
i!do"s
31/07/2014
13:03:11
User Keystrokes
i!do"s
31/07/2014
13:03:10
User Keystrokes
i!do"s
31/07/2014
13:03:0,
User &ro$esses dll(ost &ro$ess started
31/07/2014
13:03:0,
User &ro$esses dll(ost &ro$ess started
31/07/2014
13:03:07
User &ro$esses dll(ost3e1e &ro$ess sto++ed
31/07/2014
13:03:07
User
)ouse
$li$k
10-SSC#)
#$ti%e "i!do" : 10-SSC#)
&ro$ess !a'e : e1+lorer
)ouse $li$ks : 2
31/07/2014
13:03:04
User
)ouse
$li$k
DC5)
#$ti%e "i!do" : DC5)
)ouse $li$ks : 2
31/07/2014
13:03:02
User
)ouse
$li$k
102SSC#)
#$ti%e "i!do" : 102SSC#)
)ouse $li$ks : 1
31/07/2014
13:02:-6
User
)ouse
$li$k
i!do"s
)ouse $li$ks : 2
31/07/2014
13:02:-0
User Keystrokes
i!do"s
31/07/2014
13:02:4,
User Keystrokes
i!do"s
31/07/2014
13:02:4,
User Keystrokes
i!do"s
31/07/2014
13:02:4.
User Keystrokes
i!do"s
31/07/2014
13:02:47
User Keystrokes
i!do"s
31/07/2014
13:02:46
User Keystrokes
i!do"s
31/07/2014
13:02:4-
User Keystrokes
i!do"s
31/07/2014
13:02:44
User Keystrokes
i!do"s
31/07/2014
13:02:43
User Keystrokes
SDC1042) - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC1042) - Visualizador de Fotos do i!do"s
31/07/2014
13:02:41
User Keystrokes
SDC1042* - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC1042* - Visualizador de Fotos do i!do"s
31/07/2014
13:02:3)
User Keystrokes
i!do"s
31/07/2014
13:02:3*
User Keystrokes
SDC1042+ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC1042+ - Visualizador de Fotos do i!do"s
31/07/2014
13:02:37
User Keystrokes
i!do"s
31/07/2014
13:02:3+
User Keystrokes
i!do"s
31/07/2014
13:02:35
User Keystrokes
i!do"s
31/07/2014
13:02:34
User &ro$esses U,dater-e.e &ro$ess sto,,ed
31/07/2014
13:02:33
User Keystrokes
i!do"s
31/07/2014
13:02:32
User Keystrokes
i!do"s
31/07/2014
13:02:31
User Keystrokes
i!do"s
31/07/2014
13:02:31
User &ro$esses sear$(,roto$ol(ost &ro$ess started
31/07/2014
13:02:31
User &ro$esses u,dater &ro$ess started
31/07/2014
13:02:31
User &ro$esses sear$(/ilter(ost &ro$ess started
31/07/2014
13:02:30
User Keystrokes
i!do"s
31/07/2014
13:02:2)
User Keystrokes
i!do"s
31/07/2014
13:02:2*
User Keystrokes
i!do"s
31/07/2014
13:02:2+
User Keystrokes
i!do"s
31/07/2014
13:02:25
User Keystrokes
i!do"s
31/07/2014
13:02:25
User Keystrokes
i!do"s
31/07/2014
13:02:24
User Keystrokes
i!do"s
31/07/2014
13:02:23
User Keystrokes
i!do"s
31/07/2014
13:02:20
User Keystrokes
SDC103)) - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103)) - Visualizador de Fotos do i!do"s
31/07/2014
13:02:1)
User Keystrokes
SDC103)* - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103)* - Visualizador de Fotos do i!do"s
31/07/2014
13:02:17
User Keystrokes
SDC103)7 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103)7 - Visualizador de Fotos do i!do"s
31/07/2014
13:02:1+
User Keystrokes
SDC103)+ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103)+ - Visualizador de Fotos do i!do"s
31/07/2014
13:02:15
User Keystrokes
i!do"s
31/07/2014
13:02:04
User Keystrokes
i!do"s
31/07/2014
13:02:03
User Keystrokes
i!do"s
31/07/2014
13:02:01
User Keystrokes
i!do"s
31/07/2014
13:02:00
User Keystrokes
i!do"s
31/07/2014
13:01:52
User Keystrokes
SDC103*) - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103*) - Visualizador de Fotos do i!do"s
31/07/2014
13:01:51
User Keystrokes
SDC103** - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103** - Visualizador de Fotos do i!do"s
31/07/2014
13:01:4*
User Keystrokes
SDC103*7 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103*7 - Visualizador de Fotos do i!do"s
31/07/2014
13:01:47
User Keystrokes
SDC103*+ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103*+ - Visualizador de Fotos do i!do"s
31/07/2014
13:01:4+
User Keystrokes
i!do"s
31/07/2014
13:01:33
User Keystrokes
i!do"s
31/07/2014
13:01:32
User Keystrokes
i!do"s
31/07/2014
13:01:31
User Keystrokes
i!do"s
31/07/2014
13:01:30
User Keystrokes
i!do"s
31/07/2014
13:01:2*
User Keystrokes
i!do"s
31/07/2014
13:01:27
User Keystrokes
i!do"s
31/07/2014
13:01:2+
User Keystrokes
i!do"s
31/07/2014
13:01:25
User Keystrokes
i!do"s
31/07/2014
13:01:24
User Keystrokes
i!do"s
31/07/2014 SDC10372 - Visualizador de Fotos do #$ti%e "i!do" : SDC10372 - Visualizador de Fotos do i!do"s
13:01:22 User Keystrokes i!do"s &ro$ess !a'e : dll(ost
31/07/2014
13:01:22
User Keystrokes
i!do"s
31/07/2014
13:01:21
User Keystrokes
i!do"s
31/07/2014
13:01:20
User Keystrokes
SDC103+) - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103+) - Visualizador de Fotos do i!do"s
31/07/2014
13:01:1*
User Keystrokes
SDC103+7 - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103+7 - Visualizador de Fotos do i!do"s
31/07/2014
13:01:17
User Keystrokes
SDC103++ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103++ - Visualizador de Fotos do i!do"s
31/07/2014
13:01:15
User Keystrokes
i!do"s
31/07/2014
13:01:13
User Keystrokes
SDC103++ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC103++ - Visualizador de Fotos do i!do"s
31/07/2014
13:01:12
User Keystrokes
i!do"s
31/07/2014
13:01:0)
User Keystrokes
i!do"s
31/07/2014
13:01:0*
User Keystrokes
i!do"s
31/07/2014
13:01:07
User Keystrokes
i!do"s
31/07/2014
13:01:0+
User Keystrokes
i!do"s
31/07/2014
13:01:05
User Keystrokes
i!do"s
31/07/2014
13:01:04
User Keystrokes
i!do"s
31/07/2014
13:01:03
User Keystrokes
i!do"s
31/07/2014
13:01:01
User Keystrokes
i!do"s
31/07/2014
13:01:00
User Keystrokes
i!do"s
31/07/2014
13:00:5)
User Keystrokes
i!do"s
31/07/2014
13:00:5*
User Keystrokes
i!do"s
31/07/2014
13:00:57
User Keystrokes
i!do"s
31/07/2014
13:00:5+
User Keystrokes
i!do"s
31/07/2014
13:00:5+
User Keystrokes
i!do"s
31/07/2014
13:00:55
User Keystrokes
i!do"s
31/07/2014
13:00:53
User Keystrokes
i!do"s
31/07/2014
13:00:52
User Keystrokes
i!do"s
31/07/2014
13:00:51
User Keystrokes
i!do"s
31/07/2014
13:00:50
User Keystrokes
i!do"s
31/07/2014
13:00:4*
User Keystrokes
i!do"s
31/07/2014
13:00:4+
User Keystrokes
i!do"s
31/07/2014
13:00:44
User Keystrokes
i!do"s
31/07/2014
13:00:34
User Keystrokes
i!do"s
31/07/2014
13:00:33
User Keystrokes
i!do"s
31/07/2014
13:00:32
User Keystrokes
i!do"s
31/07/2014
13:00:31
User Keystrokes
i!do"s
31/07/2014
13:00:30
User Keystrokes
i!do"s
31/07/2014
13:00:2)
User Keystrokes
i!do"s
31/07/2014
13:00:2*
User Keystrokes
i!do"s
31/07/2014
13:00:27
User Keystrokes
i!do"s
31/07/2014
13:00:2+
User Keystrokes
i!do"s
31/07/2014
13:00:25
User Keystrokes
i!do"s
31/07/2014
13:00:23
User Keystrokes
i!do"s
31/07/2014
13:00:22
User Keystrokes
i!do"s
31/07/2014
13:00:21
User Keystrokes
i!do"s
31/07/2014
13:00:20
User Keystrokes
i!do"s
31/07/2014
13:00:1)
User Keystrokes
i!do"s
31/07/2014
13:00:1*
User Keystrokes
i!do"s
31/07/2014
13:00:17
User Keystrokes
i!do"s
31/07/2014
13:00:1+
User Keystrokes
i!do"s
31/07/2014
13:00:15
User Keystrokes
i!do"s
31/07/2014
13:00:14
User Keystrokes
i!do"s
31/07/2014
13:00:13
User Keystrokes
i!do"s
31/07/2014
13:00:12
User Keystrokes
i!do"s
31/07/2014
13:00:11
User Keystrokes
i!do"s
31/07/2014
13:00:0)
User Keystrokes
i!do"s
31/07/2014
13:00:0*
User Keystrokes
i!do"s
31/07/2014
13:00:07
User Keystrokes
i!do"s
31/07/2014
13:00:0+
User Keystrokes
SDC101)) - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101)) - Visualizador de Fotos do i!do"s
31/07/2014
13:00:05
User Keystrokes
SDC101)* - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101)* - Visualizador de Fotos do i!do"s
31/07/2014
13:00:04
User Keystrokes
i!do"s
31/07/2014
13:00:03
User Keystrokes
SDC101)+ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101)+ - Visualizador de Fotos do i!do"s
31/07/2014
13:00:02
User Keystrokes
i!do"s
31/07/2014
13:00:01
User Keystrokes
i!do"s
31/07/2014
13:00:00
User Keystrokes
i!do"s
31/07/2014
12:5):5*
User Keystrokes
i!do"s
31/07/2014
12:5):57
User Keystrokes
i!do"s
31/07/2014
12:5):5+
User Keystrokes
SDC101*) - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101*) - Visualizador de Fotos do i!do"s
31/07/2014
12:5):55
User Keystrokes
SDC101** - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101** - Visualizador de Fotos do i!do"s
31/07/2014
12:5):54
User Keystrokes
i!do"s
31/07/2014
12:5):53
User Keystrokes
SDC101*+ - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101*+ - Visualizador de Fotos do i!do"s
31/07/2014
12:5):52
User Keystrokes
i!do"s
31/07/2014
12:5):51
User Keystrokes
i!do"s
31/07/2014
12:5):50
User Keystrokes
i!do"s
31/07/2014
12:5):4)
User Keystrokes
i!do"s
31/07/2014
12:5):47
User Keystrokes
i!do"s
31/07/2014
12:5):4+
User Keystrokes
i!do"s
31/07/2014
12:5):44
User Keystrokes
i!do"s
31/07/2014
12:5):43
User Keystrokes
i!do"s
31/07/2014
12:5):42
User Keystrokes
i!do"s
31/07/2014
12:5):41
User Keystrokes
i!do"s
31/07/2014
12:5):40
User Keystrokes
i!do"s
31/07/2014
12:5):3)
User Keystrokes
i!do"s
31/07/2014
12:5):3*
User Keystrokes
SDC101+* - Visualizador de Fotos do
i!do"s
#$ti%e "i!do" : SDC101+* - Visualizador de Fotos do i!do"s
31/07/2014
12:5):37
User Keystrokes
i!do"s
31/07/2014
12:5):3+
User Keystrokes
i!do"s
31/07/2014
12:5):35
User Keystrokes
i!do"s
31/07/2014
12:5):34
User Keystrokes
i!do"s
31/07/2014
12:5):33
User Keystrokes
i!do"s
31/07/2014
12:5):31
User Keystrokes
i!do"s
31/07/2014
12:5):30
User Keystrokes
i!do"s
31/07/2014
12:5):2*
User Keystrokes
i!do"s
31/07/2014
12:5):25
User Keystrokes
i!do"s
31/07/2014
12:5):24
User Keystrokes
i!do"s
31/07/2014 SDC10123 - Visualizador de Fotos do #$ti%e "i!do" : SDC10123 - Visualizador de Fotos do i!do"s
12:59:22 User Keystrokes Windows Process name : dllhost
31/07/2014
12:59:21
User Keystrokes
!"10120 # $is%ali&ador de 'otos do
Windows
(cti)e window : !"10120 # $is%ali&ador de 'otos do Windows
31/07/2014
12:59:20
User Keystrokes
Windows
31/07/2014
12:59:19
User Keystrokes
!"1011* # $is%ali&ador de 'otos do
Windows
(cti)e window : !"1011* # $is%ali&ador de 'otos do Windows
31/07/2014
12:59:1*
User Keystrokes
Windows
31/07/2014
12:59:17
User Keystrokes
!"1011+ # $is%ali&ador de 'otos do
Windows
(cti)e window : !"1011+ # $is%ali&ador de 'otos do Windows
31/07/2014
12:59:1+
User Keystrokes
Windows
31/07/2014
12:59:15
User Keystrokes
Windows
31/07/2014
12:59:14
User Keystrokes
Windows
31/07/2014
12:59:12
User Keystrokes
Windows
31/07/2014
12:59:11
User Keystrokes
Windows
31/07/2014
12:59:09
User Keystrokes
Windows
31/07/2014
12:59:0*
User Keystrokes
Windows
31/07/2014
12:59:07
User Keystrokes
Windows
31/07/2014
12:59:0+
User Keystrokes
!"100*+ # $is%ali&ador de 'otos do
Windows
(cti)e window : !"100*+ # $is%ali&ador de 'otos do Windows
31/07/2014
12:59:04
User Keystrokes
Windows
31/07/2014
12:59:03
User Keystrokes
Windows
31/07/2014
12:59:02
User Keystrokes
Windows
31/07/2014
12:59:01
User Keystrokes
Windows
31/07/2014
12:59:00
User Keystrokes
Windows
31/07/2014
12:5*:59
User Keystrokes
!"100+7 # $is%ali&ador de 'otos do
Windows
(cti)e window : !"100+7 # $is%ali&ador de 'otos do Windows
31/07/2014
12:5*:5*
User Keystrokes
Windows
31/07/2014
12:5*:57
User Keystrokes
Windows
31/07/2014
12:5*:5+
User Keystrokes
Windows
31/07/2014
12:5*:55
User Keystrokes
Windows
31/07/2014
12:5*:52
User Keystrokes
Windows
31/07/2014
12:5*:51
User Keystrokes
!"1001* # $is%ali&ador de 'otos do
Windows
(cti)e window : !"1001* # $is%ali&ador de 'otos do Windows
31/07/2014
12:5*:50
User Keystrokes
Windows
31/07/2014
12:5*:44
User Keystrokes
Windows
31/07/2014
12:5*:41
User Keystrokes
Windows
31/07/2014
12:5*:39
User Keystrokes
Windows
31/07/2014
12:5*:37
User Keystrokes
Windows
31/07/2014
12:5*:3+
User Keystrokes
Windows
31/07/2014
12:5*:35
User Keystrokes
Windows
31/07/2014
12:5*:34
User Keystrokes
Windows
31/07/2014
12:5*:32
User Keystrokes
Windows
31/07/2014
12:5*:31
User Keystrokes
Windows
31/07/2014
12:5*:30
User Keystrokes
Windows
31/07/2014
12:5*:2+
31/07/2014
12:5*:25
User
,o%se
click
102"(,
(cti)e window : 102"(,
Process name : e-.lorer
,o%se clicks : 2
31/07/2014
12:5*:23
User
,o%se
click
!"/,
(cti)e window : !"/,
,o%se clicks : 2
31/07/2014
12:5*:1*
User
,o%se
click
! "ard 01:2
(cti)e window : ! "ard 01:2
,o%se clicks : 2
31/07/2014
12:5*:13
User
,o%se
click
"om.%tador
(cti)e window : "om.%tador
,o%se clicks : 1
31/07/2014
12:57:47
User
,o%se
click
Pro3ram ,ana3er
(cti)e window : Pro3ram ,ana3er
,o%se clicks : 2
31/07/2014
12:57:32
User
,o%se
click
Unknown (..lication (cti)e window : Unknown (..lication
Mouse clicks : 6
31/07/2014
12:57:21
User
Mouse
click
Computador
Active widow : Computador
!rocess ame : e"plorer
Mouse clicks : 1
31/07/2014
12:56:44
User !rocesses dll#ost$e"e !rocess stopped
31/07/2014
12:56:37
User !rocesses dll#ost !rocess started
31/07/2014
12:56:26
User !rocesses plu%i&cotaier$e"e !rocess stopped
31/07/2014
12:56:26
User !rocesses 'las#!la(er!lu%i)14)0)0)145$e"e !rocess stopped
31/07/2014
12:56:26
User !rocesses *ire*o"$e"e !rocess stopped
31/07/2014
12:56:26
User !rocesses 'las#!la(er!lu%i)14)0)0)145$e"e !rocess stopped
31/07/2014
12:56:25
User
Mouse
click
+isco remov,vel -.:/
Active widow : +isco remov,vel -.:/
Mouse clicks : 1
31/07/2014
12:56:25
User
Mouse
click
!ro%ram Maa%er
Active widow : !ro%ram Maa%er
Mouse clicks : 5
31/07/2014
12:55:53
User !rocesses 0earc#'ilter1ost$e"e !rocess stopped
31/07/2014
12:55:53
User !rocesses 0earc#!rotocol1ost$e"e !rocess stopped
31/07/2014
12:55:10
User !rocesses Updater$e"e !rocess stopped
31/07/2014
12:54:42
User !rocesses searc#*ilter#ost !rocess started
31/07/2014
12:54:42
User !rocesses updater !rocess started
31/07/2014
12:54:42
User !rocesses searc#protocol#ost !rocess started
31/07/2014
12:53:52
User !rocesses audiod% !rocess started
31/07/2014
12:53:36
31/07/2014
12:53:36
31/07/2014
12:52:31
User !rocesses searc#protocol#ost !rocess started
31/07/2014
12:52:31
User !rocesses searc#*ilter#ost !rocess started
31/07/2014
12:42:43
User !rocesses *las#pla(erplu%i)14)0)0)145 !rocess started
31/07/2014
12:42:43
User !rocesses *las#pla(erplu%i)14)0)0)145 !rocess started
31/07/2014
12:42:41
User !rocesses plu%i&cotaier !rocess started
31/07/2014
12:42:14
User !rocesses audiod%$e"e !rocess stopped
31/07/2014
12:47:53
User
Mouse
click
Cara3i & 4 Mostro do 5scuro &
6edas a .teret & Mo3illa
'ire*o"
7e8pa%e : #ttp://ledasaiteret$8lo%spot$com$8r/2012/11/cara3i$#tml
Active widow : Cara3i & 4 Mostro do 5scuro & 6edas a .teret & Mo3illa 'ire*o"
!rocess ame : *ire*o"
Mouse clicks : 7
31/07/2014
12:47:52
User
Mouse
click
Ukow Applicatio
Active widow : Ukow Applicatio
!rocess ame : 8avtra(
Mouse clicks : 1
31/07/2014
12:47:42
User
Mouse
click
'ire*o"
Mouse clicks : 1
31/07/2014
12:46:35
User 9e(strokes
'ire*o"
31/07/2014
12:45:06
31/07/2014
12:45:01
User !rocesses dll#ost !rocess started
31/07/2014
12:44:54
User
Mouse
click
cara3i & !es:uisa ;oo%le & Mo3illa
'ire*o"
7e8pa%e : #ttps://www$%oo%le$com$8r/<%ws)rd=ssl>:=cara3i
Active widow : cara3i & !es:uisa ;oo%le & Mo3illa 'ire*o"
Mouse clicks : 1
31/07/2014
12:44:34
31/07/2014
12:44:34
31/07/2014
12:44:23
User 9e(strokes ;oo%le & Mo3illa 'ire*o"
7e8pa%e : #ttps://www$%oo%le$com$8r/<%ws)rd=ssl
Active widow : ;oo%le & Mo3illa 'ire*o"
9e(strokes : cara3i
31/07/2014
12:44:22
User
Mouse
click
;oo%le & Mo3illa 'ire*o"
7e8pa%e : #ttps://www$%oo%le$com$8r/<%ws)rd=ssl
Active widow : ;oo%le & Mo3illa 'ire*o"
Mouse clicks : 1
31/07/2014
12:44:11
User !rocesses liveupdate$e"e !rocess stopped
31/07/2014
12:44:01
User 9e(strokes Mo3illa 'ire*o"
7e8pa%e : a8out:8lak
Active widow : Mo3illa 'ire*o"
9e(strokes : ,?
31/07/2014
12:43:54
User
Mouse
click
Mo3illa 'ire*o"
7e8pa%e : a8out:8lak
Active widow : Mo3illa 'ire*o"
Mouse clicks : 1
31/07/2014
12:43:50
31/07/2014
12:43:45
31/07/2014
12:43:43
31/07/2014
12:43:40
31/07/2014
12:43:38
User Processes firefox Process started
31/07/2014
12:43:36
User
Mose
clic!
Pro"ra# Ma$a"er
%ctive &i$do& : Pro"ra# Ma$a"er
Process $a#e : explorer
Mose clic!s : 1
31/07/2014
12:43:35
31/07/2014
12:43:26
User Processes livepdate Process started
31/07/2014
12:43:26
User
Mose
clic!
'ie& %vaila(le )et&or!s
%ctive &i$do& : 'ie& %vaila(le )et&or!s
Mose clic!s : 2
31/07/2014
12:43:24
User
Mose
clic!
U$!$o&$ %pplicatio$
%ctive &i$do& : U$!$o&$ %pplicatio$
Process $a#e : (avtra*
Mose clic!s : 1
31/07/2014
12:43:20
User
Mose
clic!
+ere$ciador de ,arefas
%ctive &i$do& : +ere$ciador de ,arefas
Process $a#e : avp
Mose clic!s : 2
31/07/2014
12:43:14
User Processes -./0elper.exe Process stopped
31/07/2014
12:43:12
User
Mose
clic!
1 local $23o est24 dispo$2vel
%ctive &i$do& : 1 local $23o est24 dispo$2vel
Mose clic!s : 1
31/07/2014
12:43:11
User Processes dcshelper Process started
31/07/2014
12:43:10
User
Mose
clic!
%cesso )e"ado ao %r5ivo
%ctive &i$do& : %cesso )e"ado ao %r5ivo
Mose clic!s : 1
31/07/2014
12:43:00
User Processes livepdate.exe Process stopped
31/07/2014
12:42:54
User Processes adiod" Process started
31/07/2014
12:42:51
User Processes .MUpdater.exe Process stopped
31/07/2014
12:42:51
User Processes 'ivo 3+.exe Process stopped
31/07/2014
12:42:46
User
Mose
clic!
Messa"e7ox
%ctive &i$do& : Messa"e7ox
Process $a#e : vivo 3"
Mose clic!s : 1
31/07/2014
12:42:47
31/07/2014
12:42:47
User
Mose
clic!
Pro"ra# Ma$a"er
Mose clic!s : 1
31/07/2014
12:42:46
User
Mose
clic!
Mose clic!s : 1
31/07/2014
12:42:45
User Processes e8ectdis!.exe Process stopped
31/07/2014
12:42:44
User
Mose
clic!
U$!$o&$ %pplicatio$
%ctive &i$do& : U$!$o&$ %pplicatio$
Mose clic!s : 1
31/07/2014
12:42:38
User Processes livepdate.exe Process stopped
31/07/2014
12:42:36
User
Mose
clic!
Pro"ra# Ma$a"er
Mose clic!s : 1
31/07/2014
12:42:31
User
Mose
clic!
Mose clic!s : 1
31/07/2014
12:42:30
User
Mose
clic!
Pro"ra# Ma$a"er
Mose clic!s : 1
31/07/2014
12:42:28
User
Mose
clic!
Mose clic!s : 1
31/07/2014
12:42:26
User
Mose
clic!
.MUpdater
%ctive &i$do& : .MUpdater
Process $a#e : c#pdater
Mose clic!s : 1
31/07/2014
12:42:25
31/07/2014
12:42:25
User Processes c#pdater Process started
31/07/2014
12:42:25
User Processes e8ectdis! Process started
31/07/2014
12:42:22
User Processes vivo 3" Process started
31/07/2014
12:42:22
User
Mose
clic!
Pro"ra# Ma$a"er
Mose clic!s : 2
31/07/2014
12:42:13
User
Mose
clic!
Mose clic!s : 1
31/07/2014
12:42:11
User Processes 'ivo 3+.exe Process stopped
31/07/2014
12:42:11
User Processes .MUpdater.exe Process stopped
31/07/2014
12:42:11
User
Mose
clic!
60 /e"$dos resta$te9s:
%ctive &i$do& : 60 /e"$dos resta$te9s:
Mose clic!s : 1
31/07/2014
12:42:08
User
Mose
clic!
Messa"e7ox %ctive &i$do& : Messa"e7ox
Mouse clicks : 1
31/07/2014
12:42:07
User
Mouse
click
View Available Networks
Active window : View Available Networks
Mouse clicks : 1
31/07/2014
12:42:00
User Processes liveu"date#e!e Process sto""ed
31/07/2014
12:42:00
User Processes e$ectdisk#e!e Process sto""ed
31/07/2014
12:41:%7
User
Mouse
click
Unknown A""lication
Active window : Unknown A""lication
Process nae : vivo 3&
Mouse clicks : 1
31/07/2014
12:41:%4
User
Mouse
click
'MU"dater
Active window : 'MU"dater
Process nae : cu"dater
Mouse clicks : 1
31/07/2014
12:41:47
User Processes searc()ilter(ost Process started
31/07/2014
12:41:47
User Processes *earc(+ilter,ost#e!e Process sto""ed
31/07/2014
12:41:47
User Processes liveu"date Process started
31/07/2014
12:41:42
User Processes svc(ost Process started
31/07/2014
12:41:40
User Processes e$ectdisk Process started
31/07/2014
12:41:40
User Processes cu"dater Process started
31/07/2014
12:41:3-
User Processes vivo 3& Process started
31/07/2014
12:41:3-
31/07/2014
12:41:3%
User
Mouse
click
Pro&ra Mana&er
Active window : Pro&ra Mana&er
Mouse clicks : 1
31/07/2014
12:41:24
31/07/2014
12:41:24
User
Mouse
click
2 Minutos restante.s/
Active window : 2 Minutos restante.s/
Mouse clicks : 2
31/07/2014
12:41:20
User
Mouse
click
0'1M
Active window : 0'1M
Mouse clicks : 1
31/07/2014
12:41:1-
User
Mouse
click
2 Minutos e 30 *e&undos restante.s/
Active window : 2 Minutos e 30 *e&undos restante.s/
Mouse clicks : 1
31/07/2014
12:41:00
31/07/2014
12:40:47
31/07/2014
12:40:40
User Processes dll(ost#e!e Process sto""ed
31/07/2014
12:40:3-
31/07/2014
12:40:33
User Processes dll(ost Process started
31/07/2014
12:40:32
User *2ste user active User went active
31/07/2014
12:40:2%
31/07/2014
12:40:01
31/07/2014
12:33:47
31/07/2014
12:33:47
31/07/2014
12:33:33
31/07/2014
12:33:2%
31/07/2014
12:33:2%
31/07/2014
12:33:01
31/07/2014
12:3-:4-
31/07/2014
12:3-:33
31/07/2014
12:3-:24
31/07/2014
12:3-:01
31/07/2014
12:37:4-
31/07/2014
12:37:37
31/07/2014
12:37:24
31/07/2014
12:37:02
31/07/2014
12:34:4-
31/07/2014
12:34:4-
31/07/2014
12:34:4-
31/07/2014
12:34:37
31/07/2014
12:34:30
User Processes audiod&#e!e Process sto""ed
31/07/2014
12:34:24
31/07/2014
12:34:00
31/07/2014
12:3%:44
31/07/2014
12:3%:37
31/07/2014
12:3%:24
31/07/2014
12:3%:00
31/07/2014
12:34:43
31/07/2014
12:34:43
31/07/2014
12:34:43
31/07/2014
12:34:44
31/07/2014
12:34:44
31/07/2014
12:34:37
31/07/2014
12:34:24
31/07/2014
12:34:01
User *2ste user inactive User went inactive
31/07/2014
12:34:00
31/07/2014
12:33:44
31/07/2014
12:33:37
31/07/2014
12:33:24
31/07/2014
12:33:00
31/07/2014
12:32:44
31/07/2014
12:32:44
User Processes P'+Po"u"s#e!e Process sto""ed
31/07/2014
12:32:44
User Processes "c)"o"u"s Process started
31/07/2014
12:32:37
31/07/2014
12:32:24
31/07/2014
12:32:24
31/07/2014
12:32:24
31/07/2014
12:32:00
31/07/2014
12:31:47
31/07/2014
12:31:3-
31/07/2014
12:31:34
User
Mouse
click
0'1M
Active window : 0'1M
Mouse clicks : 4
31/07/2014
12:31:23
User
Mouse
click
100**'AM
Active window : 100**'AM
Mouse clicks : 1
31/07/2014
12:31:24
User
Mouse
click
0isco reov5vel .1:/
Active window : 0isco reov5vel .1:/
Mouse clicks : 1
31/07/2014
12:31:24
31/07/2014
12:31:13
User Processes audiod& Process started
31/07/2014
12:31:12
User *2ste user active User went active
31/07/2014
12:31:00
31/07/2014
12:30:47
31/07/2014
12:30:4%
User Processes audiod&#e!e Process sto""ed
31/07/2014
12:30:33
31/07/2014
12:30:2%
31/07/2014
12:30:2%
31/07/2014
12:30:23
31/07/2014
12:23:%3
31/07/2014
12:29:46
31/07/2014
12:29:40
31/07/2014
12:29:37
31/07/2014
12:29:31
31/07/2014
12:29:24
31/07/2014
12:29:00
31/07/2014
12:28:47
31/07/2014
12:28:38
31/07/2014
12:28:24
31/07/2014
12:28:01
User Sste! user i"active User #e"t i"active
31/07/2014
12:28:00
31/07/2014
12:27:47
31/07/2014
12:27:47
31/07/2014
12:27:47
User Processes Search%ilter&ost.exe Process stopped
31/07/2014
12:27:38
31/07/2014
12:27:2'
31/07/2014
12:27:00
31/07/2014
12:26:47
31/07/2014
12:26:38
31/07/2014
12:26:2'
31/07/2014
12:26:00
31/07/2014
12:2':49
31/07/2014
12:2':48
User
(ouse
clic)
*!a+es
,ctive #i"do# : *!a+es
Process "a!e : explorer
(ouse clic)s : 2
31/07/2014
12:2':47
31/07/2014
12:2':4'
31/07/2014
12:2':43
User
(ouse
clic)
-isco re!ov.vel /*:0
,ctive #i"do# : -isco re!ov.vel /*:0
(ouse clic)s : 2
31/07/2014
12:2':38
31/07/2014
12:2':27
31/07/2014
12:2':2'
31/07/2014
12:2':2'
31/07/2014
12:2':2'
31/07/2014
12:2':18
31/07/2014
12:2':16
User
(ouse
clic)
100SS1,(
,ctive #i"do# : 100SS1,(
(ouse clic)s : 3
31/07/2014
12:2':12
User 2estro)es 100SS1,(
31/07/2014
12:2':03
User Processes audiod+ Process started
31/07/2014
12:2':03
User
(ouse
clic)
-1*(
,ctive #i"do# : -1*(
(ouse clic)s : 2
31/07/2014
12:2':00
31/07/2014
12:24:'0
User
(ouse
clic)
102SS1,(
(ouse clic)s : 4
31/07/2014
12:24:47
31/07/2014
12:24:47
31/07/2014
12:24:38
31/07/2014
12:24:23
31/07/2014
12:24:18
User
(ouse
clic)
S-110231 3 4isuali5ador de %otos do
6i"do#s
,ctive #i"do# : S-110231 3 4isuali5ador de %otos do 6i"do#s
Process "a!e : dllhost
(ouse clic)s : '
31/07/2014
12:24:03
User 2estro)es
6i"do#s
31/07/2014
12:23:'9
User 2estro)es
6i"do#s
31/07/2014
12:23:'9
31/07/2014
12:23:'8
User 2estro)es
6i"do#s
31/07/2014
12:23:'6
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:23:48
User 2estro)es
6i"do#s
31/07/2014
12:23:46
31/07/2014
12:23:46
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:23:42
User 2estro)es
6i"do#s
31/07/2014
12:23:40
User 2estro)es
6i"do#s
31/07/2014
12:23:37
31/07/2014
12:23:3'
User 2estro)es
6i"do#s
31/07/2014
12:23:30
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:23:24
User 2estro)es
6i"do#s
31/07/2014
12:23:24
31/07/2014
12:23:24
31/07/2014
12:23:24
31/07/2014
12:23:22
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:23:16
User 2estro)es
6i"do#s
31/07/2014
12:23:1'
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:23:11
User 2estro)es
6i"do#s
31/07/2014
12:23:09
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:23:00
User 2estro)es
6i"do#s
31/07/2014
12:23:00
31/07/2014
12:22:'8
User 2estro)es
6i"do#s
31/07/2014
12:22:'7
User 2estro)es
S-11020' 3 4isuali5ador de %otos do
6i"do#s
,ctive #i"do# : S-11020' 3 4isuali5ador de %otos do 6i"do#s
31/07/2014
12:22:'6
User 2estro)es
6i"do#s
31/07/2014
12:22:''
User 2estro)es
6i"do#s
31/07/2014
12:22:'3
User 2estro)es
6i"do#s
31/07/2014
12:22:'1
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:22:46
31/07/2014
12:22:44
User 2estro)es
6i"do#s
31/07/2014
12:22:43
User 2estro)es
6i"do#s
31/07/2014
12:22:39
User 2estro)es
6i"do#s
31/07/2014
12:22:38
User 2estro)es
6i"do#s
31/07/2014
12:22:37
31/07/2014
12:22:36
User 2estro)es
6i"do#s
31/07/2014
12:22:33
User 2estro)es
S-11019' 3 4isuali5ador de %otos do
6i"do#s
,ctive #i"do# : S-11019' 3 4isuali5ador de %otos do 6i"do#s
31/07/2014
12:22:31
User 2estro)es
6i"do#s
31/07/2014
12:22:28
User
(ouse
clic)
6i"do#s
(ouse clic)s : 1
31/07/2014
12:22:24
31/07/2014
12:22:19
User 2estro)es
6i"do#s
31/07/2014
12:22:1'
User 2estro)es
6i"do#s
31/07/2014
12:22:10
User 2estro)es
6i"do#s
31/07/2014
User 2estro)es
S-110189 3 4isuali5ador de %otos do ,ctive #i"do# : S-110189 3 4isuali5ador de %otos do 6i"do#s
12:22:08 Windows Process name : dllhost
31/07/2014
12:22:07
User Processes audiodg.exe Process stoed
31/07/2014
12:22:0!
User "e#stro$es
%&'10188 ( )isuali*ador de +otos do
Windows
,cti-e window : %&'10188 ( )isuali*ador de +otos do Windows
31/07/2014
12:22:04
User "e#stro$es
Windows
31/07/2014
12:22:03
User "e#stro$es
%&'1018! ( )isuali*ador de +otos do
Windows
,cti-e window : %&'1018! ( )isuali*ador de +otos do Windows
31/07/2014
12:22:01
User "e#stro$es
%&'1018. ( )isuali*ador de +otos do
Windows
,cti-e window : %&'1018. ( )isuali*ador de +otos do Windows
31/07/2014
12:22:00
User Processes li-eudate.exe Process stoed
31/07/2014
12:21:./
User "e#stro$es
Windows
31/07/2014
12:21:.8
User "e#stro$es
Windows
31/07/2014
12:21:.1
User "e#stro$es
Windows
31/07/2014
12:21:4/
User "e#stro$es
Windows
31/07/2014
12:21:47
User Processes li-eudate Process started
31/07/2014
12:21:41
User
0ouse
clic$
Windows
0ouse clic$s : 3
31/07/2014
12:21:38
31/07/2014
12:21:37
User "e#stro$es
Windows
31/07/2014
12:21:33
User "e#stro$es
Windows
31/07/2014
12:21:2/
User
0ouse
clic$
Windows
0ouse clic$s : 1
31/07/2014
12:21:2.
User "e#stro$es
Windows
31/07/2014
12:21:2.
31/07/2014
12:21:24
User "e#stro$es
Windows
31/07/2014
12:21:22
User
0ouse
clic$
Windows
0ouse clic$s : 1
31/07/2014
12:21:1!
User "e#stro$es
Windows
31/07/2014
12:21:14
User
0ouse
clic$
Windows
0ouse clic$s : 1
31/07/2014
12:21:07
User "e#stro$es
Windows
31/07/2014
12:21:04
User "e#stro$es
Windows
31/07/2014
12:21:03
User "e#stro$es
%&'101!/ ( )isuali*ador de +otos do
Windows
,cti-e window : %&'101!/ ( )isuali*ador de +otos do Windows
31/07/2014
12:21:00
User "e#stro$es
%&'101!8 ( )isuali*ador de +otos do
Windows
,cti-e window : %&'101!8 ( )isuali*ador de +otos do Windows
31/07/2014
12:21:00
31/07/2014
12:20:.!
User "e#stro$es
Windows
31/07/2014
12:20:.4
User
0ouse
clic$
Windows
0ouse clic$s : 1
31/07/2014
12:20:4/
User "e#stro$es
Windows
31/07/2014
12:20:47
User Processes %earch+ilter1ost.exe Process stoed
31/07/2014
12:20:47
31/07/2014
12:20:47
31/07/2014
12:20:4!
User "e#stro$es
Windows
31/07/2014
12:20:41
User "e#stro$es
Windows
31/07/2014
12:20:3/
User
0ouse
clic$
Windows
0ouse clic$s : 1
31/07/2014
12:20:3!
31/07/2014
12:20:23
User "e#stro$es
Windows
31/07/2014
12:20:23
31/07/2014
12:20:22
User "e#stro$es
Windows
31/07/2014
12:20:21
User "e#stro$es
%&'101./ ( )isuali*ador de +otos do
Windows
,cti-e window : %&'101./ ( )isuali*ador de +otos do Windows
31/07/2014
12:20:01
User Processes tas$eng.exe Process stoed
31/07/2014
12:1/:./
31/07/2014
12:1/:4.
31/07/2014
12:1/:37
31/07/2014
12:1/:27
User "e#stro$es
%&'101.8 ( )isuali*ador de +otos do
Windows
,cti-e window : %&'101.8 ( )isuali*ador de +otos do Windows
31/07/2014
12:1/:2!
User
0ouse
clic$
Windows
0ouse clic$s : .
31/07/2014
12:1/:23
31/07/2014
12:1/:12
User "e#stro$es
Windows
31/07/2014
12:1/:10
User "e#stro$es
Windows
31/07/2014
12:1/:08
User "e#stro$es
Windows
31/07/2014
12:1/:0.
User "e#stro$es
Windows
31/07/2014
12:1/:02
User "e#stro$es
%&'101.. ( )isuali*ador de +otos do
Windows
,cti-e window : %&'101.. ( )isuali*ador de +otos do Windows
31/07/2014
12:18:./
31/07/2014
12:18:.!
User
0ouse
clic$
%&'101.. ( )isuali*ador de +otos do
Windows
,cti-e window : %&'101.. ( )isuali*ador de +otos do Windows
0ouse clic$s : 2
31/07/2014
12:18:.4
User "e#stro$es
Windows
31/07/2014
12:18:.3
User "e#stro$es
Windows
31/07/2014
12:18:4!
31/07/2014
12:18:38
User
0ouse
clic$
Windows
0ouse clic$s : 2
31/07/2014
12:18:37
31/07/2014
12:18:28
User "e#stro$es
Windows
31/07/2014
12:18:27
User "e#stro$es
Windows
31/07/2014
12:18:2.
User "e#stro$es
%&'1011/ ( )isuali*ador de +otos do
Windows
,cti-e window : %&'1011/ ( )isuali*ador de +otos do Windows
31/07/2014
12:18:2.
User "e#stro$es
Windows
31/07/2014
12:18:23
User "e#stro$es
Windows
31/07/2014
12:18:23
User Processes %earch+ilter1ost.exe Process stoed
31/07/2014
12:18:23
31/07/2014
12:18:23
31/07/2014
12:18:22
User "e#stro$es
Windows
31/07/2014
12:18:21
User "e#stro$es
Windows
31/07/2014
12:18:21
User "e#stro$es
Windows
31/07/2014
12:18:20
User "e#stro$es
Windows
31/07/2014
12:18:18
User "e#stro$es
Windows
31/07/2014
12:18:17
User "e#stro$es
Windows
31/07/2014
12:18:1.
User
0ouse
clic$
Windows
0ouse clic$s : 1
31/07/2014
12:18:0/
User "e#stro$es
Windows
31/07/2014
12:18:07
User "e#stro$es
Windows
31/07/2014
12:18:0!
User "e#stro$es
%&'100/7 ( )isuali*ador de +otos do
Windows
,cti-e window : %&'100/7 ( )isuali*ador de +otos do Windows
31/07/2014
12:17:./
User "e#stro$es
%&'100/! ( )isuali*ador de +otos do
Windows
,cti-e window : %&'100/! ( )isuali*ador de +otos do Windows
31/07/2014
12:17:./
31/07/2014
12:17:.8
User "e#stro$es
Windows
31/07/2014
12:17:.7
User "e#stro$es
Windows
31/07/2014
12:17:..
User "e#stro$es
Windows
31/07/2014
12:17:.4
User "e#stro$es
Windows
31/07/2014
12:17:.3
User "e#stro$es
Windows
31/07/2014
12:17:.2
User "e#stro$es
Windows
31/07/2014
12:17:.1
User "e#stro$es
Windows
31/07/2014
12:17:.0
User "e#stro$es
Windows
31/07/2014
12:17:49
User Keystrokes
SDC10061 - Visualizador de otos do
!i"do#s
$%ti&e #i"do# : SDC10061 - Visualizador de otos do !i"do#s
'ro%ess "a(e : dll)ost
31/07/2014
12:17:4*
User Keystrokes
SDC100+9 - Visualizador de otos do
!i"do#s
$%ti&e #i"do# : SDC100+9 - Visualizador de otos do !i"do#s
31/07/2014
12:17:47
User Keystrokes
!i"do#s
31/07/2014
12:17:46
User Keystrokes
!i"do#s
31/07/2014
12:17:4+
User Keystrokes
SDC1001* - Visualizador de otos do
!i"do#s
$%ti&e #i"do# : SDC1001* - Visualizador de otos do !i"do#s
31/07/2014
12:17:4+
User 'ro%esses li&eu,date 'ro%ess started
31/07/2014
12:17:44
User Keystrokes
!i"do#s
31/07/2014
12:17:42
User Keystrokes
SDC1001+ - Visualizador de otos do
!i"do#s
$%ti&e #i"do# : SDC1001+ - Visualizador de otos do !i"do#s
31/07/2014
12:17:40
User Keystrokes
!i"do#s
31/07/2014
12:17:39
User Keystrokes
!i"do#s
31/07/2014
12:17:36
User 'ro%esses li&eu,date-e.e 'ro%ess sto,,ed
31/07/2014
12:17:33
User Keystrokes
!i"do#s
31/07/2014
12:17:30
User Keystrokes
!i"do#s
31/07/2014
12:17:29
User Keystrokes
!i"do#s
31/07/2014
12:17:2*
User Keystrokes
!i"do#s
31/07/2014
12:17:27
User Keystrokes
!i"do#s
31/07/2014
12:17:2+
User Keystrokes
!i"do#s
31/07/2014
12:17:23
31/07/2014
12:17:23
User 'ro%esses dll)ost-e.e 'ro%ess sto,,ed
31/07/2014
12:17:22
User Keystrokes
SDC1000+ - Visualizador de otos do
!i"do#s
$%ti&e #i"do# : SDC1000+ - Visualizador de otos do !i"do#s
31/07/2014
12:17:22
User Keystrokes
!i"do#s
31/07/2014
12:17:21
User Keystrokes
!i"do#s
31/07/2014
12:17:16
User 'ro%esses dll)ost 'ro%ess started
31/07/2014
12:17:16
31/07/2014
12:17:14
User 'ro%esses #(,layer-e.e 'ro%ess sto,,ed
31/07/2014
12:17:14
User 'ro%esses #(,s)are-e.e 'ro%ess sto,,ed
31/07/2014
12:17:14
User
/ouse
%li%k
102SSC$/
$%ti&e #i"do# : 102SSC$/
'ro%ess "a(e : e.,lorer
/ouse %li%ks : 2
31/07/2014
12:17:09
User 'ro%esses #(,s)are 'ro%ess started
31/07/2014
12:17:07
User 'ro%esses #(,"et#k 'ro%ess started
31/07/2014
12:17:0+
User
/ouse
%li%k
!i"do#s /edia 'layer
$%ti&e #i"do# : !i"do#s /edia 'layer
'ro%ess "a(e : #(,layer
/ouse %li%ks : 2
31/07/2014
12:17:00
31/07/2014
12:16:+7
31/07/2014
12:16:4*
User 'ro%esses #(,layer 'ro%ess started
31/07/2014
12:16:4*
User
/ouse
%li%k
102SSC$/
$%ti&e #i"do# : 102SSC$/
/ouse %li%ks : 2
31/07/2014
12:16:46
31/07/2014
12:16:46
31/07/2014
12:16:4+
User
/ouse
%li%k
DC0/
$%ti&e #i"do# : DC0/
/ouse %li%ks : 2
31/07/2014
12:16:44
31/07/2014
12:16:42
User
/ouse
%li%k
100SSC$/
$%ti&e #i"do# : 100SSC$/
/ouse %li%ks : 1
31/07/2014
12:16:37
31/07/2014
12:16:33
User
/ouse
%li%k
!i"do#s
/ouse %li%ks : 2
31/07/2014
12:16:2*
31/07/2014
12:16:26
User
/ouse
%li%k
100SSC$/
$%ti&e #i"do# : 100SSC$/
/ouse %li%ks : 2
31/07/2014
12:16:24
User 'ro%esses Sear%)ilter1ost-e.e 'ro%ess sto,,ed
31/07/2014
12:16:24
31/07/2014
12:16:24
31/07/2014
12:16:22
User
Mouse
click
DCM
!ctive "i#do" : DCM
Process #a$e : e%plorer
Mouse clicks : 2
31/07/2014
12:16:1&
User
Mouse
click
'D Card ():*
!ctive "i#do" : 'D Card ():*
Mouse clicks : 2
31/07/2014
12:16:04
User Processes dllhost+e%e Process stopped
31/07/2014
12:16:04
User
Mouse
click
Co$putador
!ctive "i#do" : Co$putador
Mouse clicks : 2
31/07/2014
12:1,:,&
User Processes liveupdate+e%e Process stopped
31/07/2014
12:1,:,&
31/07/2014
12:1,:,&
31/07/2014
12:1,:,-
User
Mouse
click
+a#droid.secure
!ctive "i#do" : +a#droid.secure
Mouse clicks : 1
31/07/2014
12:1,:,3
31/07/2014
12:1,:4-
User Processes audiod/ Process started
31/07/2014
12:1,:4-
User
Mouse
click
Disco re$ov0vel (:*
!ctive "i#do" : Disco re$ov0vel (:*
Mouse clicks : 3
31/07/2014
12:1,:46
31/07/2014
12:1,:37
31/07/2014
12:1,:31
31/07/2014
12:1,:2&
User
Mouse
click
1ere#ciador de 2arefas
!ctive "i#do" : 1ere#ciador de 2arefas
Process #a$e : avp
Mouse clicks : 1
31/07/2014
12:1,:24
31/07/2014
12:1,:22
User
Mouse
click
'DC11377 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC11377 3 4isuali5ador de 6otos do 7i#do"s
Process #a$e : dllhost
Mouse clicks : 2
31/07/2014
12:1,:11
User 8e9strokes
'DC1137- 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC1137- 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:1,:0&
User 8e9strokes
'DC1137& 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC1137& 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:1,:07
User 8e9strokes
'DC113-0 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC113-0 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:1,:06
User 8e9strokes
'DC113-& 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC113-& 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:1,:0,
User 8e9strokes
7i#do"s
31/07/2014
12:1,:04
User 8e9strokes
7i#do"s
31/07/2014
12:1,:03
User 8e9strokes
7i#do"s
31/07/2014
12:1,:00
31/07/2014
12:1,:00
User Processes taske#/ Process started
31/07/2014
12:14:,6
User 8e9strokes
7i#do"s
31/07/2014
12:14:,2
User 8e9strokes
7i#do"s
31/07/2014
12:14:,0
User 8e9strokes
7i#do"s
31/07/2014
12:14:4-
User 8e9strokes
7i#do"s
31/07/2014
12:14:4-
User 8e9strokes
7i#do"s
31/07/2014
12:14:47
31/07/2014
12:14:46
User 8e9strokes
7i#do"s
31/07/2014
12:14:4,
User 8e9strokes
7i#do"s
31/07/2014
12:14:36
User 8e9strokes
7i#do"s
31/07/2014
12:14:36
31/07/2014
12:14:3,
User
Mouse
click
7i#do"s
Mouse clicks : 1
31/07/2014
12:14:26
User 8e9strokes
7i#do"s
31/07/2014
12:14:2,
User 8e9strokes
'DC113,& 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC113,& 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:14:23
User 8e9strokes
'DC113,- 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC113,- 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:14:23
31/07/2014
User Processes taskhost+e%e Process stopped
12:14:23
31/07/2014
12:14:21
User 8e9strokes
'DC113,6 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC113,6 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:14:20
User 8e9strokes
7i#do"s
31/07/2014
12:14:1&
User 8e9strokes
7i#do"s
31/07/2014
12:14:1-
User 8e9strokes
7i#do"s
31/07/2014
12:14:17
User 8e9strokes
7i#do"s
31/07/2014
12:14:1,
User 8e9strokes
7i#do"s
31/07/2014
12:14:12
User 8e9strokes
7i#do"s
31/07/2014
12:14:10
User 8e9strokes
7i#do"s
31/07/2014
12:14:0&
User 8e9strokes
'DC1133, 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC1133, 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:14:07
User
Mouse
click
'DC1133, 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC1133, 3 4isuali5ador de 6otos do 7i#do"s
Mouse clicks : 1
31/07/2014
12:14:02
User 8e9strokes
7i#do"s
31/07/2014
12:13:,&
User 8e9strokes
7i#do"s
31/07/2014
12:13:,-
31/07/2014
12:13:,7
User 8e9strokes
7i#do"s
31/07/2014
12:13:,6
User
Mouse
click
7i#do"s
Mouse clicks : 1
31/07/2014
12:13:4-
User 8e9strokes
7i#do"s
31/07/2014
12:13:47
31/07/2014
12:13:47
User Processes 'earch6ilter:ost+e%e Process stopped
31/07/2014
12:13:4,
31/07/2014
12:13:44
User 8e9strokes
7i#do"s
31/07/2014
12:13:43
User
Mouse
click
7i#do"s
Mouse clicks : 1
31/07/2014
12:13:3-
User 8e9strokes
7i#do"s
31/07/2014
12:13:3-
31/07/2014
12:13:36
User 8e9strokes
7i#do"s
31/07/2014
12:13:3,
User 8e9strokes
'DC11,4- 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC11,4- 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:13:33
User
Mouse
click
7i#do"s
Mouse clicks : 1
31/07/2014
12:13:27
User 8e9strokes
7i#do"s
31/07/2014
12:13:2,
User 8e9strokes
7i#do"s
31/07/2014
12:13:2,
31/07/2014
12:13:24
User 8e9strokes
7i#do"s
31/07/2014
12:13:22
User 8e9strokes
'DC11,3& 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC11,3& 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:13:21
User 8e9strokes
7i#do"s
31/07/2014
12:13:20
User 8e9strokes
'DC11,3, 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC11,3, 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:13:1-
User 8e9strokes
7i#do"s
31/07/2014
12:13:17
User 8e9strokes
7i#do"s
31/07/2014
12:13:16
User 8e9strokes
'DC11,2, 3 4isuali5ador de 6otos do
7i#do"s
!ctive "i#do" : 'DC11,2, 3 4isuali5ador de 6otos do 7i#do"s
31/07/2014
12:13:14
User 8e9strokes
7i#do"s
31/07/2014
12:13:12
User 8e9strokes
7i#do"s
31/07/2014
12:13:12
User 8e9strokes
7i#do"s
31/07/2014
12:13:10
User 8e9strokes
7i#do"s
31/07/2014
12:13:0&
User 8e9strokes
7i#do"s
31/07/2014
12:13:0-
User
Mouse
click
7i#do"s
Mouse clicks : 1
31/07/2014
12:12:,&
User 8e9strokes
7i#do"s
31/07/2014
12:12:,&
31/07/2014
12:12:56
User
Mouse
click
SDC11516 - Visualizador de Foos do
!i"do#s
$ci%e #i"do# : SDC11516 - Visualizador de Foos do !i"do#s
&rocess "a'e : dll(os
Mouse clicks : 1
31/07/2014
12:12:51
User )e*srokes
!i"do#s
31/07/2014
12:12:51
User &rocesses audiod+,e-e &rocess so..ed
31/07/2014
12:12:4/
User )e*srokes
!i"do#s
31/07/2014
12:12:40
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:12:46
User &rocesses li%eu.dae &rocess sared
31/07/2014
12:12:44
User )e*srokes
!i"do#s
31/07/2014
12:12:42
User )e*srokes
!i"do#s
31/07/2014
12:12:41
User )e*srokes
!i"do#s
31/07/2014
12:12:3/
User )e*srokes
!i"do#s
31/07/2014
12:12:30
User )e*srokes
!i"do#s
31/07/2014
12:12:37
User )e*srokes
!i"do#s
31/07/2014
12:12:37
User &rocesses li%eu.dae,e-e &rocess so..ed
31/07/2014
12:12:36
User )e*srokes
!i"do#s
31/07/2014
12:12:34
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:12:24
31/07/2014
12:12:22
User &rocesses ask(os &rocess sared
31/07/2014
12:12:20
User )e*srokes
SDC114// - Visualizador de Foos do
!i"do#s
$ci%e #i"do# : SDC114// - Visualizador de Foos do !i"do#s
31/07/2014
12:12:1/
User )e*srokes
SDC114/0 - Visualizador de Foos do
!i"do#s
$ci%e #i"do# : SDC114/0 - Visualizador de Foos do !i"do#s
31/07/2014
12:12:16
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:12:15
User &rocesses 1a%1s2e.or,e-e &rocess so..ed
31/07/2014
12:12:0/
User )e*srokes
!i"do#s
31/07/2014
12:12:0/
User &rocesses 3a%3sre.or &rocess sared
31/07/2014
12:12:04
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:12:00
31/07/2014
12:11:4/
User )e*srokes
!i"do#s
31/07/2014
12:11:4/
User )e*srokes
!i"do#s
31/07/2014
12:11:47
User &rocesses searc(4iler(os &rocess sared
31/07/2014
12:11:47
31/07/2014
12:11:46
User )e*srokes
!i"do#s
31/07/2014
12:11:45
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:11:3/
User )e*srokes
!i"do#s
31/07/2014
12:11:37
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:11:36
31/07/2014
12:11:30
User )e*srokes
!i"do#s
31/07/2014
12:11:20
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:11:25
User &rocesses Searc(Filer5os,e-e &rocess so..ed
31/07/2014
12:11:23
User )e*srokes
!i"do#s
31/07/2014
12:11:22
31/07/2014
12:11:22
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:11:10
User )e*srokes
!i"do#s
31/07/2014
12:11:16
User )e*srokes
!i"do#s
31/07/2014
12:11:15
User )e*srokes
!i"do#s
31/07/2014
12:11:13
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:11:0/
User )e*srokes
!i"do#s
31/07/2014
12:11:06
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:11:01
User )e*srokes
!i"do#s
31/07/2014
12:11:00
User )e*srokes
!i"do#s
31/07/2014
12:11:00
31/07/2014
12:10:50
User )e*srokes
!i"do#s
31/07/2014
12:10:57
User )e*srokes
!i"do#s
31/07/2014
12:10:56
User )e*srokes
!i"do#s
31/07/2014
12:10:54
User )e*srokes
!i"do#s
31/07/2014
12:10:52
User )e*srokes
!i"do#s
31/07/2014
12:10:47
User )e*srokes
!i"do#s
31/07/2014
12:10:47
31/07/2014
12:10:46
User )e*srokes
!i"do#s
31/07/2014
12:10:45
31/07/2014
12:10:45
31/07/2014
12:10:44
User )e*srokes
!i"do#s
31/07/2014
12:10:41
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:10:36
31/07/2014
12:10:33
User )e*srokes
!i"do#s
31/07/2014
12:10:32
User )e*srokes
SDC1146/ - Visualizador de Foos do
!i"do#s
$ci%e #i"do# : SDC1146/ - Visualizador de Foos do !i"do#s
31/07/2014
12:10:31
User )e*srokes
!i"do#s
31/07/2014
12:10:30
User )e*srokes
!i"do#s
31/07/2014
12:10:2/
User )e*srokes
!i"do#s
31/07/2014
12:10:20
User )e*srokes
!i"do#s
31/07/2014
12:10:27
User )e*srokes
!i"do#s
31/07/2014
12:10:25
User )e*srokes
!i"do#s
31/07/2014
12:10:24
User )e*srokes
!i"do#s
31/07/2014
12:10:23
User )e*srokes
!i"do#s
31/07/2014
12:10:23
31/07/2014
12:10:22
User )e*srokes
SDC1144/ - Visualizador de Foos do
!i"do#s
$ci%e #i"do# : SDC1144/ - Visualizador de Foos do !i"do#s
31/07/2014
12:10:13
User )e*srokes
!i"do#s
31/07/2014
12:10:12
User )e*srokes
!i"do#s
31/07/2014
12:10:11
User )e*srokes
!i"do#s
31/07/2014
12:10:10
User )e*srokes
!i"do#s
31/07/2014
12:10:0/
User )e*srokes
!i"do#s
31/07/2014
12:10:07
User )e*srokes
!i"do#s
31/07/2014
12:10:05
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:0/:50
User )e*srokes
!i"do#s
31/07/2014
12:0/:50
31/07/2014
12:0/:57
User
Mouse
click
!i"do#s
Mouse clicks : 1
31/07/2014
12:0/:47
User )e*srokes
!i"do#s
31/07/2014
12:0/:45
31/07/2014
12:0/:43
User )e*srokes
!i"do#s
31/07/2014
User )e*srokes
SDC11434 - Visualizador de Foos do $ci%e #i"do# : SDC11434 - Visualizador de Foos do !i"do#s
12:09:41 Windows Process name : dllhost
31/07/2014
12:09:39
User Keystrokes
S!11433 " #is$ali%ador de &otos do
Windows
'cti(e window : S!11433 " #is$ali%ador de &otos do Windows
31/07/2014
12:09:3)
User Keystrokes
Windows
31/07/2014
12:09:37
User Keystrokes
Windows
31/07/2014
12:09:3*
User Processes li(e$+date,e-e Process sto++ed
31/07/2014
12:09:3.
User Keystrokes
S!1142* " #is$ali%ador de &otos do
Windows
'cti(e window : S!1142* " #is$ali%ador de &otos do Windows
31/07/2014
12:09:34
User Keystrokes
S!1142. " #is$ali%ador de &otos do
Windows
'cti(e window : S!1142. " #is$ali%ador de &otos do Windows
31/07/2014
12:09:33
User Keystrokes
Windows
31/07/2014
12:09:32
User Keystrokes
Windows
31/07/2014
12:09:31
User Keystrokes
Windows
31/07/2014
12:09:30
User Keystrokes
Windows
31/07/2014
12:09:2)
User
/o$se
click
Windows
/o$se clicks : 1
31/07/2014
12:09:23
31/07/2014
12:09:23
User Processes li(e$+date Process started
31/07/2014
12:09:20
User Keystrokes
S!1141) " #is$ali%ador de &otos do
Windows
'cti(e window : S!1141) " #is$ali%ador de &otos do Windows
31/07/2014
12:09:0)
User
/o$se
click
Windows
/o$se clicks : 1
31/07/2014
12:0):.9
User Keystrokes
Windows
31/07/2014
12:0):.9
31/07/2014
12:0):.)
User Keystrokes
Windows
31/07/2014
12:0):.7
User Keystrokes
Windows
31/07/2014
12:0):49
User Keystrokes
Windows
31/07/2014
12:0):4)
User Keystrokes
Windows
31/07/2014
12:0):4)
User Processes Search&ilter1ost,e-e Process sto++ed
31/07/2014
12:0):4*
31/07/2014
12:0):44
User
/o$se
click
'cti(e window : 2erenciador de 3are0as
Process name : a(+
/o$se clicks : 1
31/07/2014
12:0):37
31/07/2014
12:0):24
31/07/2014
12:0):1.
User Keystrokes 2erenciador de 3are0as
'cti(e window : 2erenciador de 3are0as
Process name : a(+
31/07/2014
12:07:.9
31/07/2014
12:07:.7
User Keystrokes
S!1139. " #is$ali%ador de &otos do
Windows
'cti(e window : S!1139. " #is$ali%ador de &otos do Windows
31/07/2014
12:07:..
User Keystrokes
Windows
31/07/2014
12:07:.3
User Keystrokes
Windows
31/07/2014
12:07:.2
User Keystrokes
Windows
31/07/2014
12:07:.0
User Keystrokes
S!113)9 " #is$ali%ador de &otos do
Windows
'cti(e window : S!113)9 " #is$ali%ador de &otos do Windows
31/07/2014
12:07:47
31/07/2014
12:07:4*
User Keystrokes
S!113)0 " #is$ali%ador de &otos do
Windows
'cti(e window : S!113)0 " #is$ali%ador de &otos do Windows
31/07/2014
12:07:4.
User Keystrokes
Windows
31/07/2014
12:07:4.
31/07/2014
12:07:4.
31/07/2014
12:07:43
User Keystrokes
Windows
31/07/2014
12:07:41
User Keystrokes
Windows
31/07/2014
12:07:39
User Keystrokes
Windows
31/07/2014
12:07:3)
User Keystrokes
Windows
31/07/2014
12:07:37
31/07/2014
12:07:31
User Keystrokes
Windows
31/07/2014
12:07:24
31/07/2014
12:07:00
31/07/2014
12:06:55
User Keystrokes
!"11360 # $isuali%ador de &otos do
'i(do)s
*ctive )i(do) : !"11360 # $isuali%ador de &otos do 'i(do)s
Process (a+e : dll,ost
31/07/2014
12:06:54
User Keystrokes
!"1135- # $isuali%ador de &otos do
'i(do)s
*ctive )i(do) : !"1135- # $isuali%ador de &otos do 'i(do)s
31/07/2014
12:06:53
User Keystrokes
!"1135. # $isuali%ador de &otos do
'i(do)s
*ctive )i(do) : !"1135. # $isuali%ador de &otos do 'i(do)s
31/07/2014
12:06:51
User Keystrokes
'i(do)s
31/07/2014
12:06:50
User Keystrokes
'i(do)s
31/07/2014
12:06:4.
User Keystrokes
'i(do)s
31/07/2014
12:06:47
User Keystrokes
'i(do)s
31/07/2014
12:06:47
31/07/2014
12:06:47
User Processes searc,/ilter,ost Process started
31/07/2014
12:06:47
User Processes earc,&ilter0ost.exe Process stopped
31/07/2014
12:06:45
User Keystrokes
'i(do)s
31/07/2014
12:06:44
User Keystrokes
'i(do)s
31/07/2014
12:06:43
User Keystrokes
'i(do)s
31/07/2014
12:06:41
User Keystrokes
'i(do)s
31/07/2014
12:06:40
User Keystrokes
'i(do)s
31/07/2014
12:06:3.
User Keystrokes
'i(do)s
31/07/2014
12:06:3.
31/07/2014
12:06:37
User Keystrokes
'i(do)s
31/07/2014
12:06:36
User Keystrokes
'i(do)s
31/07/2014
12:06:35
User Keystrokes
'i(do)s
31/07/2014
12:06:33
User Processes dll,ost.exe Process stopped
31/07/2014
12:06:33
User
1ouse
click
'i(do)s
1ouse clicks : 1
31/07/2014
12:06:2-
User Processes dll,ost Process started
31/07/2014
12:06:2-
31/07/2014
12:06:2-
31/07/2014
12:06:26
User
1ouse
click
100"*1
*ctive )i(do) : 100"*1
Process (a+e : explorer
1ouse clicks : 2
31/07/2014
12:06:24
31/07/2014
12:06:20
User
1ouse
click
!"21
*ctive )i(do) : !"21
1ouse clicks : 2
31/07/2014
12:06:17
31/07/2014
12:06:16
User
1ouse
click
! "ard 34:5
*ctive )i(do) : ! "ard 34:5
1ouse clicks : 2
31/07/2014
12:06:0-
User
1ouse
click
"o+putador
*ctive )i(do) : "o+putador
1ouse clicks : 2
31/07/2014
12:06:04
User
1ouse
click
i(/o
*ctive )i(do) : i(/o
1ouse clicks : 1
31/07/2014
12:06:02
User Processes ru(dll32.exe Process stopped
31/07/2014
12:06:01
User
1ouse
click
'i(do)s
*ctive )i(do) : 'i(do)s
Process (a+e : ru(dll32
1ouse clicks : 1
31/07/2014
12:05:5.
User Processes ru(dll32 Process started
31/07/2014
12:05:5.
31/07/2014
12:05:56
User
1ouse
click
i(/o
*ctive )i(do) : i(/o
1ouse clicks : 2
31/07/2014
12:05:45
31/07/2014
12:05:40
31/07/2014
12:05:40
31/07/2014
12:05:40
31/07/2014
12:05:40
31/07/2014
12:05:38
User
Mouse
click
no est disponvel - p!rk
"ro#ser
$ctive #indo# : no est disponvel - p!rk "ro#ser
%rocess n!&e : sp!rk
Mouse clicks : 1
31/07/2014
12:05:3'
User %rocesses liveupd!te(e)e %rocess stopped
31/07/2014
12:05:3'
User %rocesses dll*ost %rocess st!rted
31/07/2014
12:05:34
User %rocesses sp!rk %rocess st!rted
31/07/2014
12:05:34
31/07/2014
12:05:31
User %rocesses rundll32(e)e %rocess stopped
31/07/2014
12:05:31
31/07/2014
12:05:31
User
Mouse
click
+indo#s
$ctive #indo# : +indo#s
%rocess n!&e : rundll32
Mouse clicks : 1
31/07/2014
12:05:2,
User %rocesses rundll32 %rocess st!rted
31/07/2014
12:05:27
User
Mouse
click
in-o
$ctive #indo# : in-o
%rocess n!&e : e)plorer
Mouse clicks : 2
31/07/2014
12:05:22
User %rocesses liveupd!te %rocess st!rted
31/07/2014
12:04:58
31/07/2014
12:04:57
User
Mouse
click
. /!rd 01:2
$ctive #indo# : . /!rd 01:2
Mouse clicks : 4
31/07/2014
12:04:45
31/07/2014
12:04:42
User
Mouse
click
in-o
$ctive #indo# : in-o
Mouse clicks : 2
31/07/2014
12:04:3'
User %rocesses sp!rk(e)e %rocess stopped
31/07/2014
12:04:3'
31/07/2014
12:04:3'
31/07/2014
12:04:3'
User %rocesses sp!rkupd!te(e)e %rocess stopped
31/07/2014
12:04:3'
31/07/2014
12:04:3'
31/07/2014
12:04:34
User
Mouse
click
3ov! 4ui! - p!rk "ro#ser
$ctive #indo# : 3ov! 4ui! - p!rk "ro#ser
Mouse clicks : 1
31/07/2014
12:04:2,
User %rocesses sp!rkupd!te %rocess st!rted
31/07/2014
12:04:27
31/07/2014
12:04:27
31/07/2014
12:04:2'
User
Mouse
click
no est disponvel - p!rk
"ro#ser
$ctive #indo# : no est disponvel - p!rk "ro#ser
Mouse clicks : 1
31/07/2014
12:04:25
User %rocesses e!rc*5ilter6ost(e)e %rocess stopped
31/07/2014
12:04:25
User %rocesses se!rc*-ilter*ost %rocess st!rted
31/07/2014
12:04:25
User %rocesses dll*ost(e)e %rocess stopped
31/07/2014
12:04:22
31/07/2014
12:04:18
31/07/2014
12:03:58
31/07/2014
12:03:45
31/07/2014
12:03:3'
31/07/2014
12:03:3'
User %rocesses dll*ost(e)e %rocess stopped
31/07/2014
12:03:34
31/07/2014
12:03:30
31/07/2014
12:03:28
31/07/2014
12:03:28
31/07/2014
12:03:28
31/07/2014
12:03:28
User %rocesses rundll32(e)e %rocess stopped
31/07/2014
12:03:23
User %rocesses %/$pptore(e)e %rocess stopped
31/07/2014
12:03:23
User %rocesses -te)(e)e %rocess stopped
31/07/2014
12:03:23
31/07/2014
12:03:23
User Processes AppStoreDesktopTip.exe Process stopped
31/07/2014
12:03:23
User Processes ftex.exe Process stopped
31/07/2014
12:03:23
31/07/2014
12:03:23
User
Mouse
cick
!i"do#s
Acti$e #i"do# : !i"do#s
Process "a%e : ru"d32
Mouse cicks : 3
31/07/2014
12:03:21
User Processes pcappstore Process started
31/07/2014
12:03:21
User Processes ftex Process started
31/07/2014
12:03:21
User Processes appstoredesktoptip Process started
31/07/2014
12:03:21
User Processes ftex Process started
31/07/2014
12:03:21
User Processes updatepopup Process started
31/07/2014
12:03:21
User Processes ru"d32 Process started
31/07/2014
12:03:1&
User
Mouse
cick
i"fo
Acti$e #i"do# : i"fo
Process "a%e : exporer
Mouse cicks : 2
31/07/2014
12:03:1'
User
Mouse
cick
.Tras()1000
Acti$e #i"do# : .Tras()1000
Mouse cicks : 2
31/07/2014
12:03:13
User
Mouse
cick
fies
Acti$e #i"do# : fies
Mouse cicks : 1
31/07/2014
12:03:0*
User Processes Trusted+"staer.exe Process stopped
31/07/2014
12:03:0*
User
Mouse
cick
.Tras()1000
Mouse cicks : 2
31/07/2014
12:03:0'
User
Mouse
cick
SD ,ard -.:/
Acti$e #i"do# : SD ,ard -.:/
Mouse cicks : 2
31/07/2014
12:03:00
User Processes d(ost.exe Process stopped
31/07/2014
12:02:'&
User Processes i$eupdate.exe Process stopped
31/07/2014
12:02:'&
User Processes ru"d32.exe Process stopped
31/07/2014
12:02:'&
31/07/2014
12:02:'0
User
Mouse
cick
!i"do#s
Acti$e #i"do# : !i"do#s
Process "a%e : ru"d32
Mouse cicks : 1
31/07/2014
12:02:'4
User Processes ru"d32 Process started
31/07/2014
12:02:'4
User Processes d(ost Process started
31/07/2014
12:02:'2
User
Mouse
cick
SD ,ard -.:/
Acti$e #i"do# : SD ,ard -.:/
Mouse cicks : 2
31/07/2014
12:02:'0
User
Mouse
cick
.Tras()1000
Mouse cicks : 1
31/07/2014
12:02:40
User
Mouse
cick
i"fo
Acti$e #i"do# : i"fo
Mouse cicks : 1
31/07/2014
12:02:4'
User Processes i$eupdate Process started
31/07/2014
12:02:4'
31/07/2014
12:02:4'
31/07/2014
12:02:4'
31/07/2014
12:02:40
31/07/2014
12:02:3&
User
Mouse
cick
"12o est13 dispo"1$e ) Spark
4ro#ser
Acti$e #i"do# : "12o est13 dispo"1$e ) Spark 4ro#ser
Process "a%e : spark
Mouse cicks : 1
31/07/2014
12:02:30
User Processes i$eupdate.exe Process stopped
31/07/2014
12:02:2'
31/07/2014
12:02:23
User Processes searc(fiter(ost Process started
31/07/2014
12:02:23
User Processes i$eupdate Process started
31/07/2014
12:02:23
User Processes Searc(5iter6ost.exe Process stopped
31/07/2014
12:02:10
31/07/2014
12:02:10
User Processes d(ost.exe Process stopped
31/07/2014
12:02:0'
User Processes d(ost Process started
31/07/2014
12:02:03
31/07/2014
12:02:00
User Processes ru"d32.exe Process stopped
31/07/2014
12:02:00 User Processes spark Process started
31/07/2014
12:02:00
31/07/2014
12:01:58
31/07/2014
12:01:58
User
Mouse
click
Wido!s
"ctive !ido! : Wido!s
Process a#e : rudll32
Mouse clicks : 2
31/07/2014
12:01:5$
User Processes dll%ost.exe Process stopped
31/07/2014
12:01:54
User Processes rudll32 Process started
31/07/2014
12:01:52
User
Mouse
click
i&o
"ctive !ido! : i&o
Process a#e : explorer
Mouse clicks : 2
31/07/2014
12:01:4'
31/07/2014
12:01:48
User
Mouse
click
.(ras%)1000
"ctive !ido! : .(ras%)1000
Mouse clicks : 2
31/07/2014
12:01:45
31/07/2014
12:01:42
User
Mouse
click
&iles
"ctive !ido! : &iles
Mouse clicks : 1
31/07/2014
12:01:3$
31/07/2014
12:01:34
31/07/2014
12:01:30
31/07/2014
12:01:30
31/07/2014
12:01:28
User
Mouse
click
.(ras%)1000
"ctive !ido! : .(ras%)1000
Mouse clicks : 2
31/07/2014
12:01:23
User Processes audiod* Process started
31/07/2014
12:01:23
31/07/2014
12:01:23
31/07/2014
12:01:22
User
Mouse
click
+, -ard ./:0
"ctive !ido! : +, -ard ./:0
Mouse clicks : 2
31/07/2014
12:01:13
User
Mouse
click
-o#putador
"ctive !ido! : -o#putador
Mouse clicks : 1
31/07/2014
12:01:00
31/07/2014
12:00:51
31/07/2014
12:00:44
31/07/2014
12:00:44
31/07/2014
12:00:42
User
Mouse
click
Pro*ra# Maa*er
"ctive !ido! : Pro*ra# Maa*er
Mouse clicks : 2
31/07/2014
12:00:3$
31/07/2014
12:00:23
31/07/2014
12:00:23
User Processes +earc%1ilter2ost.exe Process stopped
31/07/2014
12:00:23
31/07/2014
11:5':5'
31/07/2014
11:5':44
31/07/2014
11:5':3$
31/07/2014
11:5':23
31/07/2014
11:58:5'
31/07/2014
11:58:44
31/07/2014
11:58:3$
31/07/2014
11:58:2$
User +3ste# user active User !et active
31/07/2014
11:58:2$
User
Mouse
click
Uko! "pplicatio
Process a#e : s3sdir
Mouse clicks : 1
31/07/2014
11:58:23
User Processes +earc%1ilter2ost.exe Process stopped
31/07/2014
11:58:23
31/07/2014
11:58:23
31/07/2014
11:57:5'
31/07/2014
11:57:44
31/07/2014
11:57:36
31/07/2014
11:57:23
31/07/2014
11:56:59
31/07/2014
11:56:44
31/07/2014
11:56:36
31/07/2014
11:56:23
31/07/2014
11:56:23
31/07/2014
11:56:23
User Processes earch!ilter"ost.exe Process stopped
31/07/2014
11:55:59
31/07/2014
11:55:44
31/07/2014
11:55:36
31/07/2014
11:55:23
31/07/2014
11:54:59
31/07/2014
11:54:44
31/07/2014
11:54:35
31/07/2014
11:54:23
31/07/2014
11:53:59
31/07/2014
11:53:44
31/07/2014
11:53:44
31/07/2014
11:53:44
31/07/2014
11:53:35
31/07/2014
11:53:31
User Processes #avUpdater.exe Process stopped
31/07/2014
11:53:29
User Processes $pptoreUpdater.exe Process stopped
31/07/2014
11:53:22
31/07/2014
11:53:22
User Processes %avupdater Process started
31/07/2014
11:53:22
User Processes co&host.exe Process stopped
31/07/2014
11:53:22
User Processes $pptoreUtil'xe.exe Process stopped
31/07/2014
11:53:20
User Processes co&host Process started
31/07/2014
11:53:20
User Processes appstoreutilexe Process started
31/07/2014
11:53:20
31/07/2014
11:53:1(
User Processes )siexec.exe Process stopped
31/07/2014
11:52:59
31/07/2014
11:52:54
User Processes trustedi&staller Process started
31/07/2014
11:52:46
31/07/2014
11:52:35
31/07/2014
11:52:22
31/07/2014
11:51:5(
31/07/2014
11:51:46
31/07/2014
11:51:46
31/07/2014
11:51:46
31/07/2014
11:51:35
31/07/2014
11:51:22
31/07/2014
11:50:5(
31/07/2014
11:50:50
31/07/2014
11:50:45
31/07/2014
11:50:34
31/07/2014
11:50:22
31/07/2014
11:49:58
31/07/2014
11:49:45
31/07/2014
11:49:45
31/07/2014
11:49:3
31/07/2014
11:49:25
User Processes soft!"r#update.exe Process stopped
31/07/2014
11:49:25
User Processes co$host.exe Process stopped
31/07/2014
11:49:23
31/07/2014
11:49:23
31/07/2014
11:49:21
User Processes soft!"r#update Process started
31/07/2014
11:49:21
User Processes co$host Process started
31/07/2014
11:48:57
31/07/2014
11:48:44
31/07/2014
11:48:35
31/07/2014
11:48:22
31/07/2014
11:48:22
31/07/2014
11:48:22
User Processes (pp)o"*eporter.exe Process stopped
31/07/2014
11:48:20
31/07/2014
11:48:20
User Processes applo"reporter Process started
31/07/2014
11:47:59
User Processes %earchProtocol'ost.exe Process stopped
31/07/2014
11:47:59
31/07/2014
11:47:54
User Processes audiod".exe Process stopped
31/07/2014
11:47:52
User Processes P+&Popups.exe Process stopped
31/07/2014
11:47:4
User Processes ,-.(/(P.exe Process stopped
31/07/2014
11:47:4
31/07/2014
11:47:43
User Processes 0!iadap Process started
31/07/2014
11:47:43
User Processes pcfpopups Process started
31/07/2014
11:47:39
User Processes tas1e$".exe Process stopped
31/07/2014
11:47:35
31/07/2014
11:47:21
31/07/2014
11:4:57
31/07/2014
11:4:57
31/07/2014
11:4:57
31/07/2014
11:4:57
31/07/2014
11:4:51
User Processes 0!i32.exe Process stopped
31/07/2014
11:4:44
31/07/2014
11:4:42
User Processes appstore#s2$c.exe Process stopped
31/07/2014
11:4:35
31/07/2014
11:4:22
31/07/2014
11:4:20
User Processes appstore#s2$c Process started
31/07/2014
11:45:58
31/07/2014
11:45:47
31/07/2014
11:45:47
31/07/2014
11:45:47
31/07/2014
11:45:45
31/07/2014
11:45:3
31/07/2014
11:45:23 User Processes Updater.exe Process stopped
31/07/2014
11:45:23
31/07/2014
11:45:16
31/07/2014
11:45:16
User Processes SearchilterHost.exe Process stopped
31/07/2014
11:45:01
User S!ste" user i#active User $e#t i#active
31/07/2014
11:44:5%
31/07/2014
11:44:43
31/07/2014
11:44:34
31/07/2014
11:44:30
31/07/2014
11:44:26
User Processes spar&.exe Process stopped
31/07/2014
11:44:23
User Processes so't"(r)update.exe Process stopped
31/07/2014
11:44:23
User Processes co#host.exe Process stopped
31/07/2014
11:44:23
31/07/2014
11:44:23
User Processes spar& Process started
31/07/2014
11:44:21
31/07/2014
11:44:1%
31/07/2014
11:44:1%
User Processes outloo& Process started
31/07/2014
11:44:11
User Processes search'ilterhost Process started
31/07/2014
11:42:0*
User S!ste" +o(o#
User : User
,he co"puter have lo((ed o#
31/07/2014
11:25:05
User Processes lo(o#ui Process started
31/07/2014
11:25:05
User S!ste" Shut-o$#
User : User
,he co"puter have shut do$#
31/07/2014
11:25:04
User .e!stro&es U#&#o$# /pplicatio#
/ctive $i#do$ : U#&#o$# /pplicatio#
Process #a"e : explorer
31/07/2014
11:24:54
31/07/2014
11:24:54
31/07/2014
11:24:54
31/07/2014
11:24:41
31/07/2014
11:24:32
User S!ste" user active User $e#t active
31/07/2014
11:24:2*
31/07/2014
11:24:2*
User Processes audiod(.exe Process stopped
31/07/2014
11:24:17
User Processes ,rusted0#staller.exe Process stopped
31/07/2014
11:24:0%
31/07/2014
11:24:05
31/07/2014
11:23:54
31/07/2014
11:23:54
31/07/2014
11:23:45
User Processes P1/ppStore.exe Process stopped
31/07/2014
11:23:43
User Processes pcappstore Process started
31/07/2014
11:23:41
31/07/2014
11:23:30
31/07/2014
11:23:2*
31/07/2014
11:23:0%
31/07/2014
11:22:54
31/07/2014
11:22:41
31/07/2014
11:22:2*
31/07/2014
11:22:2*
31/07/2014
11:22:2*
31/07/2014
11:22:0%
31/07/2014
11:21:54
31/07/2014
11:21:41
31/07/2014
11:21:28
31/07/2014
11:21:12
User
Mouse
click
DataCardMoitor
!ctive "ido" : DataCardMoitor
Process a#e : dcs$elper
Mouse clicks : 1
31/07/2014
11:21:12
User
Mouse
click
Pro%ra# Maa%er
!ctive "ido" : Pro%ra# Maa%er
Mouse clicks : 40
31/07/2014
11:21:07
31/07/2014
11:20:&4
31/07/2014
11:20:41
31/07/2014
11:20:28
31/07/2014
11:20:07
31/07/2014
11:20:00
User Processes taske%.exe Process stopped
31/07/2014
11:1':&(
User Processes searc$)ilter$ost Process started
31/07/2014
11:1':&(
User Processes *earc$+ilter,ost.exe Process stopped
31/07/2014
11:1':&4
31/07/2014
11:1':41
31/07/2014
11:1':41
User Processes svc$ost.exe Process stopped
31/07/2014
11:1':28
31/07/2014
11:1':28
User Processes *olitaire.exe Process stopped
31/07/2014
11:1':28
User
Mouse
click
Paci-.cia
!ctive "ido" : Paci-.cia
Process a#e : solitaire
Mouse clicks : 1
31/07/2014
11:1':21
User
Mouse
click
/-0o ,-1 Mais Movi#etos
!ctive "ido" : /-0o ,-1 Mais Movi#etos
Mouse clicks : 1
31/07/2014
11:1':0'
31/07/2014
11:18:&(
31/07/2014
11:18:&4
31/07/2014
11:18:&4
31/07/2014
11:18:41
31/07/2014
11:18:28
31/07/2014
11:18:08
31/07/2014
11:17:&&
31/07/2014
11:17:&4
User
Mouse
click
Paci-.cia
!ctive "ido" : Paci-.cia
Mouse clicks : 24
31/07/2014
11:17:48
User Processes solitaire Process started
31/07/2014
11:17:4&
User
Mouse
click
2o%os
!ctive "ido" : 2o%os
Mouse clicks : 2
31/07/2014
11:17:44
User Processes *pider*olitaire.exe Process stopped
31/07/2014
11:17:42
31/07/2014
11:17:42
User
Mouse
click
Paci-.cia *pider
!ctive "ido" : Paci-.cia *pider
Process a#e : spidersolitaire
Mouse clicks : 1
31/07/2014
11:17:41
User
Mouse
click
*elecioar Di)iculdade
!ctive "ido" : *elecioar Di)iculdade
Process a#e : spidersolitaire
Mouse clicks : 1
31/07/2014
11:17:40
User Processes svc$ost Process started
31/07/2014
11:17:37
User Processes spidersolitaire Process started
31/07/2014
11:17:37
User Processes audiod% Process started
31/07/2014
11:17:3&
User
Mouse
click
2o%os
!ctive "ido" : 2o%os
Mouse clicks : 2
31/07/2014
11:17:28
User Processes *earc$+ilter,ost.exe Process stopped
31/07/2014
11:17:28
31/07/2014
11:17:28
User Processes searc$)ilter$ost Process started
31/07/2014
11:17:07
User Processes dll$ost.exe Process stopped
31/07/2014
11:17:07
31/07/2014 file///!/Progra"#ata/$ys#ir/Te"p/Print%&t"l'eport(ht"
31/07/2014
11:17:03
31/07/2014
11:16:54
31/07/2014
11:16:41
31/07/2014
11:16:28
31/07/2014
11:16:07
31/07/2014
11:16:05
31/07/2014
11:16:00
31/07/2014
11:15:55
User
Mouse
clic
Me!u "!iciar
#ctive $i!do$ : Me!u "!iciar
Process !a%e : explorer
Mouse clics : 1
31/07/2014
11:15:54
31/07/2014
11:15:51
User &'ste% user active User $e!t active
31/07/2014
11:15:51
User
Mouse
clic
Pro(ra% Ma!a(er
#ctive $i!do$ : Pro(ra% Ma!a(er
Process !a%e : explorer
Mouse clics : 1
31/07/2014
11:15:41
31/07/2014
11:15:28
User Processes search)ilterhost Process started
31/07/2014
11:15:28
31/07/2014
11:15:07
31/07/2014
11:15:00
User Processes tase!( Process started
31/07/2014
11:14:54
User Processes &earch*ilter+ost.exe Process stopped
31/07/2014
11:14:54
31/07/2014
11:14:41
31/07/2014
11:14:28
31/07/2014
11:14:07
31/07/2014
11:14:01
User Processes trustedi!staller Process started
31/07/2014
11:13:54
31/07/2014
11:13:52
User Processes #pp&toreUpdater.exe Process stopped
31/07/2014
11:13:52
User Processes ,avUpdater.exe Process stopped
31/07/2014
11:13:43
31/07/2014
11:13:43
User Processes -avupdater Process started
31/07/2014
11:13:41
31/07/2014
11:13:3.
User Processes %siexec.exe Process stopped
31/07/2014
11:13:28
31/07/2014
11:13:07
31/07/2014
11:12:54
31/07/2014
11:12:41
31/07/2014
11:12:35
User Processes tashost.exe Process stopped
31/07/2014
11:12:28
User Processes &earch*ilter+ost.exe Process stopped
31/07/2014
11:12:28
User Processes search)ilterhost Process started
31/07/2014
11:12:28
31/07/2014
11:12:07
31/07/2014
11:11:54
31/07/2014
11:11:41
31/07/2014
11:11:28
31/07/2014
11:11:24
31/07/2014
11:11:07
31/07/2014
11:10:54
31/07/2014
11:10:41
31/07/2014
User Processes tashost Process started
11:10:34
31/07/2014
11:10:28
31/07/2014
11:10:28
31/07/2014
11:10:06
31/07/2014
11:09:3
31/07/2014
11:09:3
User Processes !earch"ilter#ost.exe Process stopped
31/07/2014
11:09:47
31/07/2014
11:09:47
User Processes soft%&r'update.exe Process stopped
31/07/2014
11:09:43
31/07/2014
11:09:43
User Processes soft%&r'update Process started
31/07/2014
11:09:40
31/07/2014
11:09:27
31/07/2014
11:09:08
31/07/2014
11:09:04
User Processes P("Popups.exe Process stopped
31/07/2014
11:08:7
31/07/2014
11:08:
31/07/2014
11:08:46
User Processes audiod&.exe Process stopped
31/07/2014
11:08:44
31/07/2014
11:08:44
User Processes )pp*o&+eporter.exe Process stopped
31/07/2014
11:08:42
31/07/2014
11:08:42
User Processes applo&reporter Process started
31/07/2014
11:08:40
User Processes tas,e$&.exe Process stopped
31/07/2014
11:08:40
31/07/2014
11:08:33
User Processes !earchProtocol#ost.exe Process stopped
31/07/2014
11:08:27
31/07/2014
11:08:07
31/07/2014
11:07:4
31/07/2014
11:07:41
31/07/2014
11:07:30
31/07/2014
11:07:30
31/07/2014
11:07:30
31/07/2014
11:07:28
31/07/2014
11:07:21
User Processes -%i32.exe Process stopped
31/07/2014
11:07:08
31/07/2014
11:07:04
User Processes appstore's.$c.exe Process stopped
31/07/2014
11:06:4
User !.ste% user i$active User -e$t i$active
31/07/2014
11:06:3
31/07/2014
11:06:42
User Processes appstore's.$c Process started
31/07/2014
11:06:40
31/07/2014
11:06:27
31/07/2014
11:06:20
31/07/2014
11:06:20
31/07/2014
11:06:18
31/07/2014
11:06:07
31/07/2014
11:06:07
User Processes re&svr32.exe Process stopped
31/07/2014
11:06:0
User Processes re&svr32 Process started
31/07/2014
11:0:6
31/07/2014
11:05:56
31/07/2014
11:05:54
31/07/2014
11:05:54
31/07/2014
11:05:54
31/07/2014
11:05:44
31/07/2014
11:05:39
31/07/2014
11:05:26
31/07/2014
11:05:07
User Processes wmi32 Process started
31/07/2014
11:04:56
User Processes dllost.exe Process stopped
31/07/2014
11:04:56
User Processes outloo! Process started
31/07/2014
11:03:13
User "#stem $o%o&
User : User
'e computer ave lo%%ed o&
31/07/2014
10:53:17
User Processes P()'ra#.exe Process stopped
31/07/2014
10:53:17
User Processes *("+elper.exe Process stopped
31/07/2014
10:53:17
User Processes spar!update.exe Process stopped
31/07/2014
10:53:17
User Processes ,ivo 3-.exe Process stopped
31/07/2014
10:53:17
User Processes (.Updater.exe Process stopped
31/07/2014
10:53:17
User Processes lo%o&ui Process started
31/07/2014
10:53:17
User "#stem "ut*ow&
User : User
'e computer ave sut dow&
31/07/2014
10:53:15
User /e#stro!es *esli%ar o 0i&dows
1ctive wi&dow : *esli%ar o 0i&dows
Process &ame : explorer
31/07/2014
10:53:11
User
.ouse
clic!
U&!&ow& 1pplicatio&
1ctive wi&dow : U&!&ow& 1pplicatio&
Process &ame : s#sdir
.ouse clic!s : 1
31/07/2014
10:53:11
User
.ouse
clic!
Pro%ram .a&a%er
1ctive wi&dow : Pro%ram .a&a%er
Process &ame : explorer
.ouse clic!s : 6
31/07/2014
10:53:06
User Processes 2ire2ox.exe Process stopped
31/07/2014
10:53:04
User
.ouse
clic!
3em4vi&do/a ao )ace5oo! 4 6&icia
sess78o9 re%ista4te ou sa5e mais 4
.o:illa )ire2ox
1ctive wi&dow : 3em4vi&do/a ao )ace5oo! 4 6&icia sess78o9 re%ista4te ou sa5e mais 4 .o:illa )ire2ox
Process &ame : 2ire2ox
.ouse clic!s : 1
31/07/2014
10:51:49
User Processes audiod%.exe Process stopped
31/07/2014
10:51:16
31/07/2014
10:51:09
User Processes dllost Process started
31/07/2014
10:46:49
User Processes )lasPla#erPlu%i&;14;0;0;145.exe Process stopped
31/07/2014
10:46:49
User Processes plu%i&4co&tai&er.exe Process stopped
31/07/2014
10:46:49
User Processes )lasPla#erPlu%i&;14;0;0;145.exe Process stopped
31/07/2014
10:46:0<
User /e#stro!es
Pr7=ximo (all >2 *ut# pode ser
3lac! >ps 3 4 (all o2 *ut#: 3lac!
>ps 2 4 .o:illa )ire2ox
0e5pa%e : ttp://www.%amevicio.com/i/&oticias/1<0/1<05<54proximo4call4o24dut#4pode4ser45lac!4ops43/
1ctive wi&dow : Pr7=ximo (all >2 *ut# pode ser 3lac! >ps 3 4 (all o2 *ut#: 3lac! >ps 2 4 .o:illa )ire2ox
/e#stro!es : www.2ac
www.2
31/07/2014
10:46:03
User
.ouse
clic!
Pr7=ximo (all >2 *ut# pode ser
3lac! >ps 3 4 (all o2 *ut#: 3lac!
>ps 2 4 .o:illa )ire2ox
0e5pa%e : ttp://www.%amevicio.com/i/&oticias/1<0/1<05<54proximo4call4o24dut#4pode4ser45lac!4ops43/
1ctive wi&dow : Pr7=ximo (all >2 *ut# pode ser 3lac! >ps 3 4 (all o2 *ut#: 3lac! >ps 2 4 .o:illa )ire2ox
.ouse clic!s : 25
31/07/2014
10:45:55
User Processes "earcProtocol+ost.exe Process stopped
31/07/2014
10:45:55
User Processes "earc)ilter+ost.exe Process stopped
31/07/2014
10:44:49
User Processes searcprotocolost Process started
31/07/2014
10:44:49
User Processes searc2ilterost Process started
31/07/2014
10:43:56
User
.ouse
clic!
call o2 du# 5lac! ops 3 4 Pes?uisa
-oo%le 4 .o:illa )ire2ox
0e5pa%e : ttps://www.%oo%le.com.5r/searc@?AcallBo2Bdu#B5lac!BopsB3CieAut24<CoeAut24<Ca?AtCrlsAor%.mo:illa:pt43D:o22icialCclie&tA2ire2ox
1ctive wi&dow : call o2 du# 5lac! ops 3 4 Pes?uisa -oo%le 4 .o:illa )ire2ox
.ouse clic!s : 1
31/07/2014
10:43:37
User
.ouse
clic!
(all >2 *ut# 3lac! >ps 3 'railer 4
Eou'u5e 4 .o:illa )ire2ox
0e5pa%e : ttps://www.#outu5e.com/watc@vAd6+!u23/1.o
1ctive wi&dow : (all >2 *ut# 3lac! >ps 3 'railer 4 Eou'u5e 4 .o:illa )ire2ox
.ouse clic!s : 11
31/07/2014
10:43:35
User
.ouse
clic!
.o:illa )ire2ox
0e5pa%e : a5out:5la&!
1ctive wi&dow : .o:illa )ire2ox
.ouse clic!s : 1
31/07/2014
10:43:30
User
.ouse
clic!
(all >2 *ut# 3lac! >ps 3 'railer 4
Eou'u5e 4 .o:illa )ire2ox
1ctive wi&dow : (all >2 *ut# 3lac! >ps 3 'railer 4 Eou'u5e 4 .o:illa )ire2ox
.ouse clic!s : 1
31/07/2014
10:42:55
User
.ouse
clic!
@ (all >2 *ut# 3lac! >ps 3 'railer
4 Eou'u5e 4 .o:illa )ire2ox
1ctive wi&dow : @ (all >2 *ut# 3lac! >ps 3 'railer 4 Eou'u5e 4 .o:illa )ire2ox
Mouse clicks : 1
31/07/2014
10:40:52
31/07/2014
10:39:21
User Processes flashplayerplugi!14!0!0!145 Process started
31/07/2014
10:39:21
User Processes flashplayerplugi!14!0!0!145 Process started
31/07/2014
10:39:1"
User Processes plugi#cotaier Process started
31/07/2014
10:3":53
User
Mouse
click
call of duy $lack ops 3 # Pes%uisa
&oogle # Mo'illa (irefo)
*e$page : https://+++,google,co-,$r/search.%/call0of0duy0$lack0ops031ie/utf#"1oe/utf#"1a%/t1rls/org,-o'illa:pt#23:official1cliet/firefo)
4cti5e +ido+ : call of duy $lack ops 3 # Pes%uisa &oogle # Mo'illa (irefo)
Process a-e : firefo)
Mouse clicks : 1
31/07/2014
10:37:23
User
Mouse
click
(alha o carrega-eto da p67gia #
Mo'illa (irefo)
*e$page : http://+++,google,co-,$r/
4cti5e +ido+ : (alha o carrega-eto da p67gia # Mo'illa (irefo)
Mouse clicks : 1
31/07/2014
10:37:20
User 8eystrokes
Mo'illa (irefo)
8eystrokes : cacall of duy $lack ops 3
31/07/2014
10:37:1"
User
Mouse
click
Mo'illa (irefo)
*e$page : a$out:$lak
4cti5e +ido+ : Mo'illa (irefo)
Mouse clicks : 1
31/07/2014
10:37:09
User Processes firefo) Process started
31/07/2014
10:37:04
User
Mouse
click
:iciar
4cti5e +ido+ : :iciar
Process a-e : e)plorer
Mouse clicks : 1
31/07/2014
10:37:01
User Processes firefo),e)e Process stopped
31/07/2014
10:39:59
User
Mouse
click
Mo'illa (irefo)
4cti5e +ido+ : Mo'illa (irefo)
Mouse clicks : 1
31/07/2014
10:39:09
User
Mouse
click
cara'i # Pes%uisa &oogle # Mo'illa
(irefo)
*e$page : https://+++,google,co-,$r/search.%/carasi1ie/utf#"1oe/utf#"1a%/t1rls/org,-o'illa:pt#23:official1cliet/firefo)
a1chael/s$1gfe!rd/cr1ei/5;<aU"<:(=>?"+e@l=Ag4+Bchael/s$1%/cara'i1re5id/7729023591rls/org,-o'illa:pt#23:official
4cti5e +ido+ : cara'i # Pes%uisa &oogle # Mo'illa (irefo)
Mouse clicks : 1
31/07/2014
10:35:53
User Processes audiodg,e)e Process stopped
31/07/2014
10:35:53
User Processes >earchProtocolCost,e)e Process stopped
31/07/2014
10:35:53
User Processes >earch(ilterCost,e)e Process stopped
31/07/2014
10:35:05
User
Mouse
click
carasi # Pes%uisa &oogle # Mo'illa
(irefo)
*e$page : https://+++,google,co-,$r/search.%/carasi1ie/utf#"1oe/utf#"1a%/t1rls/org,-o'illa:pt#23:official1cliet/firefo)
4cti5e +ido+ : carasi # Pes%uisa &oogle # Mo'illa (irefo)
Mouse clicks : 1
31/07/2014
10:34:47
31/07/2014
10:34:47
31/07/2014
10:33:53
User 8eystrokes assustador,co- # Mo'illa (irefo)
*e$page : http://+++,assustador,co-/caf/.
ses/=3DlPE;0M@=4MEM1F'=-d&FpG@13d3cu=<F'd<F0=*35ci5?$201M23hF@U4H&M)=?M0MA40FE:4F@4+M>G-a2k9F@c+M@g5D3hc2s9c2Ihc-FoD-35$*(p$?1hc3F1c33hG&9yJ-F5$>G'PE=2M-U3G?4'G?d-=*G-=?k5M'g4D-)h$-d1=*dlP<20D-(fa*K9M+//1%uery/(otosL
20reais1afdEoke/ArM2AhM:ha?t!9E55+:Ioys0Ah0%HK43&4;g4(@30842U:!3#K(K!sfD2IA>2uKCUF#3lghK#$p(IA9r4?UPagr>lKh%&t8IAl1c5dUJAA7pc2UH-A7pc2UJ%Al502U8C84M:2UMrK
fu!9E55+:Ih:)pAh1o@K4y?K&F)d3rkK&8A1E3=uI!Hp;22cu#;7<y5=g>&KAchKD8I)$%s@p"<G9:3!Ua2cE%I$3H58s
4cti5e +ido+ : assustador,co- # Mo'illa (irefo)
8eystrokes : carasi
carasi
31/07/2014
10:33:53
User Processes *M:4@4P,e)e Process stopped
31/07/2014
10:33:34
User
Mouse
click
assustador,co- # Mo'illa (irefo)
*e$page : http://+++,assustador,co-/
4cti5e +ido+ : assustador,co- # Mo'illa (irefo)
Mouse clicks : 3
31/07/2014
10:33:07
User Processes s5chost,e)e Process stopped
31/07/2014
10:32:51
User 8eystrokes
Mo'illa (irefo)
*e$page : http://+++,assustador,co-/
31/07/2014
10:32:29
User 8eystrokes &oogle # Mo'illa (irefo)
*e$page : https://+++,google,co-,$r/.g+s!rd/ssl
4cti5e +ido+ : &oogle # Mo'illa (irefo)
8eystrokes : +++,assustarMN##Odor MN##O,co-
31/07/2014
10:32:23
User Processes dllhost,e)e Process stopped
31/07/2014
10:32:21
User
Mouse
click
&oogle # Mo'illa (irefo)
*e$page : https://+++,google,co-,$r/.g+s!rd/ssl
4cti5e +ido+ : &oogle # Mo'illa (irefo)
Mouse clicks : 13
31/07/2014
10:32:19
31/07/2014
10:32:07
User Processes >earch(ilterCost,e)e Process stopped
31/07/2014
10:32:07
User Processes >earchProtocolCost,e)e Process stopped
31/07/2014
10:32:04
User
Mouse
click
Mo'illa (irefo)
Mouse clicks : 1
31/07/2014
10:31:4"
User Processes +-iadap Process started
31/07/2014
10:31:49
User Processes firefo) Process started
31/07/2014
10:31:44
User
Mouse
click
:iciar 4cti5e +ido+ : :iciar
Process a-e : e)plorer
Pgina )0 de 129 The Best Keylogger report generator
Mouse clicks : 1
31/07/2014
10:31:33
User
Mouse
click
Unknown Application
Process name : vivo 3g
Mouse clicks : 1
31/07/2014
10:31:31
User
Mouse
click
Messageo!
Active window : Messageo!
Mouse clicks : 1
31/07/2014
10:31:2"
User
Mouse
click
#iew Availa$le %etworks
Active window : #iew Availa$le %etworks
Process name : e!plorer
Mouse clicks : 1
31/07/2014
10:31:2&
User Processes e'ectdisk(e!e Process stopped
31/07/2014
10:31:24
User Processes liveupdate(e!e Process stopped
31/07/2014
10:31:22
User Processes dll)ost(e!e Process stopped
31/07/2014
10:31:22
User
Mouse
click
Unknown Application
Mouse clicks : 1
31/07/2014
10:31:1&
31/07/2014
10:31:1*
User
Mouse
click
+MUpdater
Active window : +MUpdater
Process name : cmupdater
Mouse clicks : 1
31/07/2014
10:31:13
User Processes dll)ost(e!e Process stopped
31/07/2014
10:31:0"
31/07/2014
10:31:07
User Processes e'ectdisk Process started
31/07/2014
10:31:07
User Processes svc)ost Process started
31/07/2014
10:31:07
User Processes task)ost(e!e Process stopped
31/07/2014
10:31:0*
User Processes vivo 3g Process started
31/07/2014
10:31:0*
User Processes cmupdater Process started
31/07/2014
10:31:0*
User Processes searc),ilter)ost Process started
31/07/2014
10:31:0*
User Processes task)ost Process started
31/07/2014
10:31:03
User
Mouse
click
Program Manager
Mouse clicks : 2
31/07/2014
10:31:02
31/07/2014
10:31:02
User Processes -earc).ilter/ost(e!e Process stopped
31/07/2014
10:31:00
User
Mouse
click
#iew Availa$le %etworks
Active window : #iew Availa$le %etworks
Mouse clicks : 1
31/07/2014
10:30:*0
User
Mouse
click
Unknown Application
Process name : s1sdir
Mouse clicks : 1
31/07/2014
10:30:*&
31/07/2014
10:30:*3
User Processes #ivo 32(e!e Process stopped
31/07/2014
10:30:*3
User Processes +MUpdater(e!e Process stopped
31/07/2014
10:30:*3
31/07/2014
10:30:*1
User
Mouse
click
Messageo!
Active window : Messageo!
Mouse clicks : 1
31/07/2014
10:30:43
31/07/2014
10:30:32
31/07/2014
10:30:27
User Processes svc)ost(e!e Process stopped
31/07/2014
10:30:17
31/07/2014
10:30:04
31/07/2014
10:30:02
31/07/2014
10:30:02
31/07/2014
10:30:02
User
Mouse
click
Unknown Application
Mouse clicks : 3
31/07/2014
10:30:00
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
10:2":**
31/07/2014
10:2":42
31/07/2014
10:2":27
31/07/2014
10:2":1&
31/07/2014
10:2":07
31/07/2014
10:29:03
31/07/2014
10:29:03
31/07/2014
10:29:03
User Processes SearchFilterHost.ee Process stopped
31/07/2014
10:2!:"#
User Processes liveupdate.ee Process stopped
31/07/2014
10:2!:"#
User
$ouse
clic%
&ie' (vaila)le *et'or%s
(ctive 'i+do' : &ie' (vaila)le *et'or%s
Process +a,e : eplorer
$ouse clic%s : 1
31/07/2014
10:2!:"0
User
$ouse
clic%
U+%+o'+ (pplicatio+
(ctive 'i+do' : U+%+o'+ (pplicatio+
Process +a,e : vivo 3-
$ouse clic%s : 1
31/07/2014
10:2!:4#
User Processes e.ectdis%.ee Process stopped
31/07/2014
10:2!:41
31/07/2014
10:2!:39
User Processes /$0(1(P.ee Process stopped
31/07/2014
10:2!:33
User
$ouse
clic%
2$Updater
(ctive 'i+do' : 2$Updater
Process +a,e : c,updater
$ouse clic%s : 1
31/07/2014
10:2!:2#
31/07/2014
10:2!:2#
User Processes 2laro.ee Process stopped
31/07/2014
10:2!:2#
User Processes e.ectdis% Process started
31/07/2014
10:2!:24
User Processes c,updater Process started
31/07/2014
10:2!:17
User Processes vivo 3- Process started
31/07/2014
10:2!:17
User
$ouse
clic%
U+%+o'+ (pplicatio+
(ctive 'i+do' : U+%+o'+ (pplicatio+
Process +a,e : s3sdir
$ouse clic%s : 1
31/07/2014
10:2!:17
User
$ouse
clic%
Pro-ra, $a+a-er
(ctive 'i+do' : Pro-ra, $a+a-er
Process +a,e : eplorer
$ouse clic%s : 1
31/07/2014
10:2!:1"
31/07/2014
10:2!:1"
User
$ouse
clic%
2laro
(ctive 'i+do' : 2laro
Process +a,e : claro
$ouse clic%s : 1
31/07/2014
10:2!:13
User
$ouse
clic%
(viso de co+e45o de rede
(ctive 'i+do' : (viso de co+e45o de rede
$ouse clic%s : 1
31/07/2014
10:2!:09
User
$ouse
clic%
(viso
(ctive 'i+do' : (viso
$ouse clic%s : 3
31/07/2014
10:2!:02
31/07/2014
10:27:""
31/07/2014
10:27:43
31/07/2014
10:27:17
31/07/2014
10:27:04
31/07/2014
10:27:04
31/07/2014
10:27:04
31/07/2014
10:27:04
31/07/2014
10:27:01
31/07/2014
10:27:01
31/07/2014
10:27:01
31/07/2014
10:2#:""
31/07/2014
10:2#:42
31/07/2014
10:2#:1#
31/07/2014
10:2#:14
User
$ouse
clic%
2laro
$ouse clic%s : 7
31/07/2014
10:2#:13
User
$ouse
clic%
$ouse clic%s : 1
31/07/2014
10:2#:0#
User
$ouse
clic%
2laro
$ouse clic%s : 3
31/07/2014
10:2#:03
User Processes ',iadap Process started
31/07/2014
10:2#:03
31/07/2014
10:2":"9
User
$ouse
clic%
$ouse clic%s : 2
31/07/2014
10:2":"#
31/07/2014
10:25:43
User Processes XStartScreen.exe Process stopped
31/07/2014
10:25:41
31/07/2014
10:25:30
User Processes xstartscreen Process started
31/07/2014
10:25:28
User Processes claro Process started
31/07/2014
10:25:28
User
ouse
clic!
Pro"ra# ana"er
$ctive %indo% : Pro"ra# ana"er
Process na#e : explorer
ouse clic!s : 3
31/07/2014
10:25:15
31/07/2014
10:25:02
31/07/2014
10:24:5&
31/07/2014
10:24:45
User Processes searc'(ilter'ost Process started
31/07/2014
10:24:41
31/07/2014
10:24:41
User Processes Searc')ilter*ost.exe Process stopped
31/07/2014
10:24:20
User Processes +,+a#Suite.exe Process stopped
31/07/2014
10:24:18
User
ouse
clic!
Un!no%n $pplication
$ctive %indo% : Un!no%n $pplication
Process na#e : ctca#suite
ouse clic!s : 2
31/07/2014
10:24:1&
31/07/2014
10:24:01
31/07/2014
10:23:55
31/07/2014
10:23:42
31/07/2014
10:23:1&
User S-ste# user active User %ent active
31/07/2014
10:23:15
31/07/2014
10:23:02
31/07/2014
10:22:54
31/07/2014
10:22:41
31/07/2014
10:22:41
31/07/2014
10:22:41
31/07/2014
10:22:14
31/07/2014
10:22:02
31/07/2014
10:21:55
31/07/2014
10:21:43
31/07/2014
10:21:15
31/07/2014
10:21:03
31/07/2014
10:20:54
31/07/2014
10:20:42
31/07/2014
10:20:42
31/07/2014
10:20:42
31/07/2014
10:20:14
31/07/2014
10:20:0.
User S-ste# user inactive User %ent inactive
31/07/2014
10:20:02
31/07/2014
10:20:02
User Processes tas!en".exe Process stopped
31/07/2014
10:1.:5&
31/07/2014
10:1.:41
31/07/2014
10:1.:1&
31/07/2014
10:1.:01
31/07/2014
10:18:55
31/07/2014
10:18:42
31/07/2014
10:18:42
31/07/2014
10:18:42
31/07/2014
10:18:15
31/07/2014
10:18:02
31/07/2014
10:17:58
User
ouse
clic!
+a#eraSuite
$ctive %indo% : +a#eraSuite
ouse clic!s : &
31/07/2014
10:17:5&
31/07/2014
10:17:47
User
ouse
clic!
Un!no%n $pplication
ouse clic!s : 3
31/07/2014
10:17:41
31/07/2014
10:17:1&
31/07/2014
10:17:01
31/07/2014
10:1&:55
31/07/2014
10:1&:42
31/07/2014
10:1&:15
31/07/2014
10:1&:02
31/07/2014
10:1&:02
31/07/2014
10:1&:01
User
ouse
clic!
+a#eraSuite
ouse clic!s : 15
31/07/2014
10:15:5&
31/07/2014
10:15:41
31/07/2014
10:15:41
31/07/2014
10:15:37
User
ouse
clic!
Un!no%n $pplication
ouse clic!s : 5
31/07/2014
10:15:1&
31/07/2014
10:15:01
User Processes tas!en" Process started
31/07/2014
10:15:01
31/07/2014
10:14:55
31/07/2014
10:14:42
31/07/2014
10:14:32
User
ouse
clic!
+a#eraSuite
ouse clic!s : 5
31/07/2014
10:14:15
31/07/2014
10:14:02
31/07/2014
10:13:5&
31/07/2014
10:13:4&
User
ouse
clic!
Un!no%n $pplication
ouse clic!s : 5
31/07/2014
10:13:41
31/07/2014
10:13:41
31/07/2014
10:13:41
31/07/2014
10:13:1&
31/07/2014
10:13:01
31/07/2014
10:12:55
31/07/2014
10:12:42
31/07/2014
10:12:15
31/07/2014
10:12:02
31/07/2014
10:11:54
31/07/2014
10:11:41
31/07/2014
10:11:32
User
ouse
clic!
+a#eraSuite
ouse clic!s : 1&
31/07/2014
10:11:1&
31/07/2014
10:11:02
User
ouse
clic!
Un!no%n $pplication
ouse clic!s : .
31/07/2014
10:11:01
31/07/2014
10:11:01
31/07/2014
10:11:01
31/07/2014
10:10:55
31/07/2014
10:10:53
User
ouse
clic!
+a#eraSuite
ouse clic!s : 2
31/07/2014
10:10:42
31/07/2014
10:10:41
User
ouse
clic!
Un!no%n $pplication
ouse clic!s : 2
31/07/2014
10:10:15
31/07/2014
10:10:02
31/07/2014
10:0.:54
31/07/2014
10:0.:41
31/07/2014
10:0.:14
31/07/2014
10:0.:01
31/07/2014
10:08:55
31/07/2014
10:08:42
31/07/2014
10:08:42
31/07/2014
10:08:42
31/07/2014
10:08:15
31/07/2014
10:08:00
31/07/2014
10:07:57
User
ouse
clic!
+a#eraSuite
ouse clic!s : 1
31/07/2014
10:07:54
31/07/2014
10:07:41
31/07/2014
10:07:14
31/07/2014
10:07:01
31/07/2014
10:0&:55
31/07/2014
10:0&:40
31/07/2014
10:0&:40
31/07/2014
10:0&:40
31/07/2014
10:0&:1.
User
ouse
clic!
Un!no%n $pplication
ouse clic!s : &
31/07/2014
10:0&:15
31/07/2014
10:0&:0.
User S-ste# user active User %ent active
31/07/2014
10:0&:01
31/07/2014
10:05:54
31/07/2014
10:05:42
31/07/2014
10:05:14
31/07/2014
10:05:02
31/07/2014
10:04:53
31/07/2014
10:04:41
31/07/2014
10:04:14
31/07/2014
10:04:03
31/07/2014
10:04:01
31/07/2014
10:04:01
31/07/2014
10:03:55
31/07/2014
10:03:42
31/07/2014
10:03:23
User Processes tas!'ost.exe Process stopped
31/07/2014
10:03:15
31/07/2014
10:03:02
31/07/2014
10:02:54
31/07/2014
10:02:41
31/07/2014
10:02:14
31/07/2014
10:02:01
31/07/2014
10:02:01
31/07/2014
10:01:55
31/07/2014
10:01:40
31/07/2014
10:01:40
User Processes SearchFilterost.exe Process stopped
31/07/2014
10:01:23
User Processes tas!host Process started
31/07/2014
10:01:15
31/07/2014
10:01:00
31/07/2014
10:00:54
31/07/2014
10:00:41
31/07/2014
10:00:14
31/07/2014
10:00:02
31/07/2014
0":5":53
31/07/2014
0":5":41
31/07/2014
0":5":41
31/07/2014
0":5":41
31/07/2014
0":5":13
31/07/2014
0":5":01
31/07/2014
0":5#:54
31/07/2014
0":5#:42
31/07/2014
0":5#:15
31/07/2014
0":5#:02
31/07/2014
0":57:54
31/07/2014
0":57:41
31/07/2014
0":57:41
31/07/2014
0":57:41
31/07/2014
0":57:14
31/07/2014
0":57:01
31/07/2014
0":5$:55
31/07/2014
0":5$:40
31/07/2014
0":5$:15
31/07/2014
0":5$:00
31/07/2014
0":55:54
31/07/2014
0":55:41
31/07/2014
0":55:41
31/07/2014
0":55:41
31/07/2014
0":55:14
31/07/2014
0":55:01
31/07/2014
0":54:55
31/07/2014
0":54:40
31/07/2014
0":54:13
31/07/2014
0":54:01
31/07/2014
09:53:54 User Processes liveupdate.exe Process stopped
31/07/2014
09:53:42
31/07/2014
09:53:42
31/07/2014
09:53:42
User Processes Searchilter!ost.exe Process stopped
31/07/2014
09:53:14
31/07/2014
09:53:02
31/07/2014
09:52:53
31/07/2014
09:52:41
31/07/2014
09:52:14
31/07/2014
09:52:01
31/07/2014
09:51:55
31/07/2014
09:51:40
31/07/2014
09:51:40
31/07/2014
09:51:40
31/07/2014
09:51:15
31/07/2014
09:51:00
31/07/2014
09:50:54
31/07/2014
09:50:41
31/07/2014
09:50:14
31/07/2014
09:50:01
31/07/2014
09:49:53
31/07/2014
09:49:40
31/07/2014
09:49:40
31/07/2014
09:49:40
31/07/2014
09:49:13
31/07/2014
09:49:00
31/07/2014
09:4":54
31/07/2014
09:4":42
31/07/2014
09:4":14
31/07/2014
09:4":09
User S#ste$ user i%active User &e%t i%active
31/07/2014
09:4":02
31/07/2014
09:47:53
31/07/2014
09:47:41
31/07/2014
09:47:41
31/07/2014
09:47:13
31/07/2014
09:47:01
31/07/2014
09:47:01
31/07/2014
09:4':54
31/07/2014
09:4':40
31/07/2014
09:4':15
31/07/2014
09:4':00
31/07/2014
09:45:54
31/07/2014
09:45:41
31/07/2014
09:45:25
User
(ouse
clic)
*a$eraSuite
+ctive &i%do& : *a$eraSuite
Process %a$e : ctca$suite
(ouse clic)s : 2
31/07/2014
09:45:22
User S#ste$ user active User &e%t active
31/07/2014
09:45:22
User
(ouse
clic)
Pr,-.visuali/ar
+ctive &i%do& : Pr,-.visuali/ar
(ouse clic)s : 1
31/07/2014
09:45:14
31/07/2014
09:45:01
31/07/2014
09:44:53
31/07/2014
09:44:44
31/07/2014
09:44:44
31/07/2014
09:44:40
31/07/2014
09:44:13
31/07/2014
09:44:0"
User S#ste$ user i%active User &e%t i%active
31/07/2014
09:44:00
31/07/2014
09:43:54
31/07/2014
09:43:42
31/07/2014
09:43:14
31/07/2014
09:43:00
31/07/2014
09:42:53
31/07/2014
09:42:41
31/07/2014
09:42:41
31/07/2014
09:42:41
31/07/2014
09:42:14
31/07/2014
09:42:01
31/07/2014
09:41:55
31/07/2014
09:41:40
31/07/2014
09:41:13
31/07/2014
09:41:12
User
'ouse
clic(
)a$eraSuite
*ctive &i%do& : )a$eraSuite
'ouse clic(s : 1
31/07/2014
09:41:00
31/07/2014
09:40:54
31/07/2014
09:40:41
31/07/2014
09:40:41
31/07/2014
09:40:14
31/07/2014
09:39:59
31/07/2014
09:39:59
31/07/2014
09:39:53
31/07/2014
09:39:41
31/07/2014
09:39:2"
31/07/2014
09:39:22
31/07/2014
09:39:19
User
'ouse
clic(
U%(%o&% *pplicatio%
*ctive &i%do& : U%(%o&% *pplicatio%
'ouse clic(s : 1
31/07/2014
09:39:13
31/07/2014
09:39:09
User Processes ctca$suite Process started
31/07/2014
09:39:09
User
'ouse
clic(
Pro+ra$ 'a%a+er
*ctive &i%do& : Pro+ra$ 'a%a+er
Process %a$e : explorer
'ouse clic(s : 1
31/07/2014
09:39:0"
User
'ouse
clic(
U%(%o&% *pplicatio%
Process %a$e : s#sdir
'ouse clic(s : 1
31/07/2014
09:39:01
31/07/2014
09:3":59
User Processes $spai%t.exe Process stopped
31/07/2014
09:3":5,
User
'ouse
clic(
Pai%t
*ctive &i%do& : Pai%t
Process %a$e : $spai%t
'ouse clic(s : 1
31/07/2014
09:3":54
31/07/2014
09:3":49
User
'ouse
clic(
U%(%o&% *pplicatio%
Process %a$e : $spai%t
'ouse clic(s : 1
31/07/2014
09:38:40
31/07/2014
09:38:19
User
Mouse
click
Sem ttulo Pai!t
"ctive #i!do# : Sem ttulo Pai!t
Process !ame : mspai!t
Mouse clicks : 13
31/07/2014
09:38:13
User Processes liveupdate$e%e Process stopped
31/07/2014
09:38:00
31/07/2014
09:37:&4
31/07/2014
09:37:41
User Processes Searc'(ilter)ost$e%e Process stopped
31/07/2014
09:37:41
31/07/2014
09:37:41
User Processes searc'*ilter'ost Process started
31/07/2014
09:37:37
User Processes )elpPa!e$e%e Process stopped
31/07/2014
09:37:3+
User
Mouse
click
",uda e Suporte do -i!do#s
"ctive #i!do# : ",uda e Suporte do -i!do#s
Process !ame : 'elppa!e
Mouse clicks : 1
31/07/2014
09:37:29
User Processes 'elppa!e Process started
31/07/2014
09:37:20
User Processes audiod. Process started
31/07/2014
09:37:14
31/07/2014
09:3+:&9
31/07/2014
09:3+:&3
31/07/2014
09:3+:41
31/07/2014
09:3+:13
31/07/2014
09:3+:01
31/07/2014
09:3&:&3
31/07/2014
09:3&:40
31/07/2014
09:3&:40
31/07/2014
09:3&:22
User
Mouse
click
Sem ttulo Pai!t
"ctive #i!do# : Sem ttulo Pai!t
Mouse clicks : 8
31/07/2014
09:3&:13
31/07/2014
09:3&:00
31/07/2014
09:3&:00
31/07/2014
09:34:&4
31/07/2014
09:34:39
31/07/2014
09:34:34
User
Mouse
click
U!k!o#! "pplicatio!
"ctive #i!do# : U!k!o#! "pplicatio!
Mouse clicks : 21
31/07/2014
09:34:14
31/07/2014
09:34:00
31/07/2014
09:33:&3
31/07/2014
09:33:41
31/07/2014
09:33:14
31/07/2014
09:33:01
31/07/2014
09:33:01
31/07/2014
09:32:&9
31/07/2014
09:32:&3
User Processes audiod.$e%e Process stopped
31/07/2014
09:32:&3
31/07/2014
09:32:40
31/07/2014
09:32:13
31/07/2014
09:32:01
31/07/2014
09:31:&4
31/07/2014
09:31:39
31/07/2014
09:31:14
31/07/2014
09:31:00
31/07/2014
09:30:53
31/07/2014
09:30:41
31/07/2014
09:30:41
31/07/2014
09:30:41
User Processes search!ilterhost Process started
31/07/2014
09:30:14
31/07/2014
09:30:01
31/07/2014
09:29:53
31/07/2014
09:29:40
31/07/2014
09:29:13
31/07/2014
09:29:07
User
"ouse
clic#
Se$ t%tulo & Pai't
(ctive )i'do) : Se$ t%tulo & Pai't
Process 'a$e : $spai't
"ouse clic#s : 52
31/07/2014
09:29:03
User
"ouse
clic#
U'#'o)' (pplicatio'
(ctive )i'do) : U'#'o)' (pplicatio'
"ouse clic#s : 1
31/07/2014
09:29:00
31/07/2014
09:2*:54
31/07/2014
09:2*:39
31/07/2014
09:2*:39
31/07/2014
09:2*:19
User
"ouse
clic#
Se$ t%tulo & Pai't
"ouse clic#s : *
31/07/2014
09:2*:14
31/07/2014
09:2*:13
User
"ouse
clic#
+ditar ,ores
(ctive )i'do) : +ditar ,ores
"ouse clic#s : 2
31/07/2014
09:27:59
31/07/2014
09:27:59
31/07/2014
09:27:53
31/07/2014
09:27:51
User Processes audiod- Process started
31/07/2014
09:27:49
User
"ouse
clic#
Se$ t%tulo & Pai't
"ouse clic#s : 2
31/07/2014
09:27:41
31/07/2014
09:27:2.
User Processes $spai't.exe Process stopped
31/07/2014
09:27:24
User Processes $spai't.exe Process stopped
31/07/2014
09:27:23
User
"ouse
clic#
U'#'o)' (pplicatio'
(ctive )i'do) : U'#'o)' (pplicatio'
Process 'a$e : explorer
"ouse clic#s : 3
31/07/2014
09:27:13
31/07/2014
09:27:01
31/07/2014
09:2.:52
31/07/2014
09:2.:40
31/07/2014
09:2.:13
31/07/2014
09:2.:00
31/07/2014
09:2.:00
31/07/2014
09:25:54
31/07/2014
09:25:39
31/07/2014
09:25:39
31/07/2014
09:25:14
31/07/2014
09:24:59
31/07/2014
09:24:53
31/07/2014
09:24:40
31/07/2014
09:24:2*
User Processes /av/s0eport.exe Process stopped
31/07/2014
09:24:2.
User Processes 1av1sreport Process started
31/07/2014
09:24:13
31/07/2014
09:24:01
31/07/2014
09:23:52
31/07/2014
09:23:40
31/07/2014
09:23:40
31/07/2014
09:23:40
31/07/2014
09:23:12
31/07/2014
09:23:00
31/07/2014
09:22:54
31/07/2014
09:22:39
31/07/2014
09:22:14
31/07/2014
09:21:59
31/07/2014
09:21:53
31/07/2014
09:21:40
31/07/2014
09:21:40
31/07/2014
09:21:40
31/07/2014
09:21:13
31/07/2014
09:21:00
31/07/2014
09:20:52
31/07/2014
09:20:39
31/07/2014
09:20:12
31/07/2014
09:20:02
User Processes tas"e#$.exe Process stopped
31/07/2014
09:20:00
31/07/2014
09:19:53
31/07/2014
09:19:41
31/07/2014
09:19:41
31/07/2014
09:19:41
31/07/2014
09:19:13
31/07/2014
09:1%:59
31/07/2014
09:1%:52
31/07/2014
09:1%:40
31/07/2014
09:1%:13
31/07/2014
09:1%:00
31/07/2014
09:17:54
31/07/2014
09:17:39
31/07/2014
09:17:39
31/07/2014
09:17:12
31/07/2014
09:1&:59
31/07/2014
09:1&:59
31/07/2014
09:1&:57
User Processes tas"host.exe Process stopped
31/07/2014
09:1&:53
31/07/2014
09:1&:40
31/07/2014
09:1&:17
User Processes schtas"s.exe Process stopped
31/07/2014
09:1&:17
31/07/2014
09:1&:15
User Processes schtas"s Process started
31/07/2014
09:1&:15
User Processes co#host Process started
31/07/2014
09:1&:13
31/07/2014
09:16:11 User Processes schtasks.exe Process stopped
31/07/2014
09:16:11
User Processes conhost.exe Process stopped
31/07/2014
09:16:09
User Processes MSOSY!."#" Process stopped
31/07/2014
09:16:09
User Processes schtasks.exe Process stopped
31/07/2014
09:16:09
User Processes schtasks Process started
31/07/2014
09:16:09
User Processes conhost Process started
31/07/2014
09:16:09
31/07/2014
09:16:07
31/07/2014
09:16:07
31/07/2014
09:16:00
User Processes $%&e'pdate Process started
31/07/2014
09:1(:(4
User Processes $%&e'pdate.exe Process stopped
31/07/2014
09:1(:39
31/07/2014
09:1(:1)
User Processes *r'sted+nsta$$er.exe Process stopped
31/07/2014
09:1(:16
31/07/2014
09:1(:12
31/07/2014
09:1(:01
User Processes tasken, Process started
31/07/2014
09:14:(9
31/07/2014
09:14:((
User Processes taskhost Process started
31/07/2014
09:14:(3
31/07/2014
09:14:4(
User Processes 'pdater Process started
31/07/2014
09:14:42
User Processes search-%$terhost Process started
31/07/2014
09:14:40
User Processes Search.%$ter/ost.exe Process stopped
31/07/2014
09:14:40
31/07/2014
09:14:13
31/07/2014
09:14:00
31/07/2014
09:13:(2
31/07/2014
09:13:39
31/07/2014
09:13:12
31/07/2014
09:13:00
31/07/2014
09:12:(9
User
Mo'se
c$%ck
Se0 t1t'$o 2 Pa%nt
3ct%&e 4%ndo4 : Se0 t1t'$o 2 Pa%nt
Process na0e : 0spa%nt
Mo'se c$%cks : 1(1
31/07/2014
09:12:((
User
Mo'se
c$%ck
Unkno4n 3pp$%cat%on
3ct%&e 4%ndo4 : Unkno4n 3pp$%cat%on
Mo'se c$%cks : 1
31/07/2014
09:12:(3
31/07/2014
09:12:41
User Processes search-%$terhost Process started
31/07/2014
09:12:39
31/07/2014
09:12:13
31/07/2014
09:12:04
User
Mo'se
c$%ck
Se0 t1t'$o 2 Pa%nt
3ct%&e 4%ndo4 : Se0 t1t'$o 2 Pa%nt
Mo'se c$%cks : )
31/07/2014
09:12:00
User
Mo'se
c$%ck
Unkno4n 3pp$%cat%on
Process na0e : exp$orer
Mo'se c$%cks : 1
31/07/2014
09:11:(9
31/07/2014
09:11:(9
User Processes Search.%$ter/ost.exe Process stopped
31/07/2014
09:11:()
User
Mo'se
c$%ck
anne caro$%ne e 5%e$$... 2 Pa%nt
3ct%&e 4%ndo4 : anne caro$%ne e 5%e$$... 2 Pa%nt
Mo'se c$%cks : 1
31/07/2014
09:11:(2
31/07/2014
09:11:46
User
Mo'se
c$%ck
Unkno4n 3pp$%cat%on
Process na0e : exp$orer
Mo'se c$%cks : 1
31/07/2014
09:11:42
User Processes 0spa%nt.exe Process stopped
31/07/2014
09:11:40
31/07/2014
09:11:13
31/07/2014
09:11:00
31/07/2014
09:10:54
31/07/2014
09:10:39
31/07/2014
09:10:14
31/07/2014
09:09:59
31/07/2014
09:09:59
31/07/2014
09:09:52
31/07/2014
09:09:40
31/07/2014
09:09:40
31/07/2014
09:09:12
31/07/2014
09:09:00
31/07/2014
09:0":53
31/07/2014
09:0":39
31/07/2014
09:0":3"
User S#ste$ user active User %e&t active
31/07/2014
09:0":13
31/07/2014
09:07:59
31/07/2014
09:07:52
31/07/2014
09:07:40
31/07/2014
09:07:40
31/07/2014
09:07:13
31/07/2014
09:07:0"
User S#ste$ user i&active User %e&t i&active
31/07/2014
09:07:00
31/07/2014
09:07:00
31/07/2014
09:0':52
31/07/2014
09:0':39
31/07/2014
09:0':12
31/07/2014
09:05:59
31/07/2014
09:05:55
User Processes (avUpdater.exe Process stopped
31/07/2014
09:05:55
User Processes )ppStoreUpdater.exe Process stopped
31/07/2014
09:05:53
31/07/2014
09:05:47
31/07/2014
09:05:47
User Processes (av*ra#.exe Process stopped
31/07/2014
09:05:45
User Processes $siexec.exe Process stopped
31/07/2014
09:05:45
User Processes +avupdater Process started
31/07/2014
09:05:45
User Processes +avtra# Process started
31/07/2014
09:05:40
31/07/2014
09:05:13
31/07/2014
09:05:05
User Processes trustedi&staller Process started
31/07/2014
09:04:5"
31/07/2014
09:04:5"
31/07/2014
09:04:54
31/07/2014
09:04:52
User Processes spar,update Process started
31/07/2014
09:04:52
31/07/2014
09:04:52
User Processes tas,e&- Process started
31/07/2014
09:04:39
31/07/2014
09:04:39
31/07/2014
09:04:39
31/07/2014
09:04:12
31/07/2014
09:03:59
31/07/2014
09:03:53
31/07/2014
09:03:38
31/07/2014
09:03:22
31/07/2014
09:03:13
31/07/2014
09:02:59
31/07/2014
09:02:52
31/07/2014
09:02:40
31/07/2014
09:02:40
31/07/2014
09:02:12
User e!stro"es #e$ t%tulo & Pai't
(ctive )i'do) : #e$ t%tulo & Pai't
e!stro"es : v v *vvvvvvvvvvvvvvvvvvvvvv aaaaaaaaaaa+$'+5ll,,,,aiii!
31/07/2014
09:02:12
31/07/2014
09:02:00
User Processes #earch-ilter.ost.exe Process stopped
31/07/2014
09:02:00
31/07/2014
09:01:53
31/07/2014
09:01:49
User Processes co'host.exe Process stopped
31/07/2014
09:01:49
User Processes soft$/r0update.exe Process stopped
31/07/2014
09:01:47
User Processes co'host Process started
31/07/2014
09:01:47
User Processes soft$/r0update Process started
31/07/2014
09:01:39
31/07/2014
09:01:13
User Processes tas"e'/.exe Process stopped
31/07/2014
09:01:13
31/07/2014
09:00:59
31/07/2014
09:00:52
31/07/2014
09:00:48
User Processes (pp1o/2eporter.exe Process stopped
31/07/2014
09:00:43
User Processes applo/reporter Process started
31/07/2014
09:00:44
User Processes #earchProtocol.ost.exe Process stopped
31/07/2014
09:00:39
31/07/2014
09:00:27
User Processes audiod/.exe Process stopped
31/07/2014
09:00:14
User Processes P4-Popups.exe Process stopped
31/07/2014
09:00:12
31/07/2014
09:00:08
User Processes tas"e'/.exe Process stopped
31/07/2014
09:00:03
31/07/2014
08:59:59
31/07/2014
08:59:53
31/07/2014
08:59:51
User Processes tas"host.exe Process stopped
31/07/2014
08:59:44
31/07/2014
08:59:42
31/07/2014
08:59:40
31/07/2014
08:59:40
31/07/2014
08:59:21
User Processes )$i32.exe Process stopped
31/07/2014
08:59:12
31/07/2014
08:59:08
User Processes appstore0s!'c.exe Process stopped
31/07/2014
08:59:00
31/07/2014
08:58:53
31/07/2014
08:58:47
User Processes appstore_sync Process started
31/07/2014
08:58:38
31/07/2014
08:58:30
User Processes svchost.ee Process stopped
31/07/2014
08:58:1!
31/07/2014
08:58:17
31/07/2014
08:58:17
31/07/2014
08:58:13
31/07/2014
08:58:00
31/07/2014
08:57:51
31/07/2014
08:57:47
User Processes Updater.ee Process stopped
31/07/2014
08:57:47
User Processes tas"host Process started
31/07/2014
08:57:45
User Processes #$iPrv%&.ee Process stopped
31/07/2014
08:57:43
User Processes %earchProtocol'ost.ee Process stopped
31/07/2014
08:57:43
User Processes %earch(ilter'ost.ee Process stopped
31/07/2014
08:57:3!
31/07/2014
08:57:13
31/07/2014
08:5):58
31/07/2014
08:5):54
31/07/2014
08:5):54
User Processes dllhost.ee Process stopped
31/07/2014
08:5):50
31/07/2014
08:5):44
User Processes *$i32 Process started
31/07/2014
08:5):40
31/07/2014
08:5):40
31/07/2014
08:5):40
User Processes search+ilterhost Process started
31/07/2014
08:5):34
31/07/2014
08:5):31
User Processes *ud+host Process started
31/07/2014
08:5):2!
User Processes rundll32.ee Process stopped
31/07/2014
08:5):2!
31/07/2014
08:5):2!
User
,ouse
clic"
%e$ t-tulo . Paint
/ctive *indo* : %e$ t-tulo . Paint
Process na$e : $spaint
,ouse clic"s : 128
31/07/2014
08:5):27
User Processes conhost.ee Process stopped
31/07/2014
08:5):27
User Processes so+t$0r_update.ee Process stopped
31/07/2014
08:5):27
User
,ouse
clic"
Un"no*n /pplication
/ctive *indo* : Un"no*n /pplication
Process na$e : eplorer
,ouse clic"s : 1
31/07/2014
08:5):23
User Processes UpdatePopUp.ee Process stopped
31/07/2014
08:5):21
31/07/2014
08:5):1!
31/07/2014
08:5):17
User Processes searchindeer Process started
31/07/2014
08:5):14
User 1eystro"es ,enu 2niciar
/ctive *indo* : ,enu 2niciar
1eystro"es : int
31/07/2014
08:5):14
User Processes cscript.ee Process stopped
31/07/2014
08:5):14
User Processes conhost.ee Process stopped
31/07/2014
08:5):12
User Processes outloo" Process started
31/07/2014
08:54:25
User %yste$ 3o0on
User : User
4he co$puter have lo00ed on
31/07/2014
01:33:45
User %yste$ %hut5o*n
User : User
4he co$puter have shut do*n
31/07/2014
01:33:41
User Processes lo0onui Process started
31/07/2014
01:33:3!
User
,ouse
clic"
,enu 2niciar
/ctive *indo* : ,enu 2niciar
,ouse clic"s : 1
31/07/2014
01:33:37
User %yste$ user active User *ent active
31/07/2014
01:32:36
User Processes audiodg.exe Process stopped
31/07/2014
01:32:10
31/07/2014
01:32:10
31/07/2014
01:31:27
User Sste! user i"acti#e User $e"t i"acti#e
31/07/2014
01:31:02
31/07/2014
01:31:02
User Processes search%ilterhost Process started
31/07/2014
01:2&:26
User Processes s#chost.exe Process stopped
31/07/2014
01:2&:07
User Processes 'e#ice'ispla()*ectPro#ider.exe Process stopped
31/07/2014
01:2&:0+
User
,ouse
clic-
,edidor de .ateria
/cti#e $i"do$ : ,edidor de .ateria
,ouse clic-s : 2
31/07/2014
01:20:+0
User Processes de#icedisplao)*ectpro#ider Process started
31/07/2014
01:20:+0
User Processes 1laro.exe Process stopped
31/07/2014
01:20:+3
User
,ouse
clic-
U"-"o$" /pplicatio"
/cti#e $i"do$ : U"-"o$" /pplicatio"
Process "a!e : ssdir
,ouse clic-s : 2
31/07/2014
01:27:43
31/07/2014
01:27:32
User
,ouse
clic-
1laro
/cti#e $i"do$ : 1laro
Process "a!e : claro
,ouse clic-s : 10
31/07/2014
01:27:2&
User
,ouse
clic-
2rro de Script
/cti#e $i"do$ : 2rro de Script
,ouse clic-s : 1
31/07/2014
01:27:20
User Processes s#chost Process started
31/07/2014
01:27:24
User
,ouse
clic-
1laro
,ouse clic-s : 1
31/07/2014
01:27:22
User
,ouse
clic-
2rro de Script
/cti#e $i"do$ : 2rro de Script
,ouse clic-s : 1
31/07/2014
01:27:21
31/07/2014
01:27:06
User
,ouse
clic-
/lerta de segura"34a
/cti#e $i"do$ : /lerta de segura"34a
,ouse clic-s : +
31/07/2014
01:27:03
User
,ouse
clic-
1erti%icado
/cti#e $i"do$ : 1erti%icado
,ouse clic-s : 1
31/07/2014
01:27:01
31/07/2014
01:26:+7
31/07/2014
01:2+:40
User Processes /ppPopUp5ip.exe Process stopped
31/07/2014
01:2+:31
31/07/2014
01:24:++
User
,ouse
clic-
,ouse clic-s : 7
31/07/2014
01:24:+4
User
,ouse
clic-
1laro
,ouse clic-s : 1
31/07/2014
01:24:+4
User
,ouse
clic-
Progra! ,a"ager
/cti#e $i"do$ : Progra! ,a"ager
,ouse clic-s : 1
31/07/2014
01:24:+4
User
,ouse
clic-
,ouse clic-s : 1
31/07/2014
01:24:+4
User
,ouse
clic-
1laro
,ouse clic-s : 1
31/07/2014
01:24:+4
User
,ouse
clic-
Progra! ,a"ager
,ouse clic-s : 1
31/07/2014
01:24:+3
User
,ouse
clic-
,ouse clic-s : 1
31/07/2014
01:24:+3
User
,ouse
clic-
1laro
,ouse clic-s : 1
31/07/2014
01:24:+3
User
,ouse
clic-
Progra! ,a"ager
,ouse clic-s : 1
31/07/2014
01:24:+3
User
,ouse
clic-
,ouse clic-s : 1
31/07/2014
01:24:+2
User
,ouse
clic-
1laro
,ouse clic-s : 1
31/07/2014
01:24:+2
User
,ouse
clic-
Progra! ,a"ager
,ouse clic-s : 1
31/07/2014
01:24:+2
User
,ouse
clic-
,ouse clic-s : 1
31/07/2014
01:24:+2
User
,ouse
clic-
1laro
Mouse clicks : 1
31/07/2014
01:24:52
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:51
User
Mouse
click
Unknown A!!lication
Process name : idle
Mouse clicks : 1
31/07/2014
01:24:51
User
Mouse
click
"laro
Active window : "laro
Process name : claro
Mouse clicks : 1
31/07/2014
01:24:51
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:51
User
Mouse
click
Alerta de seguran#$a
Active window : Alerta de seguran#$a
Mouse clicks : 1
31/07/2014
01:24:50
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:50
User
Mouse
click
Mouse clicks : 3
31/07/2014
01:24:4%
User
Mouse
click
Mouse clicks : 4
31/07/2014
01:24:4%
User
Mouse
click
"laro
Mouse clicks : 1
31/07/2014
01:24:4&
User
Mouse
click
"laro
Mouse clicks : 1
31/07/2014
01:24:4&
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:4&
User
Mouse
click
Mouse clicks : 1
31/07/2014
01:24:4&
User
Mouse
click
"laro
Mouse clicks : 1
31/07/2014
01:24:4&
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:47
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:47
User
Mouse
click
Mouse clicks : 1
31/07/2014
01:24:47
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:4'
User
Mouse
click
"laro
Mouse clicks : 1
31/07/2014
01:24:4'
User
Mouse
click
Program Manager
Mouse clicks : 1
31/07/2014
01:24:4'
User
Mouse
click
Mouse clicks : 2
31/07/2014
01:24:3&
User Processes rundll32(ee Process sto!!ed
31/07/2014
01:24:3'
31/07/2014
01:24:34
User Processes av!(ee Process sto!!ed
31/07/2014
01:24:34
31/07/2014
01:23:11
User )*stem user active User went active
31/07/2014
01:22:0%
User Processes )earc+Protocol,ost(ee Process sto!!ed
31/07/2014
01:22:0%
User Processes )earc+-ilter,ost(ee Process sto!!ed
31/07/2014
01:21:25
User Processes av! Process started
31/07/2014
01:21:00
User Processes searc+!rotocol+ost Process started
31/07/2014
01:21:00
User Processes searc+.ilter+ost Process started
31/07/2014
01:20:01
User Processes taskeng(ee Process sto!!ed
31/07/2014
01:1':33
User Processes con+ost(ee Process sto!!ed
31/07/2014
01:1':33
User Processes so.tmgr/u!date(ee Process sto!!ed
31/07/2014
01:1':2%
User Processes con+ost Process started
31/07/2014
01:1':2%
User Processes so.tmgr/u!date Process started
31/07/2014
01:15:01
User Processes taskeng Process started
31/07/2014
01:14:02
User Processes task+ost(ee Process sto!!ed
31/07/2014
01:12:32
User Processes audiodg(ee Process sto!!ed
31/07/2014
User Processes )earc+Protocol,ost(ee Process sto!!ed
01:12:08
31/07/2014
01:12:08
31/07/2014
01:12:00
31/07/2014
01:10:27
User Syste !ser i"acti#e User $e"t i"acti#e
31/07/2014
01:10:23
User Processes P%F&S'eport.exe Process stopped
31/07/2014
01:10:18
User Processes pc()sreport Process started
31/07/2014
01:10:18
31/07/2014
01:10:18
User Processes search(ilterhost Process started
31/07/2014
01:07:32
User
*o!se
click
+lerta de se,!ra"-.a
+cti#e $i"do$ : +lerta de se,!ra"-.a
Process "ae : claro
*o!se clicks : /
31/07/2014
01:07:31
User
*o!se
click
Pro,ra *a"a,er
+cti#e $i"do$ : Pro,ra *a"a,er
Process "ae : explorer
*o!se clicks : 1
31/07/2014
01:07:31
User
*o!se
click
Process "ae : claro
*o!se clicks : 2
31/07/2014
01:07:31
User
*o!se
click
%laro
+cti#e $i"do$ : %laro
Process "ae : claro
*o!se clicks : 1
31/07/2014
01:07:31
User
*o!se
click
Pro,ra *a"a,er
*o!se clicks : 1
31/07/2014
01:07:30
User
*o!se
click
%laro
Process "ae : claro
*o!se clicks : 1
31/07/2014
01:07:27
31/07/2014
01:07:22
User
*o!se
click
Pro,ra *a"a,er
*o!se clicks : 1
31/07/2014
01:07:22
User
*o!se
click
Process "ae : claro
*o!se clicks : 10
31/07/2014
01:07:21
User
*o!se
click
%laro
Process "ae : claro
*o!se clicks : 1
31/07/2014
01:07:20
31/07/2014
01:01:01
31/07/2014
01:00:02
31/07/2014
01:00:30
User Processes s#chost.exe Process stopped
31/07/2014
01:00:1/
User Processes a!diod, Process started
31/07/2014
01:00:18
User 2eystrokes +lerta de se,!ra"-.a
Process "ae : claro
31/07/2014
01:00:04
31/07/2014
01:00:00
31/07/2014
01:04:48
User
*o!se
click
Process "ae : claro
*o!se clicks : 24
31/07/2014
01:04:24
31/07/2014
01:04:11
31/07/2014
01:04:0/
31/07/2014
01:03:04
31/07/2014
01:03:01
31/07/2014
01:03:34
User Processes s#chost Process started
31/07/2014
01:03:34
31/07/2014
01:03:34
31/07/2014
01:03:32
31/07/2014
01:03:32
31/07/2014
01:03:2/
User
*o!se
click
%laro
Process "ae : claro
*o!se clicks : 1
31/07/2014
01:03:2/
User
*o!se
click
Pro,ra *a"a,er
*o!se clicks : 2
31/07/2014
01:03:28
User
*o!se
click
%laro
Process "ae : claro
*o!se clicks : 1
31/07/2014
01:03:28
User
*o!se
click
Pro,ra *a"a,er
*o!se clicks : 1
31/07/2014
User
*o!se
Process "ae : claro
01:03:28 click Mouse clicks : 2
31/07/2014
01:03:25
User
Mouse
click
Alerta de segurana
Active indo : Alerta de segurana
!rocess na"e : claro
Mouse clicks : 3
31/07/2014
01:03:24
User !rocesses s#ark$e%e !rocess sto##ed
31/07/2014
01:03:18
31/07/2014
01:03:18
User !rocesses s#ark !rocess started
31/07/2014
01:03:12
User &'ste" user active User ent active
31/07/2014
01:02:05
User !rocesses &earc()ilter*ost$e%e !rocess sto##ed
31/07/2014
01:02:05
User !rocesses &earc(!rotocol*ost$e%e !rocess sto##ed
31/07/2014
01:01:27
User &'ste" user inactive User ent inactive
31/07/2014
01:00:5+
User !rocesses searc(,ilter(ost !rocess started
31/07/2014
01:00:5+
User !rocesses searc(#rotocol(ost !rocess started
31/07/2014
00:5+:55
31/07/2014
00:5+:24
31/07/2014
00:5+:15
User
Mouse
click
-ova guia . &#ark /roser
Active indo : -ova guia . &#ark /roser
!rocess na"e : s#ark
Mouse clicks : 0
31/07/2014
00:5+:13
31/07/2014
00:5+:13
31/07/2014
00:5+:11
User &'ste" user active User ent active
31/07/2014
00:58:27
User &'ste" user inactive User ent inactive
31/07/2014
00:58:20
User !rocesses dll(ost$e%e !rocess sto##ed
31/07/2014
00:58:15
User !rocesses dll(ost !rocess started
31/07/2014
00:58:04
User !rocesses svc(ost$e%e !rocess sto##ed
31/07/2014
00:50:20
31/07/2014
00:50:22
31/07/2014
00:50:17
31/07/2014
00:50:11
31/07/2014
00:50:11
31/07/2014
00:50:08
31/07/2014
00:50:08
User
Mouse
click
n1o est2 dis#onvel . &#ark
/roser
Active indo : n1o est2 dis#onvel . &#ark /roser
Mouse clicks : 2
31/07/2014
00:50:04
31/07/2014
00:50:04
User !rocesses svc(ost !rocess started
31/07/2014
00:55:5+
31/07/2014
00:55:5+
User
Mouse
click
3laro
Active indo : 3laro
Mouse clicks : 1
31/07/2014
00:55:5+
User
Mouse
click
!rogra" Manager
Active indo : !rogra" Manager
!rocess na"e : e%#lorer
Mouse clicks : 1
31/07/2014
00:55:51
User
Mouse
click
4rro de &cri#t
Active indo : 4rro de &cri#t
Mouse clicks : 1
31/07/2014
00:55:48
User
Mouse
click
n1o est2 dis#onvel . &#ark
/roser
Active indo : n1o est2 dis#onvel . &#ark /roser
Mouse clicks : 1
31/07/2014
00:55:20
31/07/2014
00:55:02
31/07/2014
00:54:55
31/07/2014
00:54:4+
31/07/2014
00:54:2+
31/07/2014
00:54:13
31/07/2014
00:54:08
31/07/2014
00:54:08
User !rocesses audiodg$e%e !rocess sto##ed
31/07/2014
00:54:00
31/07/2014
00:54:02
31/07/2014
00:53:59
31/07/2014
00:52:57
31/07/2014
00:52:53
31/07/2014
00:52:48
User Keystrokes Noa !"#a $ %park &ro'ser
(ct#e '#)do' : Noa !"#a $ %park &ro'ser
Process )a*e : spark
Keystrokes : ''''''.+ace,ook-.$$/
31/07/2014
00:52:00
User Processes %earchProtocol1ost.exe Process stopped
31/07/2014
00:52:00
User Processes %earch2#lter1ost.exe Process stopped
31/07/2014
00:52:00
31/07/2014
00:52:00
31/07/2014
00:51:53
31/07/2014
00:51:21
31/07/2014
00:50:59
31/07/2014
00:50:59
User Processes 3o!4eporter.exe Process stopped
31/07/2014
00:50:59
31/07/2014
00:50:59
User Processes co)host.exe Process stopped
31/07/2014
00:50:58
User Keystrokes
)56o est57 d#spo)5el $ %park
&ro'ser
(ct#e '#)do' : )56o est57 d#spo)5el $ %park &ro'ser
Keystrokes : -.$$/-.$$/
31/07/2014
00:50:57
31/07/2014
00:50:57
User Processes lo!reporter Process started
31/07/2014
00:50:57
User Processes search+#lterhost Process started
31/07/2014
00:50:57
User Processes co)host Process started
31/07/2014
00:50:35
31/07/2014
00:50:14
31/07/2014
00:50:10
31/07/2014
00:50:08
31/07/2014
00:50:03
31/07/2014
00:50:03
31/07/2014
00:49:12
31/07/2014
00:49:04
User Processes a"d#od! Process started
31/07/2014
00:49:03
31/07/2014
00:48:12
User
8o"se
cl#ck
Noa !"#a $ %park &ro'ser
(ct#e '#)do' : Noa !"#a $ %park &ro'ser
8o"se cl#cks : 22
31/07/2014
00:48:07
31/07/2014
00:48:05
31/07/2014
00:48:04
User
8o"se
cl#ck
)56o est57 d#spo)5el $ %park
&ro'ser
(ct#e '#)do' : )56o est57 d#spo)5el $ %park &ro'ser
8o"se cl#cks : 1
31/07/2014
00:47:47
31/07/2014
00:47:00
31/07/2014
00:40:54
31/07/2014
00:40:51
31/07/2014
00:40:49
User Processes a"d#od!.exe Process stopped
31/07/2014
00:40:47
31/07/2014
00:40:45
31/07/2014
00:40:04
31/07/2014
00:40:04
31/07/2014
00:45:42
31/07/2014
00:45:24
31/07/2014
00:45:19
31/07/2014
00:45:10
31/07/2014
00:44:26
31/07/2014
00:44:19
31/07/2014
00:44:19
31/07/2014
00:44:13
31/07/2014
00:44:13
User
Mouse
click
o!a "uia # $park %ro&ser
'cti!e &i(do& : o!a "uia # $park %ro&ser
Process (a)e : spark
Mouse clicks : 5
31/07/2014
00:44:10
31/07/2014
00:44:10
31/07/2014
00:44:0*
User
Mouse
click
(+,o est+- dispo(+!el # $park
%ro&ser
'cti!e &i(do& : (+,o est+- dispo(+!el # $park %ro&ser
Mouse clicks : 1
31/07/2014
00:43:50
31/07/2014
00:43:32
31/07/2014
00:43:2*
31/07/2014
00:43:21
31/07/2014
00:43:14
31/07/2014
00:43:12
31/07/2014
00:43:07
31/07/2014
00:43:07
31/07/2014
00:43:05
31/07/2014
00:43:01
31/07/2014
00:42:47
31/07/2014
00:42:41
31/07/2014
00:42:3*
31/07/2014
00:42:01
User Processes $earch.ilter/ost.exe Process stopped
31/07/2014
00:42:01
User Processes $earchProtocol/ost.exe Process stopped
31/07/2014
00:41:54
31/07/2014
00:41:4*
31/07/2014
00:41:4*
31/07/2014
00:41:45
User Processes audiod" Process started
31/07/2014
00:41:43
31/07/2014
00:41:39
User 0e1strokes o!a "uia # $park %ro&ser
0e1strokes : 2ace34##534##534##534##534##534##534##534##534##534##534##534##534##52ace34##534##534##534##534##534
&&
34##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534##534
31/07/2014
00:41:30
31/07/2014
00:41:27
User
Mouse
click
o!a "uia # $park %ro&ser
Mouse clicks : 6
31/07/2014
00:41:25
31/07/2014
00:41:21
31/07/2014
00:41:21
31/07/2014
00:40:56
31/07/2014
00:40:56
31/07/2014
00:40:23
31/07/2014
00:40:20
User
Mouse
click
.ace6ook # $park %ro&ser
'cti!e &i(do& : .ace6ook # $park %ro&ser
Mouse clicks : 6
31/07/2014
00:40:16
31/07/2014
00:40:05
User Processes /P7ustPartic.exe Process stopped
31/07/2014
00:40:00
User Processes hpcustpartic Process started
31/07/2014
00:40:00
User Processes taske(" Process started
31/07/2014
00:3*:15
User
Mouse
click
(+,o est+- dispo(+!el # $park
%ro&ser
'cti!e &i(do& : (+,o est+- dispo(+!el # $park %ro&ser
Mouse clicks : 1
31/07/2014
00:32:02
31/07/2014
00:32:02
31/07/2014
00:30:!
31/07/2014
00:30:!
31/07/2014
00:30:!
User Processes $o%&eporter.exe Process stopped
31/07/2014
00:30:4
31/07/2014
00:30:4
31/07/2014
00:30:4
User Processes lo%reporter Process started
31/07/2014
00:30:3!
User
Mouse
click
Face'ook ( Spark )ro*ser
+cti,e *i#do* : Face'ook ( Spark )ro*ser
Process #a-e : spark
Mouse clicks : 14
31/07/2014
00:30:32
User
Mouse
click
#./o est.0 dispo#.,el ( Spark
)ro*ser
+cti,e *i#do* : #./o est.0 dispo#.,el ( Spark )ro*ser
Mouse clicks : 1
31/07/2014
00:2:3
User Processes +ppPopUp1ip.exe Process stopped
31/07/2014
00:2:30
31/07/2014
00:22:00
31/07/2014
00:22:00
31/07/2014
00:20:4
31/07/2014
00:20:4
31/07/2014
00:20:37
User Processes +ppStoreUpdater.exe Process stopped
31/07/2014
00:20:30
31/07/2014
00:20:01
User Processes taske#%.exe Process stopped
31/07/2014
00:12:33
User S3ste- user acti,e User *e#t acti,e
31/07/2014
00:1!:32
31/07/2014
00:1!:32
31/07/2014
00:1!:2!
User S3ste- user i#acti,e User *e#t i#acti,e
31/07/2014
00:1:34
31/07/2014
00:1:22
31/07/2014
00:1:22
31/07/2014
00:1:22
31/07/2014
00:1:0!
User Processes FlashPla3erUpdateSer,ice.exe Process stopped
31/07/2014
00:1:01
User Processes "lashpla3erupdateser,ice Process started
31/07/2014
00:1:01
User Processes taske#% Process started
31/07/2014
00:13:3
User Processes appstore5s3#c.exe Process stopped
31/07/2014
00:13:24
User Processes appstore5s3#c Process started
31/07/2014
00:12:01
31/07/2014
00:12:01
31/07/2014
00:11:02
User Processes audiod%.exe Process stopped
31/07/2014
00:10:2
31/07/2014
00:10:2
31/07/2014
00:10:0
User
Mouse
click
Face'ook ( Spark )ro*ser
Mouse clicks : 34
31/07/2014
00:07:17
User 6e3strokes Face'ook ( Spark )ro*ser
6e3strokes : e#tao 7- eeeeeeeeeeeeeeee89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((
89((:89((:S;89((:.P <<<
,rdd89((:ad... kkkkkkk89((:k89((:689((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:89((
pis89((:89((:89((:89((:89((:89((:89((:89((:89((:89((:l89((:%a'riel #er389((:89((:poesias89((:89((:89((:89((:
31/07/2014
00:07:1!
User Processes taskhost.exe Process stopped
31/07/2014
00:07:14
User
Mouse
click
=1> Face'ook ( Spark )ro*ser
+cti,e *i#do* : =1> Face'ook ( Spark )ro*ser
Mouse clicks : 1
31/07/2014
00:0!:24
User 6e3strokes =1> Face'ook ( Spark )ro*ser
+cti,e *i#do* : =1> Face'ook ( Spark )ro*ser
6e3strokes : e#ao
31/07/2014
User Processes audiod% Process started
00:05:52
31/07/2014
00:05:15
31/07/2014
00:02:01
31/07/2014
00:02:01
31/07/2014
00:01:22
31/07/2014
00:01:15
31/07/2014
00:00:53
31/07/2014
00:00:53
30/07/2014
23:5:02
User Processes a!diod".exe Process stopped
30/07/2014
23:5#:43
User
$o!se
click
Face%ook & Spark 'ro(ser
)cti*e (i+do( : Face%ook & Spark 'ro(ser
Process +a,e : spark
$o!se clicks : 14
30/07/2014
23:53:44
User
$o!se
click
-1. Face%ook & Spark 'ro(ser
)cti*e (i+do( : -1. Face%ook & Spark 'ro(ser
$o!se clicks : 3
30/07/2014
23:52:1/
User
$o!se
click
Face%ook & Spark 'ro(ser
$o!se clicks : 3
30/07/2014
23:51:5/
30/07/2014
23:51:5/
30/07/2014
23:51:31
User 0e1strokes Face%ook & Spark 'ro(ser
0e1strokes : 2o face 34&&5%ook...
si,6o s+hr34&&5or ai+da ,ora e, sao 34&&534&&534&&534&&5S)7 P)U87 999
30/07/2014
23:51:1/
User
$o!se
click
-1. Face%ook & Spark 'ro(ser
$o!se clicks : 2
30/07/2014
23:51:13
User 0e1strokes -1. Face%ook & Spark 'ro(ser
0e1strokes : 34&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&
30/07/2014
23:51:05
User Processes a!diod" Process started
30/07/2014
23:50:52
User Processes 8o":eporter.exe Process stopped
30/07/2014
23:50:50
30/07/2014
23:50:50
User Processes lo"reporter Process started
30/07/2014
23:50:50
30/07/2014
23:4:17
User S1ste, !ser acti*e User (e+t acti*e
30/07/2014
23:47:42
User Processes taske+".exe Process stopped
30/07/2014
23:47:2#
User S1ste, !ser i+acti*e User (e+t i+acti*e
30/07/2014
23:47:24
User Processes a!diod".exe Process stopped
30/07/2014
23:42:41
User Processes spark!pdate.exe Process stopped
30/07/2014
23:42:3
User Processes %d!til.exe Process stopped
30/07/2014
23:42:37
User Processes %d!til Process started
30/07/2014
23:42:37
User Processes spark!pdate Process started
30/07/2014
23:42:10
User 0e1strokes -1. Face%ook & Spark 'ro(ser
0e1strokes : 34&&5
30/07/2014
23:42:10
User 0e1strokes Face%ook & Spark 'ro(ser
0e1strokes : 34&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&534&&
534&&56o s+hor le! as ,e+s"e+s ; a ,+ha ,ae deixo! para o s+hor o+te, 999
i+"rid +atali+a
30/07/2014
23:41:57
30/07/2014
23:41:57
30/07/2014
23:40:51
User Processes 8o":eporter.exe Process stopped
30/07/2014
23:40:51
User Processes co+host.exe Process stopped
30/07/2014
23:40:4
User Processes lo"reporter Process started
30/07/2014
23:40:4
User Processes co+host Process started
30/07/2014
23:40:4
30/07/2014
23:40:4
30/07/2014
23:40:00
User Processes taske+" Process started
30/07/2014
23:37:34
User Processes a!diod" Process started
30/07/2014
23:37:07
30/07/2014
23:34:52
User
Mouse
click
Facebook !park "ro#ser
$cti%e #i&do# : Facebook !park "ro#ser
Process &a'e : spark
Mouse clicks : 20
30/07/2014
23:32:05
User Processes !earc(Filter)ost.exe Process stopped
30/07/2014
23:32:05
User Processes !earc(Protocol)ost.exe Process stopped
30/07/2014
23:31:5*
User
Mouse
click
+1, Facebook !park "ro#ser
$cti%e #i&do# : +1, Facebook !park "ro#ser
Mouse clicks : 1
30/07/2014
23:31:11
User Processes P-FPopups.exe Process stopped
30/07/2014
23:31:02
User Processes pc.popups Process started
30/07/2014
23:30:4*
User Processes searc(.ilter(ost Process started
30/07/2014
23:30:4*
User Processes searc(protocol(ost Process started
30/07/2014
23:30:40
User Processes .tex.exe Process stopped
30/07/2014
23:30:40
30/07/2014
23:30:35
User Processes .tex Process started
30/07/2014
23:30:35
User Processes .tex.exe Process stopped
30/07/2014
23:30:34
User !/ste' user acti%e User #e&t acti%e
30/07/2014
23:30:34
User
Mouse
click
Mouse clicks : 7
30/07/2014
23:30:31
User Processes .tex Process started
30/07/2014
23:30:2*
User Processes updatepopup Process started
30/07/2014
23:2*:20
User !/ste' user i&acti%e User #e&t i&acti%e
30/07/2014
23:20:43
User
Mouse
click
+1, Facebook !park "ro#ser
$cti%e #i&do# : +1, Facebook !park "ro#ser
Mouse clicks : 1
30/07/2014
23:20:35
30/07/2014
23:25:47
User Processes $ppPopUp1ip.exe Process stopped
30/07/2014
23:25:31
30/07/2014
23:25:30
User 2e/strokes Facebook !park "ro#ser
2e/strokes : oi r3456oc(a...
tudo be' co' o se&(or/345777
eu to 'uito be' ae 345345te345e345345345e agora
&i'gue'345& sabe o dia de a'a&(a...
8 b' 's'o
'as 6oc(a 8ua&s345ts a&os o s&(or te' 777
30/07/2014
23:25:21
User
Mouse
click
Mouse clicks : 4
30/07/2014
23:23:00
User 2e/strokes Poe'as 6o'a&ticos !park "ro#ser
$cti%e #i&do# : Poe'as 6o'a&ticos !park "ro#ser
2e/strokes : 345345
30/07/2014
23:23:04
User
Mouse
click
Poe'as 6o'a&ticos !park "ro#ser
$cti%e #i&do# : Poe'as 6o'a&ticos !park "ro#ser
Mouse clicks : 3
30/07/2014
23:22:41
User
Mouse
click
Poe'as 6o'9:&ticos !park "ro#ser
$cti%e #i&do# : Poe'as 6o'9:&ticos !park "ro#ser
Mouse clicks : 2
30/07/2014
23:22:31
User 2e/strokes Poe'as 6o'9:&ticos !park "ro#ser
$cti%e #i&do# : Poe'as 6o'9:&ticos !park "ro#ser
30/07/2014
23:21:51
30/07/2014
23:21:51
30/07/2014
23:20:47
User Processes searc(protocol(ost Process started
30/07/2014
23:20:47
User Processes searc(.ilter(ost Process started
30/07/2014
23:20:01
User Processes taske&g.exe Process stopped
30/07/2014
23:1*:5*
User
Mouse
click
Mouse clicks : 3
30/07/2014
23:1*:0*
User 2e/strokes Facebook !park "ro#ser
2e/strokes : poe'as
30/07/2014
23:17:0*
User !/ste' user acti%e User #e&t acti%e
30/07/2014
23:15:20
User !/ste' user i&acti%e User #e&t i&acti%e
30/07/2014
23:15:00
User Processes taske&g Process started
30/07/2014
23:12:22
30/07/2014
23:12:22
30/07/2014 $cti%e #i&do# : ;abriel <er/ !park "ro#ser
23:11:59
User Keystrokes Gabriel Nery - Spark Browser
Keystrokes : !--"
3#$#%$2#1&
23:11:3%
User Processes 'll(ost)e*e Process stoppe'
3#$#%$2#1&
23:11:33
User Processes 'll(ost Process starte'
3#$#%$2#1&
23:11:2+
User Processes P,-Pop.ps)e*e Process stoppe'
3#$#%$2#1&
23:11:#/
User Processes P,-Pop.ps)e*e Process stoppe'
3#$#%$2#1&
23:11:#&
User Processes pc0pop.ps Process starte'
3#$#%$2#1&
23:1#:55
User Processes pc0pop.ps Process starte'
3#$#%$2#1&
23:1#:2/
User Processes P,-BS1eport)e*e Process stoppe'
3#$#%$2#1&
23:1#:19
User Processes searc(0ilter(ost Process starte'
3#$#%$2#1&
23:1#:19
User Processes searc(protocol(ost Process starte'
3#$#%$2#1&
23:1#:1%
User Processes pc0bsreport Process starte'
3#$#%$2#1&
23:#+:&3
User
2o.se
click
Gabriel Nery - Spark Browser
3cti4e win'ow : Gabriel Nery - Spark Browser
2o.se clicks : 13
3#$#%$2#1&
23:#5:5%
User
2o.se
click
Searc( - Spark Browser
3cti4e win'ow : Searc( - Spark Browser
2o.se clicks : 3
3#$#%$2#1&
23:#&:1%
User Processes spark)e*e Process stoppe'
3#$#%$2#1&
23:#3:&&
User Processes spark Process starte'
3#$#%$2#1&
23:#3:1&
User Processes a.'io'5)e*e Process stoppe'
3#$#%$2#1&
23:#3:#5
User Processes task(ost)e*e Process stoppe'
3#$#%$2#1&
23:#2:&9
User Processes a4p)e*e Process stoppe'
3#$#%$2#1&
23:#1:&9
User Processes Searc(-ilter6ost)e*e Process stoppe'
3#$#%$2#1&
23:#1:&9
User Processes Searc(Protocol6ost)e*e Process stoppe'
3#$#%$2#1&
23:#1:#5
User Processes task(ost Process starte'
3#$#%$2#1&
23:##:&5
3#$#%$2#1&
23:##:&5
3#$#%$2#1&
23:##:#1
User Processes a4p Process starte'
3#$#%$2#1&
22:5+:5&
3#$#%$2#1&
22:5+:1&
User Processes a.'io'5 Process starte'
3#$#%$2#1&
22:5+:12
User Processes spark Process starte'
3#$#%$2#1&
22:51:5#
User Processes Searc(-ilter6ost)e*e Process stoppe'
3#$#%$2#1&
22:51:5#
User Processes Searc(Protocol6ost)e*e Process stoppe'
3#$#%$2#1&
22:5#:&&
3#$#%$2#1&
22:5#:&&
3#$#%$2#1&
22:&%:&+
User Processes tasken5)e*e Process stoppe'
3#$#%$2#1&
22:&%:3/
User
2o.se
click
-acebook - Spark Browser
3cti4e win'ow : -acebook - Spark Browser
2o.se clicks : 22
3#$#%$2#1&
22:&5:59
User Processes a.'io'5)e*e Process stoppe'
3#$#%$2#1&
22:&5:&/
User Keystrokes -acebook - Spark Browser
3cti4e win'ow : -acebook - Spark Browser
Keystrokes : 5aa!--"briel nery
3#$#%$2#1&
22:&3:15
User
2o.se
click
Bem-4in'o ao -acebook - acesse7
ca'astre-se o. saiba mais) - Spark
Browser
3cti4e win'ow : Bem-4in'o ao -acebook - acesse7 ca'astre-se o. saiba mais) - Spark Browser
2o.se clicks : 3
3#$#%$2#1&
22:&2:59
User Keystrokes
Bem-4in'o ao -acebook - acesse7
ca'astre-se o. saiba mais) - Spark
Browser
3cti4e win'ow : Bem-4in'o ao -acebook - acesse7 ca'astre-se o. saiba mais) - Spark Browser
Keystrokes : (erica'omini8.emaise'.ca9:ao
3#$#%$2#1&
22:&2:51
3#$#%$2#1&
22:&2:&9
User Processes spark.p'ate)e*e Process stoppe'
3#$#%$2#1&
22:&2:&&
3#$#%$2#1&
22:&2:3%
User Processes spark.p'ate Process starte'
3#$#%$2#1&
22:&2:1+
3#$#%$2#1&
22:&2:15
3#$#%$2#1&
22:&2:13
30/07/2014
22:42:11
30/07/2014
22:42:09
30/07/2014
22:42:06
30/07/2014
22:42:04
30/07/2014
22:42:01
User Keystrokes Nova !"a # $park %ro&ser
'ct"ve &"(do& : Nova !"a # $park %ro&ser
Keystrokes : &&&
30/07/2014
22:41:**
30/07/2014
22:41:4+
30/07/2014
22:41:46
User Processes $earch,"lter-ost.exe Process stopped
30/07/2014
22:41:46
User Processes $earchProtocol-ost.exe Process stopped
30/07/2014
22:41:44
30/07/2014
22:41:42
30/07/2014
22:41:42
30/07/2014
22:41:40
User
.o!se
cl"ck
/laro 0(ter(et # Nave!e (o se!
co)p!tador1 (ote2ook o! ta2let #
$park %ro&ser
'ct"ve &"(do& : /laro 0(ter(et # Nave!e (o se! co)p!tador1 (ote2ook o! ta2let # $park %ro&ser
.o!se cl"cks : 2
30/07/2014
22:41:3+
User
.o!se
cl"ck
,ace2ook # $park %ro&ser
'ct"ve &"(do& : ,ace2ook # $park %ro&ser
.o!se cl"cks : 1
30/07/2014
22:41:36
User
.o!se
cl"ck
/o(he34a (ossos vest"dos de 5esta1
cas!a"s1 de pra"a1 c!rtos e lo(os
# $park %ro&ser
'ct"ve &"(do& : /o(he34a (ossos vest"dos de 5esta1 cas!a"s1 de pra"a1 c!rtos e lo(os # $park %ro&ser
.o!se cl"cks : 1
30/07/2014
22:41:3*
30/07/2014
22:41:34
User
.o!se
cl"ck
.o!se cl"cks : 1
30/07/2014
22:41:29
User
.o!se
cl"ck
%e)#v"(do ao ,ace2ook # acesse1
cadastre#se o! sa"2a )a"s. # $park
%ro&ser
'ct"ve &"(do& : %e)#v"(do ao ,ace2ook # acesse1 cadastre#se o! sa"2a )a"s. # $park %ro&ser
.o!se cl"cks : 2
30/07/2014
22:41:03
User
.o!se
cl"ck
$o("a 6")a 6")a # ,otos da l"(ha do
te)po # $park %ro&ser
'ct"ve &"(do& : $o("a 6")a 6")a # ,otos da l"(ha do te)po # $park %ro&ser
.o!se cl"cks : 3
30/07/2014
22:40:*4
User Processes a!d"od Process started
30/07/2014
22:40:*3
User
.o!se
cl"ck
$park %ro&ser
'ct"ve &"(do& : $park %ro&ser
.o!se cl"cks : *
30/07/2014
22:40:42
User Processes search5"lterhost Process started
30/07/2014
22:40:42
30/07/2014
22:40:39
User
.o!se
cl"ck
/o(he34a (ossos vest"dos de 5esta1
cas!a"s1 de pra"a1 c!rtos e lo(os
# $park %ro&ser
'ct"ve &"(do& : /o(he34a (ossos vest"dos de 5esta1 cas!a"s1 de pra"a1 c!rtos e lo(os # $park %ro&ser
.o!se cl"cks : 1
30/07/2014
22:40:34
User
.o!se
cl"ck
.o!se cl"cks : 1
30/07/2014
22:40:30
User
.o!se
cl"ck
$park %ro&ser
.o!se cl"cks : 1
30/07/2014
22:40:2+
User
.o!se
cl"ck
$park %ro&ser
'ct"ve &"(do& : $park %ro&ser
.o!se cl"cks : 1
30/07/2014
22:40:20
User
.o!se
cl"ck
$park %ro&ser
.o!se cl"cks : 1
30/07/2014
22:40:02
User Processes -P/!stPart"c.exe Process stopped
30/07/2014
22:40:00
User Processes taske( Process started
30/07/2014
22:40:00
User Processes hpc!stpart"c Process started
30/07/2014
22:36:3+
User Processes a!d"od.exe Process stopped
30/07/2014
22:31:*1
User Processes $earchProtocol-ost.exe Process stopped
30/07/2014
22:31:*1
User Processes $earch,"lter-ost.exe Process stopped
30/07/2014
22:31:12
User Processes a!d"od Process started
30/07/2014
22:30:42
User Processes search5"lterhost Process started
30/07/2014
22:30:42
30/07/2014
22:30:42
User Processes co(host.exe Process stopped
30/07/2014
22:30:40
30/07/2014
22:30:40
User Processes loreporter Process started
30/07/2014
22:30:40
User Processes co(host Process started
30/07/2014
22:25:32 User Processes AppPopUpTip.exe Process stopped
30/07/2014
22:25:30
30/07/2014
22:24:55
30/07/2014
22:21:51
User Processes SearchFiter!ost.exe Process stopped
30/07/2014
22:21:51
User Processes SearchProtoco!ost.exe Process stopped
30/07/2014
22:20:40
User Processes search"iterhost Process started
30/07/2014
22:20:40
User Processes searchprotocohost Process started
30/07/2014
22:20:02
User Processes tas#e$g.exe Process stopped
30/07/2014
22:1%:3&
User Processes so"t'gr(update.exe Process stopped
30/07/2014
22:1%:3&
30/07/2014
22:1%:30
User Processes so"t'gr(update Process started
30/07/2014
22:1%:30
30/07/2014
22:15:03
User Processes FashPa)erUpdateSer*ice.exe Process stopped
30/07/2014
22:15:03
30/07/2014
22:15:01
User Processes tas#e$g Process started
30/07/2014
22:15:01
User Processes "ashpa)erupdateser*ice Process started
30/07/2014
22:15:01
30/07/2014
22:14:4+
30/07/2014
22:11:52
30/07/2014
22:11:52
30/07/2014
22:10:40
30/07/2014
22:10:3+
30/07/2014
22:10:3+
30/07/2014
22:10:3+
30/07/2014
22:0&:35
User Processes tas#host.exe Process stopped
30/07/2014
22:07:33
User Processes tas#host Process started
30/07/2014
22:01:4+
30/07/2014
22:01:4+
30/07/2014
22:00:37
30/07/2014
22:00:37
30/07/2014
21:51:40
30/07/2014
21:51:40
30/07/2014
21:51:02
30/07/2014
21:50:35
30/07/2014
21:50:35
30/07/2014
21:47:11
30/07/2014
21:47:07
30/07/2014
21:47:07
30/07/2014
21:4%:02
30/07/2014
21:4%:02
30/07/2014
21:42:45
User Processes dhost.exe Process stopped
30/07/2014
21:42:41
User Processes dhost Process started
30/07/2014
21:42:41
User Processes spar#update.exe Process stopped
30/07/2014
21:42:3&
User Processes spar#update Process started
30/07/2014
21:41:5%
30/07/2014
21:41:40
30/07/2014
21:41:40
30/07/2014
21:40:3%
30/07/2014
21:40:3%
30/07/2014
21:40:3%
User Processes ,og-eporter.exe Process stopped
30/07/2014
21:40:33
30/07/2014
21:40:33
30/07/2014
21:40:33
User Processes ogreporter Process started
30/07/2014
21:40:04
User Processes !P.ustPartic.exe Process stopped
30/07/2014
21:40:02
User Processes hpcustpartic Process started
30/07/2014
21:40:00
30/07/2014
21:31:3%
30/07/2014
21:31:3%
30/07/2014
21:30:33
30/07/2014
21:30:33
30/07/2014
21:25:32
User Processes AppPopUpTip.exe Process stopped
30/07/2014
21:25:30
30/07/2014
21:22:41
30/07/2014
21:21:3+
30/07/2014
21:21:3+
30/07/2014
21:21:1+
30/07/2014
21:21:14
30/07/2014
21:20:33
30/07/2014
21:20:33
30/07/2014
21:20:33
30/07/2014
21:20:33
30/07/2014
21:20:31
30/07/2014
21:20:31
30/07/2014
21:20:04
User Processes spar# Process started
30/07/2014
21:20:02
30/07/2014
21:1&:57
User
/ouse
cic#
Face0oo# 1 Spar# 2ro3ser
Acti*e 3i$do3 : Face0oo# 1 Spar# 2ro3ser
Process $a'e : spar#
/ouse cic#s : &&
30/07/2014
21:1&:23
User
/ouse
cic#
.o$he45a $ossos *estidos de "esta6
casuais6 de praia6 curtos e o$gos
1 Spar# 2ro3ser
Acti*e 3i$do3 : .o$he45a $ossos *estidos de "esta6 casuais6 de praia6 curtos e o$gos 1 Spar# 2ro3ser
Process $a'e : spar#
/ouse cic#s : 1
30/07/2014
21:1&:0%
30/07/2014
21:1+:5&
30/07/2014
21:1+:57
30/07/2014
21:1+:4&
30/07/2014
21:1+:47
30/07/2014
21:1+:41
30/07/2014
21:1%:41
30/07/2014
21:15:01
30/07/2014
21:11:41
30/07/2014
21:11:41
30/07/2014
21:10:32
30/07/2014
21:10:32
30/07/2014
21:10:30
30/07/2014
21:10:30
30/07/2014
21:10:23
User Processes P.F2S-eport.exe Process stopped
30/07/2014
21:10:19
30/07/2014
21:10:19
User Processes pcfbsreport Process started
30/07/2014
21:10:19
30/07/2014
21:05:16
30/07/2014
21:01:31
User Processes SearchProtocolost!e"e Process stopped
30/07/2014
21:01:31
User Processes Search#ilterost!e"e Process stopped
30/07/2014
21:00:32
User Processes Updater!e"e Process stopped
30/07/2014
21:00:29
30/07/2014
21:00:29
User Processes co$host!e"e Process stopped
30/07/2014
21:00:29
User Processes %og&eporter!e"e Process stopped
30/07/2014
21:00:27
30/07/2014
21:00:27
User Processes logreporter Process started
30/07/2014
21:00:27
30/07/2014
21:00:27
30/07/2014
20:52:49
User
'ouse
clic(
#aceboo( ) Spar( *ro+ser
,cti-e +i$do+ : #aceboo( ) Spar( *ro+ser
Process $a.e : spar(
'ouse clic(s : 25
30/07/2014
20:51:32
User /e0stro(es #aceboo( ) Spar( *ro+ser
,cti-e +i$do+ : #aceboo( ) Spar( *ro+ser
/e0stro(es : -c acha 1u1e da pra r23))423))423))423))423))423))423))423))423))423))423))4e da pra ser feli5 co. desgraca de23
ai$da sabe$do 1ue pode.os ter u. pouco de culpa
.eu filho esa triste por tere. descrasado a -ida dele .as deus $ao dor dor.e te$ho .uita fe
.eu filho $ao e o 1ue pe$sa. .as a23))4 eu a a.o .uito sou u.a .ae a-o co. o coracao partido .as te$ho fe
estou .uito triste co. .uita saudade dele
oi pri.o -erdade lucia te a.o .a$o
e$tao pega o bo$de .a$a ou -ai $a tartaruga ((((
-c se.pre -ai ser .eu rei .eu flho23))423))423))4ilho te a.o
-erdade .a$o
espero se ele6a o .elhor para o $osso estado chega de corruptos
-23))4ta che$23))4ga$do a hora cafe5i$ho e tapa costa .uito cuidado
tudo issi23))4o fa5 se$d23))4tido si. .as o 1ue fa5er se $os 6a esta.os dea23))45acreditados
so o se$hor $esta causa a.e.
se.pre a.are.os ele e sei 1ue o pai s23))4celestial $ao -ai aba$do$a lo
te a.o .eu filho oro23))423))423))4
eu te$ho .uita fe si. sei 1ue ele habita $a .i$ha fa.ilia
a.e.
oi .a$o boa $oite lucia b6s
-c da pro"i.a .e co$-ida ta.be. sou filha de 23))423))4o pai
a.igas pra se.pre se. .agoas
oi pri.a udo be.t ai cade os.ar
si. -erdade ou passa e $e. fala ai 1ue se -e 1e. sao a.igos -erdadeiros
e -erdade
li$da .es.o
se. .as co$.e$23))423))423))423))4.e$trios
a.e.
a.e.
de 1ue .a$a ele esta-a doe$te
.as esta tudo be. co. ele
se ter tudo certo -ou passar o $attal23))423))423))4al ai co. -cs
co.o esta todo .u$doai
est.os co. saudadesa de todos
este e .eu se$ador -a.os 23))423))423))423))423))4e. co.igo -a.os .uda r23))423))4r e pra fa5er 6usti78a
o a.apa esta precisa$do23))4a23))423))423))4a23))423))423))4a de pessoas co.o -c se$ador
claro 1ue si.!!!
po"a pri.a .as 1ue bo. 1ue ele esta .elhor
e-e23))423))423))4te-e duas pessoas co. isso a1ui .as foi .ic23))46o decach orro e gato doe$78a desses bichos diga a ele ter .as cuidados
fale 1ue $ao es1ue.os de -cs a.a.os todos
fi1ue. co. deus de le.bra$78as a todos
30/07/2014
20:51:32
User S0ste. user acti-e User +e$t acti-e
30/07/2014
20:51:27
User Processes Search#ilterost!e"e Process stopped
30/07/2014
20:51:27
User Processes SearchProtocolost!e"e Process stopped
30/07/2014
20:50:27
User Processes co$host!e"e Process stopped
30/07/2014
20:50:27
User Processes %og&eporter!e"e Process stopped
30/07/2014
20:50:25
30/07/2014
20:50:25
30/07/2014
20:50:25
30/07/2014
20:50:25
30/07/2014
20:49:24
User S0ste. user i$acti-e User +e$t i$acti-e
30/07/2014
20:49:11
User Processes audiodg!e"e Process stopped
30/07/2014
20:47:43
User Processes tas(e$g!e"e Process stopped
30/07/2014
20:46:19
User /e0stro(es
*e.)-i$do ao #aceboo( ) acesse:
cadastre)se ou saiba .ais! ) Spar(
*ro+ser
,cti-e +i$do+ : *e.)-i$do ao #aceboo( ) acesse: cadastre)se ou saiba .ais! ) Spar( *ro+ser
/e0stro(es : luciaucia32420429
30/07/2014
20:46:19
User
'ouse
clic(
*e.)-i$do ao #aceboo( ) acesse:
cadastre)se ou saiba .ais! ) Spar(
*ro+ser
,cti-e +i$do+ : *e.)-i$do ao #aceboo( ) acesse: cadastre)se ou saiba .ais! ) Spar( *ro+ser
'ouse clic(s : 6
30/07/2014
20:45:53
30/07/2014
20:45:48
30/07/2014
20:45:42
30/07/2014
20:45:40
User Processes avp.exe Process stopped
30/07/2014
20:45:39
User
Mouse
clck
!laro
"ctve #$do# : !laro
Process $a%e : claro
Mouse clcks : 1
30/07/2014
20:45:39
User
Mouse
clck
Pro&ra% Ma$a&er
"ctve #$do# : Pro&ra% Ma$a&er
Process $a%e : explorer
Mouse clcks : 1
30/07/2014
20:45:31
User
Mouse
clck
!laro '$ter$et ( )ave&ue $o seu
co%putador* $ote+ook ou ta+let (
,park -ro#ser
"ctve #$do# : !laro '$ter$et ( )ave&ue $o seu co%putador* $ote+ook ou ta+let ( ,park -ro#ser
Process $a%e : spark
Mouse clcks : 1
30/07/2014
20:45:30
30/07/2014
20:45:2.
30/07/2014
20:44:2.
30/07/2014
20:44:21
30/07/2014
20:44:15
30/07/2014
20:44:15
30/07/2014
20:44:12
30/07/2014
20:44:03
30/07/2014
20:43:30
User Processes ,earchProtocol/ost.exe Process stopped
30/07/2014
20:43:30
User Processes ,earch0lter/ost.exe Process stopped
30/07/2014
20:43:27
30/07/2014
20:43:14
30/07/2014
20:43:07
30/07/2014
20:43:04
30/07/2014
20:43:04
User Processes 1,tart,cree$.exe Process stopped
30/07/2014
20:43:04
30/07/2014
20:43:04
30/07/2014
20:43:02
30/07/2014
20:42:59
30/07/2014
20:42:51
User Processes xstartscree$ Process started
30/07/2014
20:42:4.
30/07/2014
20:42:4.
30/07/2014
20:42:45
User ,2ste% user actve User #e$t actve
30/07/2014
20:42:42
30/07/2014
20:42:42
30/07/2014
20:42:37
30/07/2014
20:42:35
User Processes lveupdate.exe Process stopped
30/07/2014
20:42:20
User Processes lveupdate Process started
30/07/2014
20:42:20
User Processes avp Process started
30/07/2014
20:42:07
30/07/2014
20:41:5.
User Processes audod& Process started
30/07/2014
20:41:52
30/07/2014
20:41:52
User Processes search3lterhost Process started
30/07/2014
20:41:32
30/07/2014
20:41:19
30/07/2014
20:41:19
User Processes ,earch0lter/ost.exe Process stopped
30/07/2014
20:41:07
30/07/2014
20:40:52
30/07/2014
20:40:32
30/07/2014
20:40:26
30/07/2014
20:40:26
User Processes LogReporter.exe Process stopped
30/07/2014
20:40:24
30/07/2014
20:40:24
30/07/2014
20:40:19
User Processes lie!pdate Process started
30/07/2014
20:40:07
User Processes lie!pdate.exe Process stopped
30/07/2014
20:40:00
User Processes tas"eng Process started
30/07/2014
20:39:#2
30/07/2014
20:39:32
30/07/2014
20:39:19
30/07/2014
20:39:19
User Processes $earch%ilter&ost.exe Process stopped
30/07/2014
20:39:19
30/07/2014
20:39:11
User Processes ($)$*+,.-.- Process stopped
30/07/2014
20:39:07
30/07/2014
20:3/:#1
30/07/2014
20:3/:32
30/07/2014
20:3/:19
30/07/2014
20:3/:06
30/07/2014
20:37:#1
30/07/2014
20:37:32
30/07/2014
20:37:19
30/07/2014
20:37:19
30/07/2014
20:37:19
User Processes a!diodg.exe Process stopped
30/07/2014
20:37:06
30/07/2014
20:36:#1
30/07/2014
20:36:#1
30/07/2014
20:36:32
30/07/2014
20:36:19
30/07/2014
20:36:06
30/07/2014
20:3#:#1
30/07/2014
20:3#:32
30/07/2014
20:3#:19
30/07/2014
20:3#:06
30/07/2014
20:34:#1
30/07/2014
20:34:#1
30/07/2014
20:34:32
30/07/2014
20:34:23
User $0ste1 !ser inactie User 2ent inactie
30/07/2014
20:34:19
30/07/2014
20:34:19
30/07/2014
20:34:06
30/07/2014
20:33:#1
30/07/2014
20:33:32
30/07/2014
20:33:19
30/07/2014
20:33:06
30/07/2014
20:32:#3
30/07/2014
20:32:32
30/07/2014
20:32:21 User Processes mspaint.exe Process stopped
30/07/2014
20:32:20
User
Mouse
click
Unknown Application
Actie window : Unknown Application
Process name : s!sdir
Mouse clicks : 1
30/07/2014
20:32:20
User
Mouse
click
Pro"ram Mana"er
Actie window : Pro"ram Mana"er
Mouse clicks : #
30/07/2014
20:32:1$
User Processes %earc&'ilter(ost.exe Process stopped
30/07/2014
20:32:1$
User Processes lieupdate Process started
30/07/2014
20:32:1$
User Processes searc&)ilter&ost Process started
30/07/2014
20:32:1$
User
Mouse
click
%em t*tulo + Paint
Actie window : %em t*tulo + Paint
Process name : mspaint
Mouse clicks : 1
30/07/2014
20:32:14
User Processes audiod" Process started
30/07/2014
20:32:13
User
Mouse
click
Paint
Actie window : Paint
Mouse clicks : 11
30/07/2014
20:32:0,
User Processes lieupdate.exe Process stopped
30/07/2014
20:32:0#
User %!stem user actie User went actie
30/07/2014
20:31:#3
30/07/2014
20:31:31
30/07/2014
20:31:23
User %!stem user inactie User went inactie
30/07/2014
20:31:1-
30/07/2014
20:31:0#
30/07/2014
20:30:#3
30/07/2014
20:30:31
30/07/2014
20:30:1-
30/07/2014
20:30:1-
30/07/2014
20:30:0#
30/07/2014
20:2$:#2
30/07/2014
20:2$:#2
30/07/2014
20:2$:33
30/07/2014
20:2$:1-
30/07/2014
20:2$:0#
30/07/2014
20:2-:#2
30/07/2014
20:2-:33
30/07/2014
20:2-:1-
30/07/2014
20:2-:0#
30/07/2014
20:27:#2
30/07/2014
20:27:#2
30/07/2014
20:27:#2
30/07/2014
20:27:33
30/07/2014
20:27:22
User .e!strokes %em t*tulo + Paint
.e!strokes : d!elson
30/07/2014
20:27:20
30/07/2014
20:27:0#
30/07/2014
20:2,:#2
30/07/2014
20:2,:4-
User
Mouse
click
%em t*tulo + Paint
Mouse clicks : 22
30/07/2014
20:2,:41
User Processes mspaint Process started
30/07/2014
20:2,:40
User
Mouse
click
Paint
Actie window : Paint
Mouse clicks : 1
30/07/2014
20:2,:3$
User
Mouse
click
Menu /niciar
Actie window : Menu /niciar
Mouse clicks : 2
30/07/2014
20:2,:37
User
Mouse
click
Unknown Application
Actie window : Unknown Application
Process name : s!sdir
Mouse clicks : 1
30/07/2014
20:26:32
30/07/2014
20:26:19
30/07/2014
20:26:04
30/07/2014
20:25:56
User Processes mspaint.exe Process stopped
30/07/2014
20:25:51
30/07/2014
20:25:51
User Processes searc!ilterost Process started
30/07/2014
20:25:33
User "e#stro$es %alvar como
&ctive 'indo' : %alvar como
"e#stro$es : ()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+()**+anne caroline e ,iell...
30/07/2014
20:25:32
30/07/2014
20:25:32
User
-ouse
clic$
%alvar como
&ctive 'indo' : %alvar como
-ouse clic$s : 2
30/07/2014
20:25:2.
User
-ouse
clic$
Paint
&ctive 'indo' : Paint
-ouse clic$s : 1
30/07/2014
20:25:19
User Processes %earc/ilter0ost.exe Process stopped
30/07/2014
20:25:19
30/07/2014
20:25:04
30/07/2014
20:24:51
30/07/2014
20:24:32
30/07/2014
20:24:19
30/07/2014
20:24:06
30/07/2014
20:23:51
30/07/2014
20:23:31
30/07/2014
20:23:1.
30/07/2014
20:23:1.
30/07/2014
20:23:05
30/07/2014
20:22:53
30/07/2014
20:22:53
30/07/2014
20:22:31
30/07/2014
20:22:1.
30/07/2014
20:22:05
30/07/2014
20:21:52
30/07/2014
20:21:33
30/07/2014
20:21:17
30/07/2014
20:21:05
30/07/2014
20:20:52
30/07/2014
20:20:32
30/07/2014
20:20:20
30/07/2014
20:20:20
30/07/2014
20:20:20
30/07/2014
20:20:04
30/07/2014
20:20:00
User Processes tas$en1.exe Process stopped
30/07/2014
20:19:52
30/07/2014
20:19:32
30/07/2014
20:19:19
30/07/2014
20:19:06
User Processes msos#nc Process started
30/07/2014
20:19:04
30/07/2014
20:1.:51
30/07/2014
20:1.:3.
User
-ouse
clic$
%em t2tulo * Paint
&ctive 'indo' : %em t2tulo * Paint
-ouse clic$s : 41
30/07/2014
20:18:32
30/07/2014
20:18:32
User
Mouse
click
Unknown pplication
ctive window : Unknown pplication
Process na!e : !spaint
Mouse clicks : 2
30/07/2014
20:18:1"
30/07/2014
20:18:1"
User Processes searc#$ilter#ost Process started
30/07/2014
20:18:1"
User Processes %earc#&ilter'ost.exe Process stopped
30/07/2014
20:18:1(
User Processes audiod).exe Process stopped
30/07/2014
20:18:04
30/07/2014
20:17:(1
30/07/2014
20:17:32
30/07/2014
20:17:1"
30/07/2014
20:17:03
30/07/2014
20:1*:(1
30/07/2014
20:1*:31
30/07/2014
20:1*:18
30/07/2014
20:1*:18
30/07/2014
20:1*:18
30/07/2014
20:1*:0(
30/07/2014
20:1(:("
30/07/2014
20:1(:(2
30/07/2014
20:1(:31
30/07/2014
20:1(:2*
30/07/2014
20:1(:18
30/07/2014
20:1(:0(
30/07/2014
20:1(:00
User Processes tasken) Process started
30/07/2014
20:14:(2
30/07/2014
20:14:3(
User +e,strokes %e! t-tulo . Paint
ctive window : %e! t-tulo . Paint
+e,strokes : anne caroline e /ielanneeanne caroline e /iell
01..2
30/07/2014
20:14:32
30/07/2014
20:14:17
30/07/2014
20:14:17
30/07/2014
20:14:04
30/07/2014
20:13:(2
User
Mouse
click
%e! t-tulo . Paint
ctive window : %e! t-tulo . Paint
Mouse clicks : 73
30/07/2014
20:13:(1
30/07/2014
20:13:(1
30/07/2014
20:13:3"
User Processes !spaint Process started
30/07/2014
20:13:32
30/07/2014
20:13:30
User
Mouse
click
Menu 3niciar
ctive window : Menu 3niciar
Process na!e : explorer
Mouse clicks : 2
30/07/2014
20:13:1"
30/07/2014
20:13:1(
User Processes 454a!%uite.exe Process stopped
30/07/2014
20:13:13
User
Mouse
click
Unknown pplication
ctive window : Unknown pplication
Process na!e : ctca!suite
Mouse clicks : 2
30/07/2014
20:13:04
30/07/2014
20:12:(1
30/07/2014
20:12:31
30/07/2014
20:12:20
User
Mouse
click
4a!era%uite
ctive window : 4a!era%uite
Process na!e : ctca!suite
Mouse clicks : 3
30/07/2014
20:12:18
30/07/2014
20:12:10
30/07/2014
20:12:05
30/07/2014
20:12:00
User
Mouse
click
Unknon !pplication
Process na"e : ctca"suite
Mouse clicks : #
30/07/2014
20:11:50
30/07/2014
20:11:50
30/07/2014
20:11:31
30/07/2014
20:11:17
30/07/2014
20:11:17
30/07/2014
20:11:04
30/07/2014
20:10:51
30/07/2014
20:10:32
30/07/2014
20:10:1(
30/07/2014
20:10:0#
30/07/2014
20:10:03
30/07/2014
20:0(:50
30/07/2014
20:0(:44
User
Mouse
click
)a"era%uite
!ctive indo : )a"era%uite
Mouse clicks : 1(
30/07/2014
20:0(:31
30/07/2014
20:0(:1#
30/07/2014
20:0(:1#
30/07/2014
20:0(:1#
30/07/2014
20:0(:11
User
Mouse
click
Unknon !pplication
Mouse clicks : 3
30/07/2014
20:0(:05
30/07/2014
20:0#:52
30/07/2014
20:0#:32
30/07/2014
20:0#:1(
30/07/2014
20:0#:04
30/07/2014
20:07:50
30/07/2014
20:07:31
30/07/2014
20:07:2*
User
Mouse
click
)a"era%uite
Mouse clicks : 1#
30/07/2014
20:07:20
User
Mouse
click
Pr+,-visuali.ar
!ctive indo : Pr+,-visuali.ar
Mouse clicks : 2
30/07/2014
20:07:1#
30/07/2014
20:07:1#
30/07/2014
20:07:12
User
Mouse
click
)a"era%uite
Mouse clicks : 3
30/07/2014
20:07:0(
User
Mouse
click
Unknon !pplication
Mouse clicks : 2
30/07/2014
20:07:04
30/07/2014
20:0*:54
User
Mouse
click
)a"era%uite
Mouse clicks : 4
30/07/2014
20:0*:51
30/07/2014
20:0*:51
30/07/2014
20:0*:4#
User
Mouse
click
Unknon !pplication
Mouse clicks : 3
30/07/2014
20:0*:32
30/07/2014
20:0*:1(
30/07/2014
20:0*:04
30/07/2014
20:05:50
30/07/2014
20:05:43
User
Mouse
click
CameraSuite
Active window : CameraSuite
rocess name : ctcamsuite
Mouse clicks : 11
30/07/2014
20:05:3!
User
Mouse
click
r"#$visuali%ar
Active window : r"#$visuali%ar
Mouse clicks : 1
30/07/2014
20:05:34
User
Mouse
click
CameraSuite
Mouse clicks : 1
30/07/2014
20:05:31
User rocesses liveu&date'e(e rocess sto&&ed
30/07/2014
20:05:22
User
Mouse
click
Unknown A&&lication
Active window : Unknown A&&lication
Mouse clicks : 3
30/07/2014
20:05:1)
User rocesses liveu&date rocess started
30/07/2014
20:05:05
30/07/2014
20:04:52
30/07/2014
20:04:32
30/07/2014
20:04:21
User
Mouse
click
CameraSuite
Mouse clicks : 10
30/07/2014
20:04:1!
User rocesses Searc*+ilter,ost'e(e rocess sto&&ed
30/07/2014
20:04:1!
30/07/2014
20:04:1!
User rocesses searc*-ilter*ost rocess started
30/07/2014
20:04:17
30/07/2014
20:04:17
30/07/2014
20:04:04
30/07/2014
20:03:51
30/07/2014
20:03:31
30/07/2014
20:03:1)
30/07/2014
20:03:03
30/07/2014
20:02:51
User
Mouse
click
Unknown A&&lication
Mouse clicks : 4
30/07/2014
20:02:50
30/07/2014
20:02:4!
User
Mouse
click
CameraSuite
Mouse clicks : 1
30/07/2014
20:02:3.
User
Mouse
click
Unknown A&&lication
Mouse clicks : 3
30/07/2014
20:02:33
User
Mouse
click
CameraSuite
Mouse clicks : 1
30/07/2014
20:02:30
30/07/2014
20:02:1!
User
Mouse
click
Unknown A&&lication
Mouse clicks : 4
30/07/2014
20:02:17
User rocesses searc*-ilter*ost rocess started
30/07/2014
20:02:17
30/07/2014
20:02:10
User
Mouse
click
CameraSuite
Mouse clicks : 2
30/07/2014
20:02:04
30/07/2014
20:01:51
30/07/2014
20:01:51
User rocesses Searc*+ilter,ost'e(e rocess sto&&ed
30/07/2014
20:01:34
User
Mouse
click
Unknown A&&lication
Mouse clicks : 2
30/07/2014
20:01:32
30/07/2014
20:01:17
30/07/2014
20:01:04
30/07/2014
20:00:5.
User
Mouse
click
CameraSuite
Mouse clicks : 3
30/07/2014
20:00:51
30/07/2014
20:00:3)
User
Mouse
click
Unknown A&&lication
Mouse clicks : 3
30/07/2014
20:00:31
30/07/2014
20:00:18 User Processes liveupdate Process started
30/07/2014
20:00:08
User
Mouse
click
CameraSuite
Active i!do : CameraSuite
Process !ame : ctcamsuite
Mouse clicks : "
30/07/2014
20:00:03
User Processes liveupdate#e$e Process stopped
30/07/2014
1%:&%:&0
30/07/2014
1%:&%:30
30/07/2014
1%:&%:22
User
Mouse
click
U!k!o! Applicatio!
Active i!do : U!k!o! Applicatio!
Mouse clicks : 3
30/07/2014
1%:&%:17
30/07/2014
1%:&%:17
30/07/2014
1%:&%:17
User Processes Searc')ilter*ost#e$e Process stopped
30/07/2014
1%:&%:04
30/07/2014
1%:&8:&1
30/07/2014
1%:&8:32
30/07/2014
1%:&8:1%
User S+stem user active User e!t active
30/07/2014
1%:&8:1%
User
Mouse
click
CameraSuite
Active i!do : CameraSuite
Mouse clicks : 7
30/07/2014
1%:&8:1"
30/07/2014
1%:&8:04
30/07/2014
1%:&7:&1
30/07/2014
1%:&7:31
30/07/2014
1%:&7:18
30/07/2014
1%:&7:18
30/07/2014
1%:&7:18
30/07/2014
1%:&7:03
30/07/2014
1%:&":&0
30/07/2014
1%:&":31
30/07/2014
1%:&":18
30/07/2014
1%:&":02
30/07/2014
1%:&&:4%
30/07/2014
1%:&&:30
30/07/2014
1%:&&:17
30/07/2014
1%:&&:17
30/07/2014
1%:&&:17
30/07/2014
1%:&&:04
30/07/2014
1%:&4:&1
30/07/2014
1%:&4:31
30/07/2014
1%:&4:1"
30/07/2014
1%:&4:03
30/07/2014
1%:&3:&0
30/07/2014
1%:&3:31
30/07/2014
1%:&3:18
30/07/2014
1%:&3:18
30/07/2014
1%:&3:03
30/07/2014
1%:&2:&0
30/07/2014
1%:&2:&0
30/07/2014
1%:&2:30
30/07/2014
1%:&2:17
30/07/2014
19:52:04
30/07/2014
19:51:49
30/07/2014
19:51:30
30/07/2014
19:51:17
30/07/2014
19:51:03
30/07/2014
19:50:50
30/07/2014
19:50:31
30/07/2014
19:50:22
30/07/2014
19:50:22
User Processes Lo!eporter.exe Process stopped
30/07/2014
19:50:20
30/07/2014
19:50:20
30/07/2014
19:50:20
User Processes loreporter Process started
30/07/2014
19:50:1#
30/07/2014
19:50:1#
30/07/2014
19:50:02
30/07/2014
19:49:49
30/07/2014
19:49:30
30/07/2014
19:49:17
30/07/2014
19:49:04
30/07/2014
19:4#:50
30/07/2014
19:4#:44
30/07/2014
19:4#:31
30/07/2014
19:4#:1#
30/07/2014
19:4#:1#
30/07/2014
19:4#:1#
30/07/2014
19:4#:02
30/07/2014
19:47:49
30/07/2014
19:47:3#
User Processes tas'en.exe Process stopped
30/07/2014
19:47:30
30/07/2014
19:47:17
30/07/2014
19:47:04
30/07/2014
19:4(:51
30/07/2014
19:4(:31
30/07/2014
19:4(:1#
30/07/2014
19:4(:1#
30/07/2014
19:4(:1#
30/07/2014
19:4(:02
30/07/2014
19:45:49
30/07/2014
19:45:30
30/07/2014
19:45:17
30/07/2014
19:45:03
30/07/2014
19:44:50
30/07/2014
19:44:31
30/07/2014
19:44:1#
30/07/2014
19:44:1#
30/07/2014
19:44:02
30/07/2014
19:43:49
30/07/2014
19:43:49
30/07/2014
19:43:30
30/07/2014
19:43:17
30/07/2014
19:43:03
30/07/2014
19:42:50
30/07/2014
19:42:39
30/07/2014
19:42:39
30/07/2014
19:42:37
30/07/2014
19:42:31
30/07/2014
19:42:16
30/07/2014
19:42:02
30/07/2014
19:41:49
30/07/2014
19:41:30
30/07/2014
19:41:17
30/07/2014
19:41:17
30/07/2014
19:41:17
30/07/2014
19:41:03
30/07/2014
19:40:50
30/07/2014
19:40:31
30/07/2014
19:40:31
30/07/2014
19:40:26
30/07/2014
19:40:26
30/07/2014
19:40:24
30/07/2014
19:40:15
30/07/2014
19:40:05
User Processes $av$s%eport.exe Process stopped
30/07/2014
19:40:02
30/07/2014
19:40:00
User Processes &av&sreport Process started
30/07/2014
19:40:00
User Processes taske'( Process started
30/07/2014
19:39:49
30/07/2014
19:39:30
30/07/2014
19:39:23
User !)ste* user i'active User +e't i'active
30/07/2014
19:39:17
30/07/2014
19:39:17
30/07/2014
19:39:04
30/07/2014
19:3,:4,
30/07/2014
19:3,:4,
30/07/2014
19:3,:29
30/07/2014
19:3,:16
30/07/2014
19:3,:03
30/07/2014
19:37:50
30/07/2014
19:37:31
30/07/2014
19:37:15
30/07/2014
19:37:11
User
-ouse
click
U'k'o+' .pplicatio'
.ctive +i'do+ : U'k'o+' .pplicatio'
Process 'a*e : ctca*suite
-ouse clicks : 2
30/07/2014
19:37:04
User
-ouse
click
/a*era!uite
.ctive +i'do+ : /a*era!uite
Process 'a*e : ctca*suite
-ouse clicks : 1
30/07/2014
19:37:02
30/07/2014 -ouse .ctive +i'do+ : U'k'o+' .pplicatio'
19:36:52
User
click
Unknown Application
Mouse clicks : 3
30/07/2014
19:36:49
User Processes lieup!ate Process starte!
30/07/2014
19:36:30
User Processes lieup!ate"e#e Process stoppe!
30/07/2014
19:36:30
User
Mouse
click
$amera%uite
Actie win!ow : $amera%uite
Mouse clicks : 2
30/07/2014
19:36:21
User
Mouse
click
Unknown Application
Actie win!ow : Unknown Application
Mouse clicks : 2
30/07/2014
19:36:16
User Processes %earc&'ilter(ost"e#e Process stoppe!
30/07/2014
19:36:16
User Processes searc&)ilter&ost Process starte!
30/07/2014
19:36:16
30/07/2014
19:36:07
User
Mouse
click
$amera%uite
Mouse clicks : 3
30/07/2014
19:36:06
User
Mouse
click
Unknown Application
Mouse clicks : 2
30/07/2014
19:36:03
30/07/2014
19:35:49
User
Mouse
click
$amera%uite
Mouse clicks : 1
30/07/2014
19:35:4*
30/07/2014
19:35:34
User
Mouse
click
Unknown Application
Mouse clicks : 3
30/07/2014
19:35:29
30/07/2014
19:35:16
30/07/2014
19:35:03
30/07/2014
19:34:50
30/07/2014
19:34:30
30/07/2014
19:34:17
30/07/2014
19:34:17
30/07/2014
19:34:02
30/07/2014
19:33:49
30/07/2014
19:33:49
30/07/2014
19:33:29
30/07/2014
19:33:16
30/07/2014
19:33:03
30/07/2014
19:32:50
30/07/2014
19:32:30
30/07/2014
19:32:17
30/07/2014
19:32:15
30/07/2014
19:32:15
30/07/2014
19:32:02
30/07/2014
19:31:49
30/07/2014
19:31:49
30/07/2014
19:31:30
30/07/2014
19:31:19
User Processes +ruste!,nstaller"e#e Process stoppe!
30/07/2014
19:31:17
30/07/2014
19:31:17
30/07/2014
19:31:01
30/07/2014
19:30:51
User Processes Up!ater"e#e Process stoppe!
30/07/2014
19:30:4*
30/07/2014
19:30:31
User Processes Up!atePopUp"e#e Process stoppe!
30/07/2014
19:30:29
User Processes up!atepopup Process starte!
30/07/2014
19:30:29
30/07/2014
19:30:20
User Processes LogReporter.exe Process stopped
30/07/2014
19:30:20
30/07/2014
19:30:20
User Processes conost.exe Process stopped
30/07/2014
19:30:17
30/07/2014
19:30:17
30/07/2014
19:30:17
User Processes conost Process started
30/07/2014
19:30:1!
30/07/2014
19:30:1!
30/07/2014
19:30:02
30/07/2014
19:29:49
30/07/2014
19:29:29
30/07/2014
19:29:1"
30/07/2014
19:29:1"
User Processes searc#ilterost Process started
30/07/2014
19:29:01
30/07/2014
19:2$:!0
User Processes %earc&ilter'ost.exe Process stopped
30/07/2014
19:2$:4$
30/07/2014
19:2$:29
30/07/2014
19:2$:1"
30/07/2014
19:2$:03
30/07/2014
19:27:!0
30/07/2014
19:27:33
User
(ouse
clic)
*a+era%uite
,ctive -indo- : *a+era%uite
Process na+e : ctca+suite
(ouse clic)s : 47
30/07/2014
19:27:2$
30/07/2014
19:27:1!
30/07/2014
19:27:12
User
(ouse
clic)
Pr./0visuali1ar
,ctive -indo- : Pr./0visuali1ar
(ouse clic)s : 1
30/07/2014
19:27:0$
User
(ouse
clic)
*a+era%uite
(ouse clic)s : 1
30/07/2014
19:27:03
User
(ouse
clic)
Un)no-n ,pplication
,ctive -indo- : Un)no-n ,pplication
(ouse clic)s : 1
30/07/2014
19:27:02
30/07/2014
19:2":49
30/07/2014
19:2":3$
User
(ouse
clic)
*a+era%uite
(ouse clic)s : 12
30/07/2014
19:2":37
User
(ouse
clic)
Pr./0visuali1ar
,ctive -indo- : Pr./0visuali1ar
(ouse clic)s : 1
30/07/2014
19:2":34
30/07/2014
19:2":33
User
(ouse
clic)
*a+era%uite
(ouse clic)s : 1
30/07/2014
19:2":29
30/07/2014
19:2":29
User Processes dllost Process started
30/07/2014
19:2":1"
User Processes searc#ilterost Process started
30/07/2014
19:2":1"
User Processes %earc&ilter'ost.exe Process stopped
30/07/2014
19:2":1"
30/07/2014
19:2":12
30/07/2014
19:2":10
User Processes ctca+suite Process started
30/07/2014
19:2":09
User
(ouse
clic)
Progra+ (anager
,ctive -indo- : Progra+ (anager
Process na+e : explorer
(ouse clic)s : 3
30/07/2014
19:2":03
User
(ouse
clic)
Progra+ (anager
,ctive -indo- : Progra+ (anager
Process na+e : explorer
(ouse clic)s : 1
30/07/2014
19:2":03
User
(ouse
clic)
Un)no-n ,pplication
,ctive -indo- : Un)no-n ,pplication
Process na+e : s2sdir
(ouse clic)s : "
30/07/2014
19:26:01
30/07/2014
19:25:59
User Processes mspaint.exe Process stopped
30/07/2014
19:25:59
User
ouse
clic!
Paint
"ctive #indo# : Paint
ouse clic!s : 1
30/07/2014
19:25:59
User
ouse
clic!
$ata%ardonitor
"ctive #indo# : $ata%ardonitor
Process name : dcs&elper
ouse clic!s : 1
30/07/2014
19:25:4'
30/07/2014
19:25:29
30/07/2014
19:25:16
30/07/2014
19:25:01
30/07/2014
19:24:4'
30/07/2014
19:24:29
30/07/2014
19:24:16
User Processes searc&(ilter&ost Process started
30/07/2014
19:24:16
30/07/2014
19:24:03
30/07/2014
19:23:50
User Processes )earc&*ilter+ost.exe Process stopped
30/07/2014
19:23:4'
30/07/2014
19:23:2'
30/07/2014
19:23:15
30/07/2014
19:23:06
User ),stem user active User #ent active
30/07/2014
19:23:02
30/07/2014
19:22:49
30/07/2014
19:22:2'
30/07/2014
19:22:26
User Processes audiod-.exe Process stopped
30/07/2014
19:22:15
30/07/2014
19:22:02
30/07/2014
19:21:49
30/07/2014
19:21:2'
30/07/2014
19:21:15
30/07/2014
19:21:15
User Processes )earc&*ilter+ost.exe Process stopped
30/07/2014
19:21:15
30/07/2014
19:21:06
User Processes trustedinstaller Process started
30/07/2014
19:21:02
30/07/2014
19:20:49
30/07/2014
19:20:3'
User Processes .avUpdater.exe Process stopped
30/07/2014
19:20:36
User Processes "pp)toreUpdater.exe Process stopped
30/07/2014
19:20:30
30/07/2014
19:20:2'
User Processes msiexec.exe Process stopped
30/07/2014
19:20:2'
30/07/2014
19:20:2'
User Processes /avupdater Process started
30/07/2014
19:20:15
30/07/2014
19:20:02
User Processes tas!en-.exe Process stopped
30/07/2014
19:20:02
30/07/2014
19:19:49
30/07/2014
19:19:29
30/07/2014
19:19:16
30/07/2014
19:19:14
30/07/2014
19:19:01
30/07/2014
19:18:48
30/07/2014
19:18:48
30/07/2014
19:18:29
30/07/2014
19:18:22
30/07/2014
19:18:1%
30/07/2014
19:18:01
30/07/2014
19:17:&7
User Processes sppsvc.ee Process stopped
30/07/2014
19:17:48
30/07/2014
19:17:29
30/07/2014
19:17:24
User Processes audiod' Process started
30/07/2014
19:17:24
User Processes (S)S*+,.-.- Process stopped
30/07/2014
19:17:1%
30/07/2014
19:17:00
30/07/2014
19:1%:47
30/07/2014
19:1%:47
User Processes search/ilterhost Process started
30/07/2014
19:1%:32
User Processes co#host.ee Process stopped
30/07/2014
19:1%:32
User Processes so/t"'r0update.ee Process stopped
30/07/2014
19:1%:30
30/07/2014
19:1%:30
User Processes so/t"'r0update Process started
30/07/2014
19:1%:28
30/07/2014
19:1%:24
User Processes audiod'.ee Process stopped
30/07/2014
19:1%:17
User
(ouse
clic1
Se" t2tulo 3 Pai#t
4ctive $i#do$ : Se" t2tulo 3 Pai#t
Process #a"e : "spai#t
(ouse clic1s : 18
30/07/2014
19:1%:1&
30/07/2014
19:1%:1&
30/07/2014
19:1%:10
User Processes P,FPopups.ee Process stopped
30/07/2014
19:1%:02
30/07/2014
19:1%:02
User Processes pc/popups Process started
30/07/2014
19:1&:49
30/07/2014
19:1&:38
User
(ouse
clic1
-ditar ,ores
4ctive $i#do$ : -ditar ,ores
Process #a"e : "spai#t
(ouse clic1s : 8
30/07/2014
19:1&:31
User Processes 4ppStoreUtil-e.ee Process stopped
30/07/2014
19:1&:31
User Processes co#host.ee Process stopped
30/07/2014
19:1&:29
User Processes appstoreutilee Process started
30/07/2014
19:1&:29
30/07/2014
19:1&:29
30/07/2014
19:1&:2&
User Processes tas1e#'.ee Process stopped
30/07/2014
19:1&:1%
30/07/2014
19:1&:09
User Processes SearchProtocolHost.ee Process stopped
30/07/2014
19:1&:01
30/07/2014
19:14:48
30/07/2014
19:14:28
30/07/2014
19:14:1&
30/07/2014
19:14:0%
30/07/2014
19:14:04
User Processes search/ilterhost Process started
30/07/2014
19:14:04
30/07/2014
19:14:01
30/07/2014
19:13:55
User Processes wmi32.exe Process stopped
30/07/2014
19:13:50
User Processes appstore_sync.exe Process stopped
30/07/2014
19:13:48
User Processes i!e"pdate Process started
30/07/2014
19:13:30
User Processes appstore_sync Process started
30/07/2014
19:13:28
User Processes i!e"pdate.exe Process stopped
30/07/2014
19:13:24
User Processes #miPr!$%.exe Process stopped
30/07/2014
19:13:21
User
&o"se
cic'
$em t(t"o ) Paint
*cti!e window : $em t(t"o ) Paint
&o"se cic's : 37
30/07/2014
19:13:15
30/07/2014
19:13:02
30/07/2014
19:12:51
User Processes re+s!r32.exe Process stopped
30/07/2014
19:12:49
User Processes s!c,ost Process started
30/07/2014
19:12:49
30/07/2014
19:12:49
User Processes spps!c Process started
30/07/2014
19:12:49
User Processes s!c,ost Process started
30/07/2014
19:12:49
User Processes re+s!r32 Process started
30/07/2014
19:12:44
User Processes mspaint Process started
30/07/2014
19:12:41
User
&o"se
cic'
Un'nown *ppication
*cti!e window : Un'nown *ppication
Process name : exporer
&o"se cic's : 1
30/07/2014
19:12:31
30/07/2014
19:12:28
30/07/2014
19:12:17
User Processes $earc,-iter.ost.exe Process stopped
30/07/2014
19:12:17
User Processes $earc,Protoco.ost.exe Process stopped
30/07/2014
19:12:15
30/07/2014
19:12:0/
User 0eystro'es &en" 1niciar
*cti!e window : &en" 1niciar
0eystro'es : paint
30/07/2014
19:11:54
User
&o"se
cic'
&en" 1niciar
&o"se cic's : 28
30/07/2014
19:11:51
User Processes wmi32 Process started
30/07/2014
19:11:3/
User Processes d,ost.exe Process stopped
30/07/2014
19:11:31
User Processes d,ost Process started
30/07/2014
19:11:25
User Processes o"too' Process started
30/07/2014
19:10:00
User $ystem 2o+on
User : User
3,e comp"ter ,a!e o++ed on
30/07/2014
19:07:59
User Processes r"nd32.exe Process stopped
30/07/2014
19:07:59
User Processes 45$.eper.exe Process stopped
30/07/2014
19:07:59
User Processes 5aro.exe Process stopped
30/07/2014
19:07:59
User $ystem $,"t4own
User : User
3,e comp"ter ,a!e s,"t down
30/07/2014
19:07:57
User Processes o+on"i Process started
30/07/2014
19:07:55
User
&o"se
cic'
&en" 1niciar
&o"se cic's : 1
30/07/2014
19:07:49
User
&o"se
cic'
5aro
*cti!e window : 5aro
Process name : caro
&o"se cic's : 1
30/07/2014
19:07:48
User Processes 535am$"ite.exe Process stopped
30/07/2014
19:07:4/
User
&o"se
cic'
Un'nown *ppication
Process name : ctcams"ite
&o"se cic's : 1
30/07/2014
19:07:28
User
&o"se
cic'
5amera$"ite
*cti!e window : 5amera$"ite
&o"se cic's : 3
30/07/2014
19:07:22
User Processes tas',ost Process started
30/07/2014
19:0/:48
User
&o"se
cic'
Un'nown *ppication
&o"se cic's : 12
30/07/2014
19:0/:41
User Processes $earc,-iter.ost.exe Process stopped
30/07/2014
19:0/:41
User Processes $earc,Protoco.ost.exe Process stopped
30/07/2014
19:0/:40
User
&o"se
cic'
5amera$"ite
&o"se cic's : 2
30/07/2014
19:0/:13
User
&o"se
cic'
Un'nown *ppication
&o"se cic's : /
30/07/2014
19:05:38
User Processes searc,6iter,ost Process started
30/07/2014
19:05:38
User Processes searc,protoco,ost Process started
30/07/2014
19:05:28
User
&o"se
cic'
5amera$"ite
&o"se cic's : 9
30/07/2014
19:05:24
User
&o"se
cic'
Pr(7)!is"ai8ar
*cti!e window : Pr(7)!is"ai8ar
&o"se cic's : 1
30/07/2014
19:05:17
User
&o"se
cic'
5amera$"ite
&o"se cic's : 4
30/07/2014
19:05:1/
User
&o"se
cic'
Pr(7)!is"ai8ar
*cti!e window : Pr(7)!is"ai8ar
&o"se cic's : 1
30/07/2014
19:05:14
User
&o"se
cic'
5amera$"ite
&o"se cic's : 1
30/07/2014
19:05:10
30/07/2014
19:05:03
30/07/2014
19:04:57
User
&o"se
cic'
Un'nown *ppication
&o"se cic's : 2
30/07/2014
19:04:51
User
&o"se
cic'
5aro
Process name : caro
&o"se cic's : 1
30/07/2014
19:04:47
User
&o"se
cic'
5amera$"ite
&o"se cic's : 1
30/07/2014
19:04:29
User Processes ctcams"ite Process started
30/07/2014
19:04:28
User
&o"se
cic'
Pro+ram &ana+er
*cti!e window : Pro+ram &ana+er
&o"se cic's : 4
30/07/2014
19:04:2/
User
&o"se
cic'
Pro+ram &ana+er
&o"se cic's : 1
30/07/2014
19:04:2/
User
&o"se
cic'
Un'nown *ppication
Process name : ide
&o"se cic's : 3
30/07/2014
19:04:23
User
&o"se
cic'
Un'nown *ppication
&o"se cic's : 1
30/07/2014
19:03:43
User
&o"se
cic'
5aro
Process name : caro
&o"se cic's : 14
30/07/2014
19:03:41
User
&o"se
cic'
1niciar
*cti!e window : 1niciar
&o"se cic's : 1
30/07/2014
19:03:2/
User
&o"se
cic'
&en" 1niciar
&o"se cic's : 1
30/07/2014
19:03:24
User
&o"se
cic'
1niciar
*cti!e window : 1niciar
&o"se cic's : 1
30/07/2014
19:03:21
User
&o"se
cic'
&en" 1niciar
&o"se cic's : 1
30/07/2014
19:02:43
User
&o"se
cic'
5aro
Process name : caro
&o"se cic's : 38
30/07/2014
19:02:41
User
&o"se
cic'
Pro+ram &ana+er
&o"se cic's : 1
30/07/2014
19:01:43
30/07/2014
19:01:37
30/07/2014
19:01:33
User
&o"se
cic'
5aro
Process name : caro
&o"se cic's : 25
30/07/2014
19:01:32
30/07/2014
19:01:2/
30/07/2014
19:01:24
User Processes spar'.exe Process stopped
30/07/2014
19:01:24
30/07/2014
19:01:24
30/07/2014
19:01:22
User Processes tas'en+.exe Process stopped
30/07/2014
19:01:22
User
&o"se
cic'
%rro de $cript
*cti!e window : %rro de $cript
Process name : caro
&o"se cic's : 1
30/07/2014
19:01:19
30/07/2014
19:01:04
30/07/2014
19:00:59
30/07/2014
19:00:58
User
Mouse
click
Nova guia !"ark #ro$ser
%ctive $i&do$ : Nova guia !"ark #ro$ser
Process &a'e : s"ark
Mouse clicks : 7
30/07/2014
19:00:55
User Processes s"ark Process started
30/07/2014
19:00:55
User Processes s"ark(e)e Process sto""ed
30/07/2014
19:00:50
30/07/2014
19:00:2*
User
Mouse
click
#e'vi&do ao +ace,ook acesse-
cadastrese ou sai,a 'ais( !"ark
#ro$ser
%ctive $i&do$ : #e'vi&do ao +ace,ook acesse- cadastrese ou sai,a 'ais( !"ark #ro$ser
Process &a'e : s"ark
Mouse clicks : 4
30/07/2014
18:58:50
User !.ste' user active User $e&t active
30/07/2014
18:58:44
User Processes /ogo&U0(e)e Process sto""ed
30/07/2014
18:57:02
User Processes !earch+ilter1ost(e)e Process sto""ed
30/07/2014
18:57:02
User Processes !earchProtocol1ost(e)e Process sto""ed
30/07/2014
18:5*:21
User Processes co&host(e)e Process sto""ed
30/07/2014
18:5*:21
User Processes dllhost(e)e Process sto""ed
30/07/2014
18:5*:21
User Processes c'd(e)e Process sto""ed
30/07/2014
18:5*:21
User Processes 2i&dstr(e)e Process sto""ed
30/07/2014
18:5*:05
30/07/2014
18:5*:03
User Processes s"ark Process started
30/07/2014
18:5*:03
30/07/2014
18:55:52
User Processes P3+#!4e"ort(e)e Process sto""ed
30/07/2014
18:55:38
User Processes /og4e"orter(e)e Process sto""ed
30/07/2014
18:55:38
User Processes co&host(e)e Process sto""ed
30/07/2014
18:55:3*
User Processes logre"orter Process started
30/07/2014
18:55:3*
30/07/2014
18:55:27
User Processes 2i&dstr Process started
30/07/2014
18:55:23
30/07/2014
18:55:23
30/07/2014
18:55:23
User Processes search"rotocolhost Process started
30/07/2014
18:55:20
User Processes taske&g Process started
30/07/2014
18:55:20
User Processes c'd Process started
30/07/2014
18:55:20
30/07/2014
18:55:20
User Processes "c2,sre"ort Process started
30/07/2014
18:55:18
30/07/2014
18:55:18
User !.ste' user i&active User $e&t i&active
30/07/2014
18:53:34
30/07/2014
18:53:25
30/07/2014
18:53:18
User Processes logo&ui Process started
30/07/2014
18:50:12
User !.ste' user active User $e&t active
30/07/2014
18:48:1*
User !.ste' user i&active User $e&t i&active
30/07/2014
18:48:07
User Processes taske&g(e)e Process sto""ed
30/07/2014
18:47:17
30/07/2014
18:4*:38
User Processes !earchProtocol1ost(e)e Process sto""ed
30/07/2014
18:4*:38
User Processes !earch+ilter1ost(e)e Process sto""ed
30/07/2014
18:45:37
User Processes U"dater(e)e Process sto""ed
30/07/2014
18:45:35
User Processes u"dater Process started
30/07/2014
18:45:35
User Processes search"rotocolhost Process started
30/07/2014
18:45:35
30/07/2014
User Processes s"arku"date(e)e Process sto""ed
18:43:07
30/07/2014
18:42:49
30/07/2014
18:42:43
30/07/2014
18:42:40
User Processes bdutil.exe Process stopped
30/07/2014
18:42:38
User Processes tasken Process started
30/07/2014
18:42:38
30/07/2014
18:42:38
User Processes bdutil Process started
30/07/2014
18:41:!4
User Processes audiod.exe Process stopped
30/07/2014
18:41:20
User
"ouse
click
#!1$ %acebook & 'park (ro)ser
*cti+e )indo) : #!1$ %acebook & 'park (ro)ser
Process na,e : spark
"ouse clicks : 12
30/07/2014
18:40:!!
User -e.strokes #!1$ %acebook & 'park (ro)ser
*cti+e )indo) : #!1$ %acebook & 'park (ro)ser
-e.strokes : / 0uando a pessoa corre atras1/u 2a estou cansada...34&&534&&534&&5 de correr...rsrsrs
30/07/2014
18:39:31
User
"ouse
click
%acebook & 'park (ro)ser
*cti+e )indo) : %acebook & 'park (ro)ser
"ouse clicks : 4
30/07/2014
18:38:38
User -e.strokes %acebook & 'park (ro)ser
*cti+e )indo) : %acebook & 'park (ro)ser
30/07/2014
18:38:32
User
"ouse
click
6laro 7nternet & 8a+eue no seu
co,putador9 notebook ou tablet &
'park (ro)ser
*cti+e )indo) : 6laro 7nternet & 8a+eue no seu co,putador9 notebook ou tablet & 'park (ro)ser
"ouse clicks : 1
30/07/2014
18:38:28
30/07/2014
18:38:2!
User
"ouse
click
christina perri & 4shared.co,
do)nload :ree & 1 & 'park (ro)ser
*cti+e )indo) : christina perri & 4shared.co, do)nload :ree & 1 & 'park (ro)ser
"ouse clicks : 1
30/07/2014
18:37:09
30/07/2014
18:37:04
30/07/2014
18:37:04
30/07/2014
18:37:02
User
"ouse
click
*s p;<inas n;=o :ora, :echadas
ade0uada,ente da ;>lti,a +e? &
'park (ro)ser
*cti+e )indo) : *s p;<inas n;=o :ora, :echadas ade0uada,ente da ;>lti,a +e? & 'park (ro)ser
"ouse clicks : 1
30/07/2014
18:3@:!7
User
"ouse
click
6laro 7nternet & 8a+eue no seu
co,putador9 notebook ou tablet &
'park (ro)ser
*cti+e )indo) : 6laro 7nternet & 8a+eue no seu co,putador9 notebook ou tablet & 'park (ro)ser
"ouse clicks : 1
30/07/2014
18:3@:49
30/07/2014
18:3@:3@
User Processes 'earch%ilterAost.exe Process stopped
30/07/2014
18:3@:3@
User Processes 'earchProtocolAost.exe Process stopped
30/07/2014
18:3@:34
User
"ouse
click
#!2$ "ark Buckerber & 'park
(ro)ser
*cti+e )indo) : #!2$ "ark Buckerber & 'park (ro)ser
"ouse clicks : 2
30/07/2014
18:3!:34
User -e.strokes
(ro)ser
30/07/2014
18:3!:34
User Processes search:ilterhost Process started
30/07/2014
18:3!:34
30/07/2014
18:3!:34
User '.ste, user acti+e User )ent acti+e
30/07/2014
18:31:1!
User '.ste, user inacti+e User )ent inacti+e
30/07/2014
18:28:1!
User -e.strokes
(ro)ser
30/07/2014
18:2@:43
User Processes 'earchProtocolAost.exe Process stopped
30/07/2014
18:2@:43
User Processes 'earch%ilterAost.exe Process stopped
30/07/2014
18:2!:33
30/07/2014
18:2!:33
User Processes search:ilterhost Process started
30/07/2014
18:2!:33
User
"ouse
click
(ro)ser
"ouse clicks : 1
30/07/2014
18:24:!3
User
"ouse
click
#!0$ U,a retrospecti+a & 'park
(ro)ser
*cti+e )indo) : #!0$ U,a retrospecti+a & 'park (ro)ser
"ouse clicks : 1
30/07/2014
18:24:31
User -e.strokes
#!0$ U,a retrospecti+a & 'park
(ro)ser
*cti+e )indo) : #!0$ U,a retrospecti+a & 'park (ro)ser
30/07/2014
18:24:31
30/07/2014
18:24:1!
30/07/2014
18:22:!1
30/07/2014
18:20:1!
30/07/2014
18:20:02
User Processes tasken.exe Process stopped
30/07/2014
18:19:1!
30/07/2014
18:16:39
30/07/2014
18:16:39
30/07/2014
18:1:43
User Processes spar! Process started
30/07/2014
18:1:34
30/07/2014
18:1:31
30/07/2014
18:1:31
User Processes "pdater Process started
30/07/2014
18:1:31
User Processes search#ilterhost Process started
30/07/2014
18:1:29
User
$o"se
clic!
%7& 'atall( )e*tes + Spar! )ro,ser
-cti.e ,i*do, : %7& 'atall( )e*tes + Spar! )ro,ser
Process *a/e : spar!
$o"se clic!s : 7
30/07/2014
18:1:22
User Processes tas!host.exe Process stopped
30/07/2014
18:1:00
User Processes tas!e*0 Process started
30/07/2014
18:13:22
User Processes tas!host Process started
30/07/2014
18:12:36
User Processes a"diod0 Process started
30/07/2014
18:11:07
User Processes -ppPopUp1ip.exe Process stopped
30/07/2014
18:11:00
User Processes apppop"ptip Process started
30/07/2014
18:08:4
User 2e(stro!es %7& 'atall( )e*tes + Spar! )ro,ser
30/07/2014
18:06:36
30/07/2014
18:06:36
30/07/2014
18:0:30
30/07/2014
18:0:30
30/07/2014
18:03:36
30/07/2014
18:03:17
User
$o"se
clic!
$o"se clic!s : 3
30/07/2014
18:03:13
User
$o"se
clic!
$o"se clic!s : 1
30/07/2014
18:02:1
30/07/2014
18:02:06
User Processes a"diod0.exe Process stopped
30/07/2014
17:6:1
User Processes a"diod0 Process started
30/07/2014
17:6:34
30/07/2014
17:6:34
30/07/2014
17:6:23
User
$o"se
clic!
$o"se clic!s : 4
30/07/2014
17:6:19
2e(stro!es : 3i*da444
30/07/2014
17::44
User
$o"se
clic!
%& 'atall( )e*tes + Spar! )ro,ser
-cti.e ,i*do, : %& 'atall( )e*tes + Spar! )ro,ser
$o"se clic!s : 1
30/07/2014
17::30
30/07/2014
17::30
User Processes co*host.exe Process stopped
30/07/2014
17::30
30/07/2014
17::28
User Processes lo0reporter Process started
30/07/2014
17::28
30/07/2014
17::28
User Processes co*host Process started
30/07/2014
17::24
User
$o"se
clic!
$o"se clic!s : 1
30/07/2014
17:3:20
User
$o"se
clic!
%& 'atall( )e*tes + Spar! )ro,ser
$o"se clic!s : 2
30/07/2014
17:3:04
User Processes spar!.exe Process stopped
30/07/2014
17:2:
User 2e(stro!es %& 'atall( )e*tes + Spar! )ro,ser
2e(stro!es : 1a 6e/ e*tao o60da4
30/07/2014
17:0:47
User Processes spar! Process started
30/07/2014
17:49:24
User Processes a"diod0.exe Process stopped
30/07/2014
17:47:43 User Processes taskeng.exe Process stopped
30/07/2014
17:46:43
30/07/2014
17:46:43
User Processes SearchProtocolost.exe Process stopped
30/07/2014
17:4!:42
User Processes P"FPop#ps.exe Process stopped
30/07/2014
17:4!:40
User Processes pc$pop#ps Process started
30/07/2014
17:4!:2%
User Processes &og'eporter.exe Process stopped
30/07/2014
17:4!:2%
30/07/2014
17:4!:26
30/07/2014
17:4!:26
30/07/2014
17:4!:26
30/07/2014
17:4!:26
30/07/2014
17:42:46
30/07/2014
17:42:44
User Processes spark#pdate.exe Process stopped
30/07/2014
17:42:41
30/07/2014
17:42:37
User Processes spark#pdate Process started
30/07/2014
17:42:37
30/07/2014
17:42:0%
30/07/2014
17:42:0%
30/07/2014
17:41:26
30/07/2014
17:41:04
User
(o#se
click
)!* +line ,er- . Spark /ro0ser
+cti1e 0indo0 : )!* +line ,er- . Spark /ro0ser
Process na2e : spark
(o#se clicks : 31
30/07/2014
17:40:!%
30/07/2014
17:40:!%
30/07/2014
17:40:11
User
(o#se
click
+3rir
+cti1e 0indo0 : +3rir
(o#se clicks : 4
30/07/2014
17:34:!!
30/07/2014
17:36:32
30/07/2014
17:36:32
30/07/2014
17:3!:26
30/07/2014
17:3!:26
30/07/2014
17:3!:01
User
(o#se
click
)!* +line ,er- . Spark /ro0ser
(o#se clicks : 6
30/07/2014
17:31:21
User 5e-strokes )!* +line ,er- . Spark /ro0ser
5e-strokes : 678..9t78..9Sa#dade e #2a pala1ra pe:#ena perto do 78..978..978..978..978..978..978..978..978..978..
.978..978..978..978..9dade78..978..978..978..9ade e #2a pala1ra 2aior :#e a pala1ra a2or isso e# sei di$erenciar 2as o
30/07/2014
17:30:37
User Processes a#diodg Process started
30/07/2014
17:30:37
User Processes taskeng.exe Process stopped
30/07/2014
17:27:40
User Processes a#diodg.exe Process stopped
30/07/2014
17:26:2%
30/07/2014
17:26:2%
30/07/2014
17:2!:40
30/07/2014
17:2!:37
User Processes spark#pdate.exe Process stopped
30/07/2014
17:2!:33
30/07/2014
17:2!:31
30/07/2014
17:2!:31
30/07/2014
17:2!:24
30/07/2014
17:2!:24
30/07/2014
17:2!:04
User Processes /a1/s'eport.exe Process stopped
30/07/2014
17:2!:02
User Processes 3a13sreport Process started
+cti1e 0indo0 : )4* +line ,er- . Spark /ro0ser
30/07/2014
17:24:15
User Keystrokes (4) Aline Nery - Spark Broser
Keystrokes : l!e "art #$ a%ra&'o e l!e (er to"os )*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--
+,a)*--+)*--+)*--+,a)*--+)*--+-a)*--+)*--+a)*--+)*--+)*--+a e tao "i.i/il (e-)*--+)*--+)*--+)*--+e-lo "e (e0 e$
pra estar no se# l#1ar )*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--
+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+)*--+2
30/07/2014
17:22:04
User
3o#se
/li/k
(3) Aline Nery - Spark Broser
A/ti(e in"o : (3) Aline Nery - Spark Broser
4ro/ess na$e : spark
3o#se /li/ks : 4
30/07/2014
17:21:41
User Keystrokes (3) Aline Nery - Spark Broser
A/ti(e in"o : (3) Aline Nery - Spark Broser
Keystrokes : 4enso e$ (/ to"os os "iasa)*--+5t#"o)*--+)*--+)*--+)*--+o 6#e $ais 6#)*--+)*--+1osaria nesse)*--+)*
)*--+)*--+1osaria "e po"er
30/07/2014
17:21:10
User
3o#se
/li/k
(2) 7a/e%ook - Spark Broser
A/ti(e in"o : (2) 7a/e%ook - Spark Broser
3o#se /li/ks : 2
30/07/2014
17:20:38
User Keystrokes (2) 7a/e%ook - Spark Broser
30/07/2014
17:20:02
User 4ro/esses tasken12e9e 4ro/ess stoppe"
30/07/2014
17:1::15
User
3o#se
/li/k
(1) 7a/e%ook - Spark Broser
3o#se /li/ks : 4
30/07/2014
17:1;:51
User Keystrokes (1) 7a/e%ook - Spark Broser
30/07/2014
17:1;:45
User 4ro/esses Sear/!4roto/ol<ost2e9e 4ro/ess stoppe"
30/07/2014
17:1;:45
User 4ro/esses Sear/!7ilter<ost2e9e 4ro/ess stoppe"
30/07/2014
17:1;:23
User 4ro/esses =r#ste">nstaller2e9e 4ro/ess stoppe"
30/07/2014
17:1;:05
User 4ro/esses .te92e9e 4ro/ess stoppe"
30/07/2014
17:1;:03
User 4ro/esses a#"io"1 4ro/ess starte"
30/07/2014
17:1;:01
User 4ro/esses .te9 4ro/ess starte"
30/07/2014
17:1;:01
User 4ro/esses 4?AppStore2e9e 4ro/ess stoppe"
30/07/2014
17:1;:01
User 4ro/esses Up"ate4opUp2e9e 4ro/ess stoppe"
30/07/2014
17:15:5:
User 4ro/esses p/appstore 4ro/ess starte"
30/07/2014
17:15:5:
User 4ro/esses #p"atepop#p 4ro/ess starte"
30/07/2014
17:15:52
User 4ro/esses Up"ater2e9e 4ro/ess stoppe"
30/07/2014
17:15:47
User 4ro/esses 4?74op#ps2e9e 4ro/ess stoppe"
30/07/2014
17:15:41
User 4ro/esses p/.pop#ps 4ro/ess starte"
30/07/2014
17:15:23
User 4ro/esses #p"ater 4ro/ess starte"
30/07/2014
17:15:23
User 4ro/esses sear/!.ilter!ost 4ro/ess starte"
30/07/2014
17:15:23
User 4ro/esses @o1Aeporter2e9e 4ro/ess stoppe"
30/07/2014
17:15:23
User 4ro/esses /on!ost2e9e 4ro/ess stoppe"
30/07/2014
17:15:21
User 4ro/esses sear/!proto/ol!ost 4ro/ess starte"
30/07/2014
17:15:21
User 4ro/esses lo1reporter 4ro/ess starte"
30/07/2014
17:15:21
User 4ro/esses /on!ost 4ro/ess starte"
30/07/2014
17:15:01
User 4ro/esses tasken1 4ro/ess starte"
30/07/2014
17:14:35
User 4ro/esses task!ost2e9e 4ro/ess stoppe"
30/07/2014
17:12:35
User 4ro/esses task!ost 4ro/ess starte"
30/07/2014
17:12:25
User
3o#se
/li/k
7a/e%ook - Spark Broser
A/ti(e in"o : 7a/e%ook - Spark Broser
3o#se /li/ks : :
30/07/2014
17:11:11
User 4ro/esses App4opUp=ip2e9e 4ro/ess stoppe"
30/07/2014
17:11:0:
User Keystrokes 7a/e%ook - Spark Broser
A/ti(e in"o : 7a/e%ook - Spark Broser
Keystrokes : preta)*--+)*--+)*--+)*--+)*--+)*--+preta)*--+)*--+)*--+)*--+)*--+4reta
30/07/2014
17:11:00
User 4ro/esses apppop#ptip 4ro/ess starte"
30/07/2014
17:11:00
User 4ro/esses Up"ate4opUp2e9e 4ro/ess stoppe"
30/07/2014
17:11:00
User 4ro/esses /on!ost2e9e 4ro/ess stoppe"
30/07/2014
17:11:00
User 4ro/esses AppStoreUtilB9e2e9e 4ro/ess stoppe"
30/07/2014
17:10:5:
User 4ro/esses #p"atepop#p 4ro/ess starte"
30/07/2014
17:10:5:
User 4ro/esses /on!ost 4ro/ess starte"
30/07/2014
17:10:5:
User 4ro/esses appstore#tile9e 4ro/ess starte"
30/07/2014
17:07:35
User Syste$ #ser a/ti(e User ent a/ti(e
30/07/2014
17:07:14
User Syste$ #ser ina/ti(e User ent ina/ti(e
30/07/2014
17:06:26
30/07/2014
17:06:26
30/07/2014
17:06:21
User Processes BavUpdater.exe Process stopped
30/07/2014
17:06:0
User Processes !ppStoreUpdater.exe Process stopped
30/07/2014
17:06:03
User Processes av"pdate.exe Process stopped
30/07/2014
17:06:03
User Processes tr"stedi#staller Process started
30/07/2014
17:06:03
30/07/2014
17:0:$
User Processes av"pdate Process started
30/07/2014
17:0:$
User Processes %siexec.exe Process stopped
30/07/2014
17:0:$
User Processes appstore"pdater Process started
30/07/2014
17:0:$
30/07/2014
17:0:6
User Processes &av"pdater Process started
30/07/2014
17:0:2$
User Processes tas'host.exe Process stopped
30/07/2014
17:0:21
30/07/2014
17:0:21
30/07/2014
17:04:03
User Processes a"diod).exe Process stopped
30/07/2014
17:04:01
30/07/2014
17:03:$
User Processes "pdatepop"p Process started
30/07/2014
17:03:32
User *e+stro'es
,d"ardo -liveira co%partilho" a
(oto de .es"s /0... 1 ,d"ardo
-liveira 1 Spar' Bro2ser
!ctive 2i#do2 : ,d"ardo -liveira co%partilho" a (oto de .es"s /0... 1 ,d"ardo -liveira 1 Spar' Bro2ser
Process #a%e : spar'
*e+stro'es : e341153411534115e34115341153411534115634115elder 7.So"8a disse 9"e alve83411534115341153411534115vc
vc sa&e o#de (ica este e#d::"a ;aia&" 34115<220=>ta9"a9"ecet"&a/Sao Pa"lo/SP
?a&el 34115341153411534115#a ele te vi"/34115@
30/07/2014
17:03:26
User Processes tas'host Process started
30/07/2014
17:03:06
30/07/2014
17:02:34
User
?o"se
clic'
,d"ardo -liveira co%partilho" a
(oto de .es"s /0... 1 ,d"ardo
-liveira 1 Spar' Bro2ser
!ctive 2i#do2 : ,d"ardo -liveira co%partilho" a (oto de .es"s /0... 1 ,d"ardo -liveira 1 Spar' Bro2ser
?o"se clic's : $
30/07/2014
17:02:04
User Processes so(t%)r="pdate.exe Process stopped
30/07/2014
17:02:04
30/07/2014
17:02:00
User Processes so(t%)r="pdate Process started
30/07/2014
17:02:00
30/07/2014
17:01:46
30/07/2014
17:01:46
30/07/2014
17:01:44
User
?o"se
clic'
Face&oo' 1 Spar' Bro2ser
!ctive 2i#do2 : Face&oo' 1 Spar' Bro2ser
?o"se clic's : 2
30/07/2014
17:01:21
User
?o"se
clic'
AB7C Face&oo' 1 Spar' Bro2ser
!ctive 2i#do2 : AB7C Face&oo' 1 Spar' Bro2ser
?o"se clic's : 2
30/07/2014
17:01:01
User Processes r"#dll32.exe Process stopped
30/07/2014
17:00:B
User Processes r"#dll32 Process started
30/07/2014
17:00:6
User Processes tas'e#).exe Process stopped
30/07/2014
17:00:4
30/07/2014
17:00:0
User Processes P;FPop"ps.exe Process stopped
30/07/2014
17:00:43
30/07/2014
17:00:41
User Processes pc(pop"ps Process started
30/07/2014
17:00:31
User Processes tas'e#).exe Process stopped
30/07/2014
16:B:7
User
?o"se
clic'
Face&oo' 1 Spar' Bro2ser
!ctive 2i#do2 : Face&oo' 1 Spar' Bro2ser
?o"se clic's : 3
30/07/2014
16:B:31
30/07/2014
16:B:20
User Processes appstore=s+#c.exe Process stopped
30/07/2014
16:B:13
30/07/2014
16:B:13
Be%1vi#do ao Face&oo' 1 acesse< !ctive 2i#do2 : Be%1vi#do ao Face&oo' 1 acesse< cadastre1se o" sai&a %ais. 1 Spar' Bro2ser
30/07/2014
16:59:12
User Keystrokes
cadastre-se ou saiba mais. - Sark
!ro"ser
#rocess $ame : sark
Keystrokes : a%i$eco$&ia$ca
30/07/2014
16:59:10
User
'ouse
c%ick
!em-(i$do ao )acebook - acesse*
cadastre-se ou saiba mais. - Sark
!ro"ser
+cti(e "i$do" : !em-(i$do ao )acebook - acesse* cadastre-se ou saiba mais. - Sark !ro"ser
#rocess $ame : sark
'ouse c%icks : 3
30/07/2014
16:59:0,
User #rocesses sarkudate.e-e #rocess stoed
30/07/2014
16:59:0,
User #rocesses d%%.ost.e-e #rocess stoed
30/07/2014
16:59:06
User #rocesses "mi32.e-e #rocess stoed
30/07/2014
16:59:01
User #rocesses astore/sy$c #rocess started
30/07/2014
16:59:01
User #rocesses d%%.ost #rocess started
30/07/2014
16:5,:55
User #rocesses sarkudate #rocess started
30/07/2014
16:5,:55
User #rocesses s(c.ost #rocess started
30/07/2014
16:5,:53
User #rocesses sark #rocess started
30/07/2014
16:5,:51
User
'ouse
c%ick
0%aro
+cti(e "i$do" : 0%aro
#rocess $ame : c%aro
'ouse c%icks : 1
30/07/2014
16:5,:51
User
'ouse
c%ick
#ro1ram 'a$a1er
+cti(e "i$do" : #ro1ram 'a$a1er
#rocess $ame : e-%orer
'ouse c%icks : 1
30/07/2014
16:5,:39
User
'ouse
c%ick
2rro de Scrit
+cti(e "i$do" : 2rro de Scrit
'ouse c%icks : 1
30/07/2014
16:5,:34
User #rocesses 3mi#r(S2.e-e #rocess stoed
30/07/2014
16:5,:21
User
'ouse
c%ick
0%aro
+cti(e "i$do" : 0%aro
'ouse c%icks : 1
30/07/2014
16:5,:12
User
'ouse
c%ick
0%aro 4$ter$et - 5a(e1ue $o seu
comutador* $otebook ou tab%et -
Sark !ro"ser
+cti(e "i$do" : 0%aro 4$ter$et - 5a(e1ue $o seu comutador* $otebook ou tab%et - Sark !ro"ser
#rocess $ame : sark
'ouse c%icks : 1
30/07/2014
16:5,:05
30/07/2014
16:5,:02
User #rocesses mscors(".e-e #rocess stoed
30/07/2014
16:5,:02
30/07/2014
16:5,:02
30/07/2014
16:5,:00
User #rocesses ss(c #rocess started
30/07/2014
16:5,:00
User #rocesses mscors(" #rocess started
30/07/2014
16:5,:00
30/07/2014
16:5,:00
User #rocesses Udater.e-e #rocess stoed
30/07/2014
16:57:5,
30/07/2014
16:57:55
30/07/2014
16:57:53
User #rocesses bddataco$(erter.e-e #rocess stoed
30/07/2014
16:57:50
User #rocesses bddataco$(erter #rocess started
30/07/2014
16:57:50
30/07/2014
16:57:50
30/07/2014
16:57:4,
30/07/2014
16:57:4,
30/07/2014
16:57:4,
30/07/2014
16:57:46
30/07/2014
16:57:43
30/07/2014
16:57:39
User #rocesses 6StartScree$.e-e #rocess stoed
30/07/2014
16:57:34
User #rocesses %i(eudate.e-e #rocess stoed
30/07/2014
16:57:27
User #rocesses -startscree$ #rocess started
30/07/2014
16:57:23
User #rocesses c%aro #rocess started
30/07/2014
16:57:22
User
'ouse
c%ick
#ro1ram 'a$a1er
+cti(e "i$do" : #ro1ram 'a$a1er
#rocess $ame : e-%orer
'ouse c%icks : 1
30/07/2014
16:57:21
User #rocesses re1s(r32.e-e #rocess stoed
30/07/2014
16:57:19
User #rocesses %i(eudate #rocess started
30/07/2014
16:57:19
User #rocesses re1s(r32 #rocess started
30/07/2014
16:57:06
30/07/2014
16:56:59
30/07/2014
16:56:34
User
Mouse
click
Unknown Alication
Acti!e window : Unknown Alication
Process na"e : s#sdir
Mouse clicks : 4
30/07/2014
16:56:33
User Processes w"i32 Process started
30/07/2014
16:56:16
User Processes outlook Process started
30/07/2014
16:55:02
User $#ste" %o&on
User : User
'he co"uter ha!e lo&&ed on
30/07/2014
16:51:35
User (e#strokes
christina erri ) 4shared*co"
download +ree ) 1 ) $ark ,rowser
Acti!e window : christina erri ) 4shared*co" download +ree ) 1 ) $ark ,rowser
Process na"e : sark
(e#strokes : +ro-en
30/07/2014
16:50:46
User $#ste" user acti!e User went acti!e
30/07/2014
16:50:37
User Processes tasken&*e.e Process stoed
30/07/2014
16:50:32
User $#ste" user inacti!e User went inacti!e
30/07/2014
16:4/:56
User Processes $earch0ilter1ost*e.e Process stoed
30/07/2014
16:4/:56
User Processes $earchProtocol1ost*e.e Process stoed
30/07/2014
16:47:39
30/07/2014
16:47:39
User Processes searchrotocolhost Process started
30/07/2014
16:47:29
User
Mouse
click
li!re estou ) 4shared*co" download
+ree ) 1 ) $ark ,rowser
Acti!e window : li!re estou ) 4shared*co" download +ree ) 1 ) $ark ,rowser
Process na"e : sark
Mouse clicks : 3
30/07/2014
16:47:26
User
Mouse
click
$al!ar co"o
Acti!e window : $al!ar co"o
Process na"e : sark
Mouse clicks : 1
30/07/2014
16:47:16
User $#ste" user acti!e User went acti!e
30/07/2014
16:46:34
User Processes $earchProtocol1ost*e.e Process stoed
30/07/2014
16:46:34
User Processes $earch0ilter1ost*e.e Process stoed
30/07/2014
16:45:41
User Processes dllhost*e.e Process stoed
30/07/2014
16:45:3/
User Processes sarkudate*e.e Process stoed
30/07/2014
16:45:36
30/07/2014
16:45:33
User Processes 2dutil*e.e Process stoed
30/07/2014
16:45:32
User $#ste" user inacti!e User went inacti!e
30/07/2014
16:45:31
User Processes sarkudate Process started
30/07/2014
16:45:31
User Processes 2dutil Process started
30/07/2014
16:45:26
User Processes Udater*e.e Process stoed
30/07/2014
16:45:24
User Processes udater Process started
30/07/2014
16:45:24
User Processes searchrotocolhost Process started
30/07/2014
16:45:24
30/07/2014
16:45:20
User Processes ,a!,s3eort*e.e Process stoed
30/07/2014
16:45:05
User Processes 2a!2sreort Process started
30/07/2014
16:42:45
User Processes dllhost*e.e Process stoed
30/07/2014
16:42:43
User Processes sarkudate*e.e Process stoed
30/07/2014
16:42:41
30/07/2014
16:42:39
User Processes sarkudate Process started
30/07/2014
16:42:31
User (e#strokes
Process na"e : sark
(e#strokes : 45))645))645))645))645))645))645))645))645))645))645))6christina
30/07/2014
16:42:09
User Processes sark Process started
30/07/2014
16:42:09
User Processes audiod& Process started
30/07/2014
16:41:23
User
Mouse
click
Process na"e : sark
Mouse clicks : 7
30/07/2014
16:41:12
User
Mouse
click
elsa "usica li!re estou ) Pes7uisa
8oo&le ) $ark ,rowser
Acti!e window : elsa "usica li!re estou ) Pes7uisa 8oo&le ) $ark ,rowser
Process na"e : sark
Mouse clicks : 4
30/07/2014
16:40:54
User (e#strokes
elsa "usica li!re estou ) Pes7uisa
8oo&le ) $ark ,rowser
Acti!e window : elsa "usica li!re estou ) Pes7uisa 8oo&le ) $ark ,rowser
Process na"e : sark
30/07/2014
16:40:30
User Processes sark Process started
30/07/2014
16:40:01
User Processes tasken& Process started
30/07/2014
16:39:56
User Keystrokes
Bem-vindo ao Faceook - acesse!
cadastre-se o" saia mais# - $%ark
Bro&ser
'ctive &indo& : Bem-vindo ao Faceook - acesse! cadastre-se o" saia mais# - $%ark Bro&ser
(rocess name : s%ark
Keystrokes : e)sa m"sica
30/07/2014
16:39:47
User
*o"se
c)ick
Bro&ser
*o"se c)icks : 3
30/07/2014
16:39:44
User (rocesses s%ark#e+e (rocess sto%%ed
30/07/2014
16:39:41
User
*o"se
c)ick
,ist-.rico de %es/"isa - $%ark
Bro&ser
'ctive &indo& : ,ist-.rico de %es/"isa - $%ark Bro&ser
*o"se c)icks : 1
30/07/2014
16:39:17
User Keystrokes
e)a dan-0a e" dan-0o 2tri)1a -
(es/"isa 2oo3)e - $%ark Bro&ser
'ctive &indo& : e)a dan-0a e" dan-0o 2tri)1a - (es/"isa 2oo3)e - $%ark Bro&ser
Keystrokes : 45--6
30/07/2014
16:39:15
User (rocesses a"diod3#e+e (rocess sto%%ed
30/07/2014
16:39:14
User
*o"se
c)ick
*o"se c)icks : 3
30/07/2014
16:39:11
User (rocesses s%ark (rocess started
30/07/2014
16:39:10
User
*o"se
c)ick
Bro&ser
*o"se c)icks : 1
30/07/2014
16:39:06
30/07/2014
16:39:04
User
*o"se
c)ick
e)a dan-0a e" dan-0o1 - (es/"isa
2oo3)e - $%ark Bro&ser
'ctive &indo& : e)a dan-0a e" dan-0o1 - (es/"isa 2oo3)e - $%ark Bro&ser
*o"se c)icks : 1
30/07/2014
16:39:00
User
*o"se
c)ick
*o"se c)icks : 2
30/07/2014
16:37:56
30/07/2014
16:37:49
User
*o"se
c)ick
e)a dan-0a e" dan-0o 3 - (es/"isa
2oo3)e - $%ark Bro&ser
'ctive &indo& : e)a dan-0a e" dan-0o 3 - (es/"isa 2oo3)e - $%ark Bro&ser
*o"se c)icks : 1
30/07/2014
16:37:27
User Keystrokes
2oo3)e 8"stom $earc1 - $%ark
Bro&ser
'ctive &indo& : 2oo3)e 8"stom $earc1 - $%ark Bro&ser
30/07/2014
16:37:27
User (rocesses $earc1(rotoco),ost#e+e (rocess sto%%ed
30/07/2014
16:37:27
User (rocesses $earc1Fi)ter,ost#e+e (rocess sto%%ed
30/07/2014
16:37:26
User
*o"se
c)ick
2oo3)e 8"stom $earc1 - $%ark
Bro&ser
'ctive &indo& : 2oo3)e 8"stom $earc1 - $%ark Bro&ser
*o"se c)icks : 2
30/07/2014
16:37:00
User Keystrokes
$treet 9ance 2 :ri)1a $onora :
Fi)me :rai)er - $%ark Bro&ser
'ctive &indo& : $treet 9ance 2 :ri)1a $onora : Fi)me :rai)er - $%ark Bro&ser
30/07/2014
16:36:54
User $ystem "ser active User &ent active
30/07/2014
16:36:54
User
*o"se
c)ick
$treet 9ance 2 :ri)1a $onora :
Fi)me :rai)er - $%ark Bro&ser
'ctive &indo& : $treet 9ance 2 :ri)1a $onora : Fi)me :rai)er - $%ark Bro&ser
*o"se c)icks : 3
30/07/2014
16:36:43
User (rocesses :r"sted;nsta))er#e+e (rocess sto%%ed
30/07/2014
16:36:31
User $ystem "ser inactive User &ent inactive
30/07/2014
16:36:21
User (rocesses (8F(o%"%s#e+e (rocess sto%%ed
30/07/2014
16:36:19
User (rocesses %c<%o%"%s (rocess started
30/07/2014
16:35:59
User (rocesses '%%$tore9eskto%:i%#e+e (rocess sto%%ed
30/07/2014
16:35:52
User (rocesses U%date(o%U%#e+e (rocess sto%%ed
30/07/2014
16:35:52
User (rocesses (8'%%$tore#e+e (rocess sto%%ed
30/07/2014
16:35:50
User (rocesses "%date%o%"% (rocess started
30/07/2014
16:35:50
User (rocesses a%%storedeskto%ti% (rocess started
30/07/2014
16:35:50
User (rocesses %ca%%store (rocess started
30/07/2014
16:35:45
User (rocesses U%dater#e+e (rocess sto%%ed
30/07/2014
16:35:25
User (rocesses "%dater (rocess started
30/07/2014
16:35:25
User (rocesses U%dater#e+e (rocess sto%%ed
30/07/2014
16:35:23
User (rocesses "%dater (rocess started
30/07/2014
16:35:23
User (rocesses searc1%rotoco)1ost (rocess started
30/07/2014
16:35:23
User (rocesses searc1<i)ter1ost (rocess started
30/07/2014
16:34:16
User (rocesses a"diod3 (rocess started
30/07/2014
16:34:14
User (rocesses s%ark (rocess started
30/07/2014
16:34:03
User
*o"se
c)ick
*o"se c)icks : 1
30/07/2014
16:33:40
User (rocesses av%#e+e (rocess sto%%ed
30/07/2014
16:33:12
User Keystrokes
30/07/2014
16:32:16
User
Mouse
click
ela dana eu dano 3 - Pesquisa
Google - !ark "ro#ser
$c%i&e #indo# : ela dana eu dano 3 - Pesquisa Google - !ark "ro#ser
Process na'e : s!ark
Mouse clicks : 3
30/07/2014
16:31:0(
User )e*s%rokes
ela dana eu dano 3 - Pesquisa
$c%i&e #indo# : ela dana eu dano 3 - Pesquisa Google - !ark "ro#ser
)e*s%rokes : +,---2%ril.a
30/07/2014
16:31:0/
User Processes a&! Process s%ar%ed
30/07/2014
16:30:/2
User Processes $!!Po!U!0i!1e2e Process s%o!!ed
30/07/2014
16:30:/0
User Processes a!!!o!u!%i! Process s%ar%ed
30/07/2014
16:30:33
User Processes %askeng1e2e Process s%o!!ed
30/07/2014
16:23:/7
User
Mouse
click
ela dana eu dano1 - Pesquisa
$c%i&e #indo# : ela dana eu dano1 - Pesquisa Google - !ark "ro#ser
Mouse clicks : 2
30/07/2014
16:23:4/
User Processes earc.Pro%ocol4os%1e2e Process s%o!!ed
30/07/2014
16:23:4/
User Processes earc.5il%er4os%1e2e Process s%o!!ed
30/07/2014
16:23:00
User )e*s%rokes
)e*s%rokes : +,---%e'a ela dana eu dano
30/07/2014
16:2(:42
User Processes s!ark Process s%ar%ed
30/07/2014
16:2(:42
User
Mouse
click
"e'-&indo ao 5ace6ook - acesse7
cadas%re-se ou sai6a 'ais1 - !ark
"ro#ser
$c%i&e #indo# : "e'-&indo ao 5ace6ook - acesse7 cadas%re-se ou sai6a 'ais1 - !ark "ro#ser
Mouse clicks : 1
30/07/2014
16:2(:3(
User Processes s!ark1e2e Process s%o!!ed
30/07/2014
16:2(:37
User
Mouse
click
13730//2118!g 9/00:400; - !ark
"ro#ser
$c%i&e #indo# : 13730//2118!g 9/00:400; - !ark "ro#ser
Mouse clicks : 1
30/07/2014
16:2(:34
User Processes searc.!ro%ocol.os% Process s%ar%ed
30/07/2014
16:2(:34
User Processes searc.<il%er.os% Process s%ar%ed
30/07/2014
16:2(:17
User )e*s%rokes al&ar co'o
$c%i&e #indo# : al&ar co'o
)e*s%rokes : +,---+,---+,---+,---+,---+,---+,---+,---+,---+,---+,---+,---+,---%+,---0*ller
30/07/2014
16:2(:1/
User
Mouse
click
al&ar co'o
$c%i&e #indo# : al&ar co'o
Mouse clicks : 2
30/07/2014
16:27:41
User
Mouse
click
13730//2118!g 9/00:400; - !ark
"ro#ser
$c%i&e #indo# : 13730//2118!g 9/00:400; - !ark "ro#ser
Mouse clicks : 6
30/07/2014
16:26:43
User
Mouse
click
Mouse clicks : 2
30/07/2014
16:26:4/
User Processes M=>?@1ABA Process s%o!!ed
30/07/2014
16:26:30
User Processes earc.5il%er4os%1e2e Process s%o!!ed
30/07/2014
16:26:30
User Processes earc.Pro%ocol4os%1e2e Process s%o!!ed
30/07/2014
16:26:23
User Processes %rus%edins%aller Process s%ar%ed
30/07/2014
16:2/://
User Processes "a&U!da%er1e2e Process s%o!!ed
30/07/2014
16:2/:/3
User Processes $!!%oreU!da%er1e2e Process s%o!!ed
30/07/2014
16:2/:43
User Processes a!!s%oreu!da%er Process s%ar%ed
30/07/2014
16:2/:44
User Processes con.os%1e2e Process s%o!!ed
30/07/2014
16:2/:44
User Processes a&u!da%e1e2e Process s%o!!ed
30/07/2014
16:2/:42
User Processes con.os% Process s%ar%ed
30/07/2014
16:2/:42
User Processes "a&0ra*1e2e Process s%o!!ed
30/07/2014
16:2/:42
User Processes 'sie2ec1e2e Process s%o!!ed
30/07/2014
16:2/:42
User Processes a&u!da%e Process s%ar%ed
30/07/2014
16:2/:40
User Processes 6a&%ra* Process s%ar%ed
30/07/2014
16:2/:40
User Processes dll.os%1e2e Process s%o!!ed
30/07/2014
16:2/:40
User Processes 6a&u!da%er Process s%ar%ed
30/07/2014
16:2/:3(
User Processes s!arku!da%e1e2e Process s%o!!ed
30/07/2014
16:2/:3/
User Processes dll.os% Process s%ar%ed
30/07/2014
16:2/:31
User Processes s!arku!da%e Process s%ar%ed
30/07/2014
16:2/:31
User Processes %askeng Process s%ar%ed
30/07/2014
16:2/:22
User Processes searc.<il%er.os% Process s%ar%ed
30/07/2014
16:2/:22
User Processes searc.!ro%ocol.os% Process s%ar%ed
30/07/2014
16:24:17
User )e*s%rokes
30/07/2014
16:23:49
30/07/2014
16:23:00
30/07/2014
16:22:23
30/07/2014
16:22:23
User Processes SearchFlterHost.exe Process stopped
30/07/2014
16:21:!4
User Processes so"t#$r%&pdate.exe Process stopped
30/07/2014
16:21:!4
User Processes co'host.exe Process stopped
30/07/2014
16:21:!0
User Processes so"t#$r%&pdate Process started
30/07/2014
16:21:!0
User Processes co'host Process started
30/07/2014
16:21:4!
User (e)strokes
*e#+v'do ao Face,ook + acesse-
cadastre+se o& sa,a #as. + Spark
*ro.ser
/ctve .'do. : *e#+v'do ao Face,ook + acesse- cadastre+se o& sa,a #as. + Spark *ro.ser
Process 'a#e : spark
(e)strokes : #&scas01++201++201++201++201++201++201++201++201++201++201++201++2ela da'34a e& da'34o1 trlha01++
30/07/2014
16:21:37
User Processes spark&pdate.exe Process stopped
30/07/2014
16:21:37
30/07/2014
16:21:32
30/07/2014
16:21:30
User Processes spark&pdate Process started
30/07/2014
16:21:25
User Processes P6FPop&ps.exe Process stopped
30/07/2014
16:21:25
User
7o&se
clck
*e#+v'do ao Face,ook + acesse-
cadastre+se o& sa,a #as. + Spark
*ro.ser
/ctve .'do. : *e#+v'do ao Face,ook + acesse- cadastre+se o& sa,a #as. + Spark *ro.ser
Process 'a#e : spark
7o&se clcks : 4
30/07/2014
16:21:19
User Processes pc"pop&ps Process started
30/07/2014
16:21:19
30/07/2014
16:21:19
User Processes search"lterhost Process started
30/07/2014
16:20:!3
30/07/2014
16:20:45
User Processes taske'$.exe Process stopped
30/07/2014
16:20:46
User Processes a&dod$.exe Process stopped
30/07/2014
16:20:3!
User Processes taske'$.exe Process stopped
30/07/2014
16:20:3!
30/07/2014
16:20:30
30/07/2014
16:20:25
30/07/2014
16:20:17
30/07/2014
16:20:17
30/07/2014
16:20:1!
30/07/2014
16:20:12
30/07/2014
16:20:12
30/07/2014
16:20:12
30/07/2014
16:20:12
User
7o&se
clck
Pro$ra# 7a'a$er
/ctve .'do. : Pro$ra# 7a'a$er
Process 'a#e : explorer
7o&se clcks : 2
30/07/2014
16:20:11
User S)ste# &ser actve User .e't actve
30/07/2014
16:20:11
User
7o&se
clck
U'k'o.' /pplcato'
/ctve .'do. : U'k'o.' /pplcato'
Process 'a#e : s)sdr
7o&se clcks : 1
30/07/2014
16:19:02
30/07/2014
16:19:02
User Processes search"lterhost Process started
30/07/2014
16:19:02
30/07/2014
16:19:02
User Processes appstore%s)'c.exe Process stopped
30/07/2014
16:15:!7
User Processes .#32.exe Process stopped
30/07/2014
16:15:45
User Processes appstore%s)'c Process started
30/07/2014
16:15:29
30/07/2014
16:17:!3
30/07/2014
16:17:!3
30/07/2014
16:17:!3
30/07/2014
16:17:44
30/07/2014
16:17:44
User Processes WmiPrvSE.exe Process stopped
30/07/2014
16:17:31
User System user inctive User !ent inctive
30/07/2014
16:17:04
User Processes Serc"Protoco#$ost.exe Process stopped
30/07/2014
16:16:4%
User Processes d##"ost.exe Process stopped
30/07/2014
16:16:47
User Processes spr&.exe Process stopped
30/07/2014
16:16:44
User Processes d##"ost Process strted
30/07/2014
16:16:44
User Processes spr& Process strted
30/07/2014
16:16:36
User Processes !mi32 Process strted
30/07/2014
16:16:34
User Processes P'(Popups.exe Process stopped
30/07/2014
16:16:34
User Processes out#oo& Process strted
30/07/2014
16:1):06
User System *o+on
User : User
,"e computer "ve #o++ed on
30/07/2014
14:31:20
User Processes P'(,ry.exe Process stopped
30/07/2014
14:31:20
User Processes -'S$e#per.exe Process stopped
30/07/2014
14:31:20
User Processes '#ro.exe Process stopped
30/07/2014
14:31:20
User System S"ut-o!n
User : User
,"e computer "ve s"ut do!n
30/07/2014
14:31:16
User Processes #o+onui Process strted
30/07/2014
14:31:14
User
.ouse
c#ic&
Un&no!n /pp#iction
/ctive !indo! : Un&no!n /pp#iction
Process nme : exp#orer
.ouse c#ic&s : 1
30/07/2014
14:31:13
User
.ouse
c#ic&
.enu 0nicir
/ctive !indo! : .enu 0nicir
.ouse c#ic&s : 1
30/07/2014
14:31:11
User
.ouse
c#ic&
0nicir
/ctive !indo! : 0nicir
.ouse c#ic&s : 1
30/07/2014
14:31:0%
User Processes 1ire1ox.exe Process stopped
30/07/2014
14:31:07
User
.ouse
c#ic&
2em3vindo/ o (ce4oo& 3 0nici
sess56o7 re+ist3te ou s4e mis 3
.o8i## (ire1ox
/ctive !indo! : 2em3vindo/ o (ce4oo& 3 0nici sess56o7 re+ist3te ou s4e mis 3 .o8i## (ire1ox
Process nme : 1ire1ox
.ouse c#ic&s : 1
30/07/2014
14:30:04
User
.ouse
c#ic&
(ce4oo& 3 .o8i## (ire1ox
We4p+e : "ttps://!!!.1ce4oo&.com/
/ctive !indo! : (ce4oo& 3 .o8i## (ire1ox
.ouse c#ic&s : )
30/07/2014
14:2%:02
User
.ouse
c#ic&
9,/ Sn /ndres :n#ine no (ce4oo&
3 .o8i## (ire1ox
We4p+e : "ttps://pps.1ce4oo&.com/p#y+ton#ineno!/;14<source=reminders>re?uest<ids=7467%640@71607@>re1=reminders
/ctive !indo! : 9,/ Sn /ndres :n#ine no (ce4oo& 3 .o8i## (ire1ox
.ouse c#ic&s : 1
30/07/2014
14:24:36
User Aeystro&es (ce4oo& 3 .o8i## (ire1ox
Aeystro&es : #ind como sempreBBB
30/07/2014
14:24:23
User Processes Serc"Protoco#$ost.exe Process stopped
30/07/2014
14:24:23
User Processes Serc"(i#ter$ost.exe Process stopped
30/07/2014
14:23:47
User Processes udiod+.exe Process stopped
30/07/2014
14:23:12
User Processes serc"protoco#"ost Process strted
30/07/2014
14:23:12
User Processes serc"1i#ter"ost Process strted
30/07/2014
14:22:)2
User Processes vp.exe Process stopped
30/07/2014
14:20:4@
User
.ouse
c#ic&
.ouse c#ic&s : 226
30/07/2014
14:20:2@
User Processes vp Process strted
30/07/2014
14:20:2@
User
.ouse
c#ic&
-io+o Sou8 3 -io+o Sou8 prti#"ou
1oto de *5C (5Dnix. 3 .o8i##
(ire1ox
We4p+e : "ttps://!!!.1ce4oo&.com/dio+o.mrtins.14@1/posts/663717@%0376@36;1rom<c#ose<1riend=1>re1=noti1Ei1<t=c#ose<1riend<ctivity
/ctive !indo! : -io+o Sou8 3 -io+o Sou8 prti#"ou 1oto de *5C (5Dnix. 3 .o8i## (ire1ox
.ouse c#ic&s : 1
30/07/2014
14:20:01
User Processes ts&en+.exe Process stopped
30/07/2014
14:1%:01
User
.ouse
c#ic&
.ouse c#ic&s : %
30/07/2014
14:1@:13
User Aeystro&es
2em3vindo o (ce4oo& 3 cesse7
cdstre3se ou si4 mis. 3
.o8i## (ire1ox
/ctive !indo! : 2em3vindo o (ce4oo& 3 cesse7 cdstre3se ou si4 mis. 3 .o8i## (ire1ox
Aeystro&es : FG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33HFG33
30/07/2014
14:1@:11
User
.ouse
c#ic&
2em3vindo o (ce4oo& 3 cesse7
cdstre3se ou si4 mis. 3
.o8i## (ire1ox
/ctive !indo! : 2em3vindo o (ce4oo& 3 cesse7 cdstre3se ou si4 mis. 3 .o8i## (ire1ox
.ouse c#ic&s : 4
30/07/2014
14:1@:02
User Aeystro&es 9oo+#e 3 .o8i## (ire1ox
We4p+e : "ttps://!!!.+oo+#e.com.4r/;+!s<rd=ss#
/ctive !indo! : 9oo+#e 3 .o8i## (ire1ox
Aeystro&es : FG33H1
30/07/2014
14:18:01
User
Mouse
click
Google - Mozilla Firefox
Webage : !""s://###$google$co%$br/&g#s'r()ssl
*c"i+e #i,(o# : Google - Mozilla Firefox
-rocess ,a%e : firefox
Mouse clicks : 1
30/07/2014
14:17:.8
User -rocesses au(io(g -rocess s"ar"e(
30/07/2014
14:17:47
User -rocesses firefox -rocess s"ar"e(
30/07/2014
14:17:4.
User
Mouse
click
U,k,o#, *lica"io,
*c"i+e #i,(o# : U,k,o#, *lica"io,
-rocess ,a%e : s/s(ir
Mouse clicks : 2
30/07/2014
14:17:44
User -rocesses sark$exe -rocess s"oe(
30/07/2014
14:17:44
30/07/2014
14:17:44
30/07/2014
14:17:43
User
Mouse
click
0laro
*c"i+e #i,(o# : 0laro
-rocess ,a%e : claro
Mouse clicks : 1
30/07/2014
14:17:40
30/07/2014
14:17:40
30/07/2014
14:17:40
User
Mouse
click
1rro (e 2cri"
*c"i+e #i,(o# : 1rro (e 2cri"
-rocess ,a%e : claro
Mouse clicks : 1
30/07/2014
14:17:38
User
Mouse
click
2ark 3ro#ser
*c"i+e #i,(o# : 2ark 3ro#ser
-rocess ,a%e : sark
Mouse clicks : 1
30/07/2014
14:17:3.
User 2/s"e% user ac"i+e User #e," ac"i+e
30/07/2014
14:17:3.
User
Mouse
click
2olici"ar o 0ar"45o Mi,!a 0asa
Mel!or - 2ark 3ro#ser
*c"i+e #i,(o# : 2olici"ar o 0ar"45o Mi,!a 0asa Mel!or - 2ark 3ro#ser
-rocess ,a%e : sark
Mouse clicks : 1
30/07/2014
14:1.:01
User -rocesses "aske,g -rocess s"ar"e(
30/07/2014
14:14:20
User -rocesses 2earc!-ro"ocol6os"$exe -rocess s"oe(
30/07/2014
14:14:20
User -rocesses 2earc!Fil"er6os"$exe -rocess s"oe(
30/07/2014
14:13:13
User -rocesses 7og8eor"er$exe -rocess s"oe(
30/07/2014
14:13:13
User -rocesses co,!os"$exe -rocess s"oe(
30/07/2014
14:13:11
User -rocesses searc!ro"ocol!os" -rocess s"ar"e(
30/07/2014
14:13:11
User -rocesses logreor"er -rocess s"ar"e(
30/07/2014
14:13:11
User -rocesses co,!os" -rocess s"ar"e(
30/07/2014
14:13:11
User -rocesses searc!fil"er!os" -rocess s"ar"e(
30/07/2014
14:04:19
30/07/2014
14:04:19
30/07/2014
14:03:11
30/07/2014
14:03:11
30/07/2014
14:02:.8
User -rocesses "ask!os"$exe -rocess s"oe(
30/07/2014
14:00:.8
User -rocesses "ask!os" -rocess s"ar"e(
30/07/2014
13:.8:2.
User -rocesses *-oU:i$exe -rocess s"oe(
30/07/2014
13:.8:1;
User -rocesses aou"i -rocess s"ar"e(
30/07/2014
13:.7:09
User 2/s"e% user i,ac"i+e User #e," i,ac"i+e
30/07/2014
13:..:.0
User -rocesses au(io(g$exe -rocess s"oe(
30/07/2014
13:.4:19
30/07/2014
13:.4:19
30/07/2014
13:.4:03
User <e/s"rokes
2olici"ar o 0ar"45o Mi,!a 0asa
Mel!or - 2ark 3ro#ser
*c"i+e #i,(o# : 2olici"ar o 0ar"45o Mi,!a 0asa Mel!or - 2ark 3ro#ser
-rocess ,a%e : sark
30/07/2014
13:.3:28
30/07/2014
13:.3:13
User
Mouse
click
<asersk/ *,"i-=irus 2013 - 2ark
3ro#ser
*c"i+e #i,(o# : <asersk/ *,"i-=irus 2013 - 2ark 3ro#ser
-rocess ,a%e : sark
Mouse clicks : 1
30/07/2014
13:.3:11
30/07/2014
13:.3:11
30/07/2014
13:.2:..
User
Mouse
click
0ar"45o Mi,!a 0asa Mel!or - 2ark
3ro#ser
*c"i+e #i,(o# : 0ar"45o Mi,!a 0asa Mel!or - 2ark 3ro#ser
-rocess ,a%e : sark
Mouse clicks : 1
30/07/2014
13:.2:42
User <e/s"rokes
0ar"45o Mi,!a 0asa Mel!or - 2ark
3ro#ser
*c"i+e #i,(o# : 0ar"45o Mi,!a 0asa Mel!or - 2ark 3ro#ser
-rocess ,a%e : sark
30/07/2014
User -rocesses sark -rocess s"ar"e(
13:50:50
30/07/2014
13:50:41
User
Mouse
click
minha casa melhor - Pesquisa Google
- Sark !ro"ser
#c$i%e "in&o" : minha casa melhor - Pesquisa Google - Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:50:3'
User (e)s$rokes
- Sark !ro"ser
Process name : sark
30/07/2014
13:50:31
User Processes sark*e+e Process s$oe&
30/07/2014
13:50:2,
User Processes sark Process s$ar$e&
30/07/2014
13:50:2-
User
Mouse
click
.laro /n$erne$ - 0a%egue no seu
comu$a&or1 no$e2ook ou $a2le$ -
Sark !ro"ser
#c$i%e "in&o" : .laro /n$erne$ - 0a%egue no seu comu$a&or1 no$e2ook ou $a2le$ - Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:50:24
30/07/2014
13:50:23
User
Mouse
click
(asersk) #n$i-3irus 2013 - Sark
!ro"ser
#c$i%e "in&o" : (asersk) #n$i-3irus 2013 - Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4':5,
User
Mouse
click
.ar$45o Minha .asa Melhor - Sark
!ro"ser
#c$i%e "in&o" : .ar$45o Minha .asa Melhor - Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4':32
30/07/2014
13:4':30
User (e)s$rokes
!ro"ser
Process name : sark
30/07/2014
13:4':24
User
Mouse
click
- Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4,:55
30/07/2014
13:4,:54
User
Mouse
click
Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4,:53
30/07/2014
13:4,:51
User
Mouse
click
#mericanas*com - # maior lo6a* 7s
menores re48os - Sark !ro"ser
#c$i%e "in&o" : #mericanas*com - # maior lo6a* 7s menores re48os - Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4,:0,
User
Mouse
click
- Sark !ro"ser
Process name : sark
Mouse clicks : 2
30/07/2014
13:4,:03
30/07/2014
13:47:45
User (e)s$rokes
- Sark !ro"ser
Process name : sark
30/07/2014
13:47:44
User Processes $askeng*e+e Process s$oe&
30/07/2014
13:47:3'
30/07/2014
13:47:3,
User
Mouse
click
Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:47:35
30/07/2014
13:47:33
User
Mouse
click
#n49ncios Google - Sark !ro"ser
#c$i%e "in&o" : #n49ncios Google - Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:47:13
User
Mouse
click
!ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4-:4,
User (e)s$rokes
!ro"ser
Process name : sark
30/07/2014
13:4-:43
User Processes au&io&g Process s$ar$e&
30/07/2014
13:4-:43
30/07/2014
13:4-:34
User
Mouse
click
- Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:4-:15
User (e)s$rokes
- Sark !ro"ser
Process name : sark
30/07/2014
13:45:55
30/07/2014
13:45:54
User
Mouse
click
Sark !ro"ser
Process name : sark
Mouse clicks : 1
30/07/2014
13:45:51
30/07/2014
13:44:12
User Processes SearchPro$ocol:os$*e+e Process s$oe&
30/07/2014
13:44:12
User Processes Search;il$er:os$*e+e Process s$oe&
30/07/2014
13:43:03
User Processes P.;!S<eor$*e+e Process s$oe&
30/07/2014
13:42:5,
User Processes searchro$ocolhos$ Process s$ar$e&
30/07/2014
13:42:5,
User Processes c=2sreor$ Process s$ar$e&
30/07/2014
13:42:5,
User Processes search=il$erhos$ Process s$ar$e&
30/07/2014
13:42:45
User Processes &llhos$*e+e Process s$oe&
30/07/2014
13:42:43
User Processes sarku&a$e*e+e Process s$oe&
30/07/2014
13:42:41
User Processes &llhos$ Process s$ar$e&
30/07/2014
13:42:39
User Processes bdutil.exe Process stopped
30/07/2014
13:42:37
30/07/2014
13:42:37
User Processes bdutil Process started
30/07/2014
13:40:00
30/07/2014
13:39:10
User
Mouse
click
onsulta !P " onsulta P# $ #enix
onsultas " !park %ro&ser
'cti(e &indo& : onsulta !P " onsulta P# $ #enix onsultas " !park %ro&ser
Process na)e : spark
Mouse clicks : 3
30/07/2014
13:37:13
User *e+strokes
onsulta !P " onsulta P# $ #enix
onsultas " !park %ro&ser
'cti(e &indo& : onsulta !P " onsulta P# $ #enix onsultas " !park %ro&ser
30/07/2014
13:34:1,
User Processes !earc-#ilter.ost.exe Process stopped
30/07/2014
13:34:1,
User Processes !earc-Protocol.ost.exe Process stopped
30/07/2014
13:33:09
User Processes searc-/ilter-ost Process started
30/07/2014
13:33:09
User Processes searc-protocol-ost Process started
30/07/2014
13:31:01
User *e+strokes
art12o Min-a asa Mel-or " !park
%ro&ser
'cti(e &indo& : art12o Min-a asa Mel-or " !park %ro&ser
30/07/2014
13:31:07
User
Mouse
click
art12o Min-a asa Mel-or " !park
%ro&ser
'cti(e &indo& : art12o Min-a asa Mel-or " !park %ro&ser
Mouse clicks : 3
30/07/2014
13:29:09
User *e+strokes
)in-a casa )el-or " Pes3uisa 4oogle
" !park %ro&ser
'cti(e &indo& : )in-a casa )el-or " Pes3uisa 4oogle " !park %ro&ser
30/07/2014
13:29:40
User
Mouse
click
)in-a casa )el-or " Pes3uisa 4oogle
" !park %ro&ser
'cti(e &indo& : )in-a casa )el-or " Pes3uisa 4oogle " !park %ro&ser
Mouse clicks : 7
30/07/2014
13:29:04
30/07/2014
13:2,:01
User *e+strokes
laro 5nternet " 6a(egue no seu
co)putador7 notebook ou tablet "
!park %ro&ser
'cti(e &indo& : laro 5nternet " 6a(egue no seu co)putador7 notebook ou tablet " !park %ro&ser
*e+strokes : )in-a casa )el-or
30/07/2014
13:2,:49
User
Mouse
click
laro 5nternet " 6a(egue no seu
co)putador7 notebook ou tablet "
!park %ro&ser
'cti(e &indo& : laro 5nternet " 6a(egue no seu co)putador7 notebook ou tablet " !park %ro&ser
Mouse clicks : 2
30/07/2014
13:2,:47
30/07/2014
13:2,:41
User
Mouse
click
#acebook " !park %ro&ser
'cti(e &indo& : #acebook " !park %ro&ser
Mouse clicks : 2
30/07/2014
13:2,:02
User *e+strokes #acebook " !park %ro&ser
'cti(e &indo& : #acebook " !park %ro&ser
30/07/2014
13:27:40
User
Mouse
click
81049 #acebook " !park %ro&ser
'cti(e &indo& : 81049 #acebook " !park %ro&ser
Mouse clicks : 2
30/07/2014
13:2::04
User *e+strokes 81049 #acebook " !park %ro&ser
30/07/2014
13:2::34
User
Mouse
click
%e)"(indo ao #acebook " acesse7
cadastre"se ou saiba )ais. " !park
%ro&ser
'cti(e &indo& : %e)"(indo ao #acebook " acesse7 cadastre"se ou saiba )ais. " !park %ro&ser
Mouse clicks : 2
30/07/2014
13:2::13
User
Mouse
click
'line 6er+ " !park %ro&ser
'cti(e &indo& : 'line 6er+ " !park %ro&ser
Mouse clicks : 2
30/07/2014
13:20:13
User *e+strokes ;1<nior =oc-a " !park %ro&ser
'cti(e &indo& : ;1<nior =oc-a " !park %ro&ser
*e+strokes : elder aceita )in-a solicita1>ao preciso /alar c) (c...ir)a 'line.
30/07/2014
13:24:3:
User
Mouse
click
;1<nior =oc-a " !park %ro&ser
'cti(e &indo& : ;1<nior =oc-a " !park %ro&ser
Mouse clicks : :
30/07/2014
13:24:17
User Processes !earc-#ilter.ost.exe Process stopped
30/07/2014
13:24:17
User Processes !earc-Protocol.ost.exe Process stopped
30/07/2014
13:23:0,
User Processes searc-/ilter-ost Process started
30/07/2014
13:23:0,
User Processes searc-protocol-ost Process started
30/07/2014
13:21:19
User Processes %a(Updater.exe Process stopped
30/07/2014
13:21:02
User Processes con-ost.exe Process stopped
30/07/2014
13:21:02
User Processes a(update.exe Process stopped
30/07/2014
13:20:0,
User Processes con-ost Process started
30/07/2014
13:20:0,
User Processes a(update Process started
30/07/2014
13:20:3,
User Processes ba(updater Process started
30/07/2014
13:20:02
User Processes taskeng.exe Process stopped
30/07/2014
13:10:14
*e+strokes : (
30/07/2014
13:10:14
*e+strokes : c sabe onde /ica ese?@""Ate endB?@""A:=ua aiabu7220 5ta3ua3uecetuba/!P?@""Aao Paulo/!P/0xx114:4:4490C
la ?@""A?@""A?@""Ata entao (c nao pode )e aDudar7)s sabe 3ue) )ora )s pertoC
te a)a)os )t e nunca (a)os te es3uecer7obgda1?@""AE
(c Da )e aDudou bastante...
agora (ou...
30/07/2014
User !+ste) user acti(e User &ent acti(e
13:15:14
30/07/2014
13:15:06
User System user inactive User went inactive
30/07/2014
13:15:02
30/07/2014
13:14:1
User Processes Searc!Protoco"#ost$e%e Process sto&&ed
30/07/2014
13:14:1
User Processes Searc!'i"ter#ost$e%e Process sto&&ed
30/07/2014
13:13:07
User Processes searc!&rotoco"!ost Process started
30/07/2014
13:13:07
User Processes searc!(i"ter!ost Process started
30/07/2014
13:12:3
User Processes task!ost$e%e Process sto&&ed
30/07/2014
13:10:3)
User Processes task!ost Process started
30/07/2014
13:10:15
User
*ouse
c"ick
+104, 'ace-ook . S&ark /rowser
0ctive window : +104, 'ace-ook . S&ark /rowser
Process name : s&ark
*ouse c"icks : 24
30/07/2014
13:0:51
User Processes audiodg$e%e Process sto&&ed
30/07/2014
13:0:32
User 1eystrokes +104, 'ace-ook . S&ark /rowser
1eystrokes : entao nao ten!o medo do estamos &assando so 234..5nao ten!o o a&oio de min!a (ami"ia
Sei 2 sim6
*s di34..5ei%a eu &ergntar$$$
7nde vc mora 34..58
a34..5SP (ica &erto8
30/07/2014
13:05:1)
1eystrokes : e34..57 0ndre (oi &reso de novo e estamos desta ve9 com mais di(icu"dades
:"e 34..534..534..534..534..534..534..534..534..5:stamos su&erando cm a a;uda das &essoas 2ue vc sa-e 2ue gostam de vdd de"e
a34..50"essandro me deu um susto 2uerendo ir morar cm o &ai de"e ms ;a &assou e"e viu 2ue "a nao e cmo e"e &em34
<a um &ouco d(ici" ms sei 2 &recisamos disso
0 semente ;a (oi &"antada e ;a ten!o um estemun!o 2 ninguem me deu
30/07/2014
13:04:35
30/07/2014
13:04:13
30/07/2014
13:04:13
30/07/2014
13:03:21
1eystrokes : :stamos -em 34..5134..56
=ao 2uero "!e dar noticias ruins$$$
30/07/2014
13:03:20
User
*ouse
c"ick
*ouse c"icks : 1
30/07/2014
13:03:06
1eystrokes : e
30/07/2014
13:03:06
30/07/2014
13:03:06
30/07/2014
13:02:34
User
*ouse
c"ick
*ouse c"icks : 1
30/07/2014
13:01:02
User
*ouse
c"ick
*ouse c"icks : 1
30/07/2014
12:5):21
User Processes 0&&Po&U&<i&$e%e Process sto&&ed
30/07/2014
12:5):17
User Processes a&&&o&u&ti& Process started
30/07/2014
12:56:20
User
*ouse
c"ick
*ouse c"icks :
30/07/2014
12:56:11
1eystrokes : e34..5t34..5<e amo>sem&re te amei e sem&re te amarei$'34..5?ictor nao34..534..534..534..5a34..534..
34..534..534..534..534..5t34..5<e adimiro mto34..534..534..534..534..534..534..534..534..534..534..534..534..534
@"aro61634..534..5666
:u A34..5ia &u%ar assunto cm vc ms nao 2ueria incomodar$$$
30/07/2014
12:54:11
30/07/2014
12:54:11
30/07/2014
12:54:00
User System user active User went active
30/07/2014
12:54:00
User
*ouse
c"ick
+102, @on(iguraBCBDes mBEveis .
S&ark /rowser
0ctive window : +102, @on(iguraBCBDes mBEveis . S&ark /rowser
*ouse c"icks : 3
30/07/2014
12:53:06
30/07/2014
12:53:06
30/07/2014
12:52:05
User System user inactive User went inactive
30/07/2014
12:47:43
User Processes taskeng$e%e Process sto&&ed
30/07/2014
12:47:25
User
*ouse
c"ick
+, @on(iguraBCBDes mBEveis .
S&ark /rowser
0ctive window : +, @on(iguraBCBDes mBEveis . S&ark /rowser
*ouse c"icks : 1
30/07/2014
12:45:34
User 1eystrokes
S&ark /rowser
1eystrokes : (-g)5g46
30/07/2014
12:45:24
User
*ouse
c"ick
S&ark /rowser
*ouse c"icks : 2
30/07/2014
12:44:10
30/07/2014
12:44:10
30/07/2014
12:43:05
30/07/2014
12:43:05
30/07/2014
12:42:47
User Processes d""!ost$e%e Process sto&&ed
30/07/2014
12:42:43
User Processes s&arku&date$e%e Process sto&&ed
30/07/2014
12:42:41
User Processes d""!ost Process started
30/07/2014
12:42:3
User Processes s&arku&date Process started
30/07/2014
12:41:47
User 1eystrokes
S&ark /rowser
1eystrokes : (-g)5g46
30/07/2014
12:40:01
30/07/2014
12:3:27
User
*ouse
c"ick
S&ark /rowser
*ouse c"icks : 6
30/07/2014
12:37:17
User
*ouse
c"ick
+105, @on(iguraBCBDes de seguranBCa
. S&ark /rowser
0ctive window : +105, @on(iguraBCBDes de seguranBCa . S&ark /rowser
*ouse c"icks : 5
30/07/2014
12:34:22
30/07/2014
12:34:22
30/07/2014
12:33:21
User 1eystrokes
. S&ark /rowser
1eystrokes : 17)4006agn;34..5(34..5
30/07/2014
12:33:04
30/07/2014
12:33:04
30/07/2014
12:32:06
User
*ouse
c"ick
. S&ark /rowser
*ouse c"icks :
30/07/2014
12:31:30
User
*ouse
c"ick
+104, @on(iguraBCBDes gerais da
conta . S&ark /rowser
0ctive window : +104, @on(iguraBCBDes gerais da conta . S&ark /rowser
*ouse c"icks : 1
30/07/2014
12:31:24
User
*ouse
c"ick
+104, @on(iguraBCBDes de
&rivacidade e (erramentas . S&ark
/rowser
0ctive window : +104, @on(iguraBCBDes de &rivacidade e (erramentas . S&ark /rowser
*ouse c"icks : 1
30/07/2014
12:2:31
User 1eystrokes
1eystrokes : con(ianca
30/07/2014
12:2):4
User Processes s&ark$e%e Process sto&&ed
30/07/2014
12:2):35
User
*ouse
c"ick
*ouse c"icks : 6
30/07/2014
12:26:56
User 1eystrokes +104, 0"ine =ery . S&ark /rowser
0ctive window : +104, 0"ine =ery . S&ark /rowser
30/07/2014
12:26:41
User
*ouse
c"ick
+104, 0"ine =ery . S&ark /rowser
*ouse c"icks : 15
30/07/2014
12:25:3
30/07/2014
12:24:17
User
*ouse
c"ick
+103, 0"ine =ery . S&ark /rowser
*ouse c"icks : 4
30/07/2014
12:24:06
30/07/2014
12:24:06
30/07/2014
12:23:05
User Processes U&dater$e%e Process sto&&ed
30/07/2014
12:23:02
30/07/2014
12:23:02
User Processes u&dater Process started
30/07/2014
12:23:02
30/07/2014
12:20:4
User Processes s&ark Process started
30/07/2014
12:20:02
30/07/2014
12:1:5
30/07/2014
12:1:20
User Processes audiodg$e%e Process sto&&ed
30/07/2014
12:1):37
User Processes s&ark Process started
30/07/2014
12:1):13
30/07/2014
12:17:33
30/07/2014
12:16:31
1eystrokes : oda"ete34..5
30/07/2014
12:16:21
User
Mouse
click
(102) Aline Nery - Spark ro!ser
Ac"i#e !in$o! : (102) Aline Nery - Spark ro!ser
%rocess na&e : spark
Mouse clicks : 37
30/07/2014
12:1':02
User %rocesses "asken( %rocess s"ar"e$
30/07/2014
12:14:1)
User %rocesses spark %rocess s"ar"e$
30/07/2014
12:14:1)
User %rocesses au$io$( %rocess s"ar"e$
30/07/2014
12:14:0*
User %rocesses Searc+%ro"ocol,os"-e.e %rocess s"oppe$
30/07/2014
12:14:0*
User %rocesses Searc+/il"er,os"-e.e %rocess s"oppe$
30/07/2014
12:13:14
User %rocesses sparkup$a"e-e.e %rocess s"oppe$
30/07/2014
12:13:10
User %rocesses &soia-e.e %rocess s"oppe$
30/07/2014
12:13:0)
User %rocesses &soia %rocess s"ar"e$
30/07/2014
12:13:0)
User %rocesses "asken( %rocess s"ar"e$
30/07/2014
12:13:0)
User %rocesses sparkup$a"e %rocess s"ar"e$
30/07/2014
12:13:01
User %rocesses con+os"-e.e %rocess s"oppe$
30/07/2014
12:13:01
User %rocesses 0o(1epor"er-e.e %rocess s"oppe$
30/07/2014
12:13:01
User %rocesses searc+pro"ocol+os" %rocess s"ar"e$
30/07/2014
12:13:01
User %rocesses searc+2il"er+os" %rocess s"ar"e$
30/07/2014
12:12:'*
User %rocesses con+os" %rocess s"ar"e$
30/07/2014
12:12:'*
User %rocesses lo(repor"er %rocess s"ar"e$
30/07/2014
12:12:4)
User %rocesses a#s1epor"-e.e %rocess s"oppe$
30/07/2014
12:12:3*
User %rocesses 3a#3srepor" %rocess s"ar"e$
30/07/2014
12:11:4'
User %rocesses "ask+os"-e.e %rocess s"oppe$
30/07/2014
12:0*:44
User %rocesses "ask+os" %rocess s"ar"e$
30/07/2014
12:06:01
User %rocesses a#p-e.e %rocess s"oppe$
30/07/2014
12:04:1)
User %rocesses Searc+%ro"ocol,os"-e.e %rocess s"oppe$
30/07/2014
12:04:1)
User %rocesses Searc+/il"er,os"-e.e %rocess s"oppe$
30/07/2014
12:03:36
User %rocesses 4rus"e$5ns"aller-e.e %rocess s"oppe$
30/07/2014
12:03:34
User 6eys"rokes (101) Aline Nery - Spark ro!ser
30/07/2014
12:03:27
User %rocesses li#eup$a"e-e.e %rocess s"oppe$
30/07/2014
12:03:27
User %rocesses 2"e.-e.e %rocess s"oppe$
30/07/2014
12:03:2'
User %rocesses AppS"ore7esk"op4ip-e.e %rocess s"oppe$
30/07/2014
12:03:20
User %rocesses %8AppS"ore-e.e %rocess s"oppe$
30/07/2014
12:03:20
User %rocesses Up$a"e%opUp-e.e %rocess s"oppe$
30/07/2014
12:03:20
User %rocesses 2"e. %rocess s"ar"e$
30/07/2014
12:03:1)
User %rocesses apps"ore$esk"op"ip %rocess s"ar"e$
30/07/2014
12:03:1)
User %rocesses pcapps"ore %rocess s"ar"e$
30/07/2014
12:03:1)
User %rocesses up$a"epopup %rocess s"ar"e$
30/07/2014
12:03:1)
User %rocesses %8/%opups-e.e %rocess s"oppe$
30/07/2014
12:03:1)
User
Mouse
click
Mouse clicks : 77
30/07/2014
12:03:16
User %rocesses Up$a"er-e.e %rocess s"oppe$
30/07/2014
12:03:14
User %rocesses li#eup$a"e %rocess s"ar"e$
30/07/2014
12:03:14
User %rocesses pc2popups %rocess s"ar"e$
30/07/2014
12:02:'*
User %rocesses searc+pro"ocol+os" %rocess s"ar"e$
30/07/2014
12:02:'*
User %rocesses searc+2il"er+os" %rocess s"ar"e$
30/07/2014
12:02:'*
User %rocesses up$a"er %rocess s"ar"e$
30/07/2014
12:00:'*
User 6eys"rokes (100) Aline Nery - Spark ro!ser
30/07/2014
12:00:'1
User
Mouse
click
Mouse clicks : 3'
30/07/2014
11:59:08
User Processes avp Process started
30/07/2014
11:58:59
User Processes AppPopUpTip.exe Process stopped
30/07/2014
11:58:18
30/07/2014
11:58:14
30/07/2014
11:5":08
User Processes #er$!r.exe Process stopped
30/07/2014
11:5":0"
User Processes #er$!r Process started
30/07/2014
11:5":03
30/07/2014
11:55:48
User Processes %avUpdater.exe Process stopped
30/07/2014
11:55:42
User Processes &'(')*+.,-, Process stopped
30/07/2014
11:54:59
User .e/strokes 0991 A2ie *er/ 3 'park %ro#ser
Active #ido# : 0991 A2ie *er/ 3 'park %ro#ser
Process a$e : spark
30/07/2014
11:54:51
User
&ouse
c2ick
0991 A2ie *er/ 3 'park %ro#ser
Active #ido# : 0991 A2ie *er/ 3 'park %ro#ser
Process a$e : spark
&ouse c2icks : 39
30/07/2014
11:54:42
User Processes avupdate.exe Process stopped
30/07/2014
11:54:42
User Processes co4ost.exe Process stopped
30/07/2014
11:54:40
User Processes avupdate Process started
30/07/2014
11:54:40
30/07/2014
11:54:37
User Processes 5avupdater Process started
30/07/2014
11:54:03
User .e/strokes
0991 +o6i!ura7879es !erais da
cota 3 'park %ro#ser
Active #ido# : 0991 +o6i!ura7879es !erais da cota 3 'park %ro#ser
Process a$e : spark
.e/strokes : ce2ia er/:;33<i
30/07/2014
11:54:03
User Processes 'earc4=i2ter>ost.exe Process stopped
30/07/2014
11:54:03
User Processes 'earc4Protoco2>ost.exe Process stopped
30/07/2014
11:53:20
User Processes App'toreUpdater.exe Process stopped
30/07/2014
11:53:18
30/07/2014
11:53:18
User Processes trustedista22er Process started
30/07/2014
11:53:1"
User Processes $siexec.exe Process stopped
30/07/2014
11:53:1"
User Processes d224ost.exe Process stopped
30/07/2014
11:53:12
User Processes d224ost Process started
30/07/2014
11:53:12
30/07/2014
11:53:08
30/07/2014
11:53:08
30/07/2014
11:53:03
User Processes ?$iPrv',.exe Process stopped
30/07/2014
11:52:57
User Processes searc46i2ter4ost Process started
30/07/2014
11:52:57
User Processes searc4protoco24ost Process started
30/07/2014
11:52:03
User
&ouse
c2ick
0991 +o6i!ura7879es !erais da
cota 3 'park %ro#ser
Active #ido# : 0991 +o6i!ura7879es !erais da cota 3 'park %ro#ser
Process a$e : spark
&ouse c2icks : 13
30/07/2014
11:51:03
User Processes cscript.exe Process stopped
30/07/2014
11:51:03
30/07/2014
11:51:03
User Processes #$iprvse Process started
30/07/2014
11:51:01
User Processes cscript Process started
30/07/2014
11:51:01
30/07/2014
11:51:01
30/07/2014
11:50:4"
User
&ouse
c2ick
A2terar seu o$e e data de
asci$eto @ +etra2 de aAuda do
=ace5ook 3 'park %ro#ser
Active #ido# : A2terar seu o$e e data de asci$eto @ +etra2 de aAuda do =ace5ook 3 'park %ro#ser
Process a$e : spark
&ouse c2icks : 2
30/07/2014
11:50:42
30/07/2014
11:50:30
User Processes audiod!.exe Process stopped
30/07/2014
11:49:37
User
&ouse
c2ick
Por Bue 7Co cosi!o a2terar $eu
o$eD @ +etra2 de aAuda do
=ace5ook 3 'park %ro#ser
Active #ido# : Por Bue 7Co cosi!o a2terar $eu o$eD @ +etra2 de aAuda do =ace5ook 3 'park %ro#ser
Process a$e : spark
&ouse c2icks : 1
30/07/2014
11:49:20
30/07/2014
11:49:20
User Processes 'earc4=i2ter>ost.exe Process stopped
30/07/2014
User Processes 'earc4Protoco2>ost.exe Process stopped
11:49:20
30/07/2014
11:49:20
User Processes softmgr_update.exe Process stopped
30/07/2014
11:49:18
30/07/2014
11:49:18
User Processes softmgr_update Process started
30/07/2014
11:49:03
User
ouse
c!"c#
$99% &onf"gura'(')es gera"s da
conta * +par# ,ro-ser
.ct"/e -"ndo- : $99% &onf"gura'(')es gera"s da conta * +par# ,ro-ser
Process name : spar#
ouse c!"c#s : 3
30/07/2014
11:48:37
User Processes tas#eng.exe Process stopped
30/07/2014
11:48:23
User Processes P&0Popups.exe Process stopped
30/07/2014
11:48:19
User
ouse
c!"c#
$99% .!"ne 1er2 * +par# ,ro-ser
.ct"/e -"ndo- : $99% .!"ne 1er2 * +par# ,ro-ser
ouse c!"c#s : 8
30/07/2014
11:48:14
User Processes searchf"!terhost Process started
30/07/2014
11:48:14
User Processes searchprotoco!host Process started
30/07/2014
11:48:14
30/07/2014
11:48:10
User Processes tas#eng.exe Process stopped
30/07/2014
11:48:07
User 3e2stro#es
3e2stro#es : 45**645**645**6
30/07/2014
11:47:79
User Processes +earchProtoco!8ost.exe Process stopped
30/07/2014
11:47:79
User Processes +earchProtoco!8ost.exe Process stopped
30/07/2014
11:47:79
User Processes +earch0"!ter8ost.exe Process stopped
30/07/2014
11:47:40
User
ouse
c!"c#
ouse c!"c#s : 7
30/07/2014
11:47:09
User
ouse
c!"c#
$98% .!"ne 1er2 * +par# ,ro-ser
.ct"/e -"ndo- : $98% .!"ne 1er2 * +par# ,ro-ser
ouse c!"c#s : 3
30/07/2014
11:47:04
User Processes s/chost.exe Process stopped
30/07/2014
11:49:71
User Processes d!!host.exe Process stopped
30/07/2014
11:49:48
30/07/2014
11:49:49
30/07/2014
11:49:49
User Processes searchf"!terhost Process started
30/07/2014
11:49:44
User Processes spar#update.exe Process stopped
30/07/2014
11:49:44
User Processes d!!host Process started
30/07/2014
11:49:42
User Processes spar#update Process started
30/07/2014
11:49:42
User Processes -m"32.exe Process stopped
30/07/2014
11:49:34
User 3e2stro#es
&onte':do n';o encontrado <
0ace=oo# * +par# ,ro-ser
.ct"/e -"ndo- : &onte':do n';o encontrado < 0ace=oo# * +par# ,ro-ser
3e2stro#es : conf"anca
30/07/2014
11:49:32
User
ouse
c!"c#
&onte':do n';o encontrado <
0ace=oo# * +par# ,ro-ser
.ct"/e -"ndo- : &onte':do n';o encontrado < 0ace=oo# * +par# ,ro-ser
ouse c!"c#s : 1
30/07/2014
11:49:27
User Processes appstore_s2nc.exe Process stopped
30/07/2014
11:49:19
User Processes appstore_s2nc Process started
30/07/2014
11:49:12
User Processes spar#.exe Process stopped
30/07/2014
11:49:12
30/07/2014
11:49:11
User
ouse
c!"c#
.s p'>g"nas n';o foram fechadas
ade?uadamente da ':!t"ma /e@ *
+par# ,ro-ser
.ct"/e -"ndo- : .s p'>g"nas n';o foram fechadas ade?uadamente da ':!t"ma /e@ * +par# ,ro-ser
ouse c!"c#s : 1
30/07/2014
11:49:04
User
ouse
c!"c#
&!aro Anternet * 1a/egue no seu
computadorB note=oo# ou ta=!et *
+par# ,ro-ser
.ct"/e -"ndo- : &!aro Anternet * 1a/egue no seu computadorB note=oo# ou ta=!et * +par# ,ro-ser
ouse c!"c#s : 1
30/07/2014
11:47:49
30/07/2014
11:47:47
30/07/2014
11:47:42
30/07/2014
11:47:42
30/07/2014
11:47:40
User Processes s/chost Process started
30/07/2014
11:47:38
30/07/2014
11:47:38
User Processes s/chost Process started
30/07/2014
11:47:38
User Processes +C+D1&.EFE Process stopped
30/07/2014
11:45:38
30/07/2014
11:45:36
30/07/2014
11:45:36
User Processes msosync Process started
30/07/2014
11:45:34
30/07/2014
11:45:32
30/07/2014
11:45:32
30/07/2014
11:45:2!
User Processes l"ve#pdate.ee Process stopped
30/07/2014
11:45:2!
30/07/2014
11:45:27
30/07/2014
11:45:17
User Processes Updater.ee Process stopped
30/07/2014
11:45:15
User Processes l"ve#pdate Process started
30/07/2014
11:45:15
User Processes $#d%host Process started
30/07/2014
11:45:11
User
&o#se
cl"ck
'laro
(ct"ve $"ndo$ : 'laro
&o#se cl"cks : 1
30/07/2014
11:45:10
User Processes )m"Prv*+.ee Process stopped
30/07/2014
11:45:08
User Processes l"ve#pdate.ee Process stopped
30/07/2014
11:45:04
30/07/2014
11:45:02
User
&o#se
cl"ck
(ct"ve $"ndo$ :
&o#se cl"cks : 1
30/07/2014
11:45:00
User Processes *earch,"lter-ost.ee Process stopped
30/07/2014
11:45:00
User Processes *earchProtocol-ost.ee Process stopped
30/07/2014
11:44:58
User Processes .*tart*creen.ee Process stopped
30/07/2014
11:44:55
User Processes l"ve#pdate Process started
30/07/2014
11:44:45
User Processes startscreen Process started
30/07/2014
11:44:38
30/07/2014
11:44:37
User
&o#se
cl"ck
Pro/ram &ana/er
(ct"ve $"ndo$ : Pro/ram &ana/er
&o#se cl"cks : 1
30/07/2014
11:44:23
30/07/2014
11:44:21
User
&o#se
cl"ck
Unkno$n (ppl"cat"on
(ct"ve $"ndo$ : Unkno$n (ppl"cat"on
Process name : sysd"r
&o#se cl"cks : 5
30/07/2014
11:44:1!
30/07/2014
11:44:17
User Processes $m"32 Process started
30/07/2014
11:44:07
User Processes o#tlook Process started
30/07/2014
11:44:07
User Processes msosync Process started
30/07/2014
11:42:40
User *ystem 0o/on
User : User
1he comp#ter have lo//ed on
30/07/2014
11:40:11
User 2eystrokes 3874 (l"ne 5ery 6 *park 7ro$ser
(ct"ve $"ndo$ : 3874 (l"ne 5ery 6 *park 7ro$ser
30/07/2014
11:40:11
30/07/2014
11:40:11
30/07/2014
11:40:02
User Processes tr#sted"nstaller Process started
30/07/2014
11:40:00
User Processes pl#/"nremoversvc Process started
30/07/2014
11:40:00
User Processes hpc#stpart"c Process started
30/07/2014
11:3!:56
User Processes pc%pop#ps Process started
30/07/2014
11:3!:4!
User Processes spark#pdate.ee Process stopped
30/07/2014
11:3!:4!
30/07/2014
11:3!:45
30/07/2014
11:3!:45
User Processes tasken/ Process started
30/07/2014
11:3!:37
User Processes search%"lterhost Process started
30/07/2014
11:3!:37
30/07/2014
11:3!:20
30/07/2014
11:39:20
30/07/2014
11:38:45
User
Mouse
click
(87) Alie !er" # $%ark &ro'ser
Acti(e 'ido' : (87) Alie !er" # $%ark &ro'ser
Process a)e : s%ark
Mouse clicks : *
30/07/2014
11:38:35
User
Mouse
click
(87) +ace,ook # $%ark &ro'ser
Acti(e 'ido' : (87) +ace,ook # $%ark &ro'ser
Process a)e : s%ark
Mouse clicks : 1
30/07/2014
11:38:29
User Processes U%datePo%U%-e.e Process sto%%ed
30/07/2014
11:38:2*
User Processes u%date%o%u% Process started
30/07/2014
11:38:10
User Processes audiodg-e.e Process sto%%ed
30/07/2014
11:37:57
User
Mouse
click
/o)o 0a12o %ara escol3er 4ue) %ode
(er )i3as %u,lica1215es6 7 /etral
de a8uda do +ace,ook # $%ark
&ro'ser
Acti(e 'ido' : /o)o 0a12o %ara escol3er 4ue) %ode (er )i3as %u,lica1215es6 7 /etral de a8uda do +ace,ook # $%ark
Process a)e : s%ark
Mouse clicks : 3
30/07/2014
11:37:34
User Processes s%%s(c-e.e Process sto%%ed
30/07/2014
11:3*:30
User Processes co3ost-e.e Process sto%%ed
30/07/2014
11:3*:30
User Processes so0t)gr9u%date-e.e Process sto%%ed
30/07/2014
11:3*:28
30/07/2014
11:3*:28
User Processes so0t)gr9u%date Process started
30/07/2014
11:3*:07
User Processes $earc3+ilter:ost-e.e Process sto%%ed
30/07/2014
11:3*:07
User Processes $earc3Protocol:ost-e.e Process sto%%ed
30/07/2014
11:35:37
User Processes taskeg-e.e Process sto%%ed
30/07/2014
11:35:30
User Processes A%%$toreUtil;.e-e.e Process sto%%ed
30/07/2014
11:35:30
User Processes co3ost-e.e Process sto%%ed
30/07/2014
11:35:29
User
Mouse
click
(87) +ace,ook # $%ark &ro'ser
Acti(e 'ido' : (87) +ace,ook # $%ark &ro'ser
Process a)e : s%ark
Mouse clicks : 7
30/07/2014
11:35:28
User Processes a%%storeutile.e Process started
30/07/2014
11:35:28
30/07/2014
11:35:02
User Processes P/+Po%u%s-e.e Process sto%%ed
30/07/2014
11:34:5*
User Processes %c0%o%u%s Process started
30/07/2014
11:34:5*
User Processes searc30ilter3ost Process started
30/07/2014
11:34:5*
User Processes searc3%rotocol3ost Process started
30/07/2014
11:34:50
User Processes taskeg-e.e Process sto%%ed
30/07/2014
11:34:50
User Processes $earc3+ilter:ost-e.e Process sto%%ed
30/07/2014
11:34:50
30/07/2014
11:34:50
30/07/2014
11:34:45
User Processes task3ost-e.e Process sto%%ed
30/07/2014
11:34:40
User
Mouse
click
&e)#(ido ao +ace,ook # acesse<
cadastre#se ou sai,a )ais- # $%ark
&ro'ser
Acti(e 'ido' : &e)#(ido ao +ace,ook # acesse< cadastre#se ou sai,a )ais- # $%ark &ro'ser
Process a)e : s%ark
Mouse clicks : 4
30/07/2014
11:34:33
User =e"strokes
&e)#(ido ao +ace,ook # acesse<
cadastre#se ou sai,a )ais- # $%ark
&ro'ser
Acti(e 'ido' : &e)#(ido ao +ace,ook # acesse< cadastre#se ou sai,a )ais- # $%ark &ro'ser
Process a)e : s%ark
=e"strokes : alie>co0iaca
30/07/2014
11:34:07
User
Mouse
click
1?o est1@ dis%o1(el # $%ark
&ro'ser
Acti(e 'ido' : 1?o est1@ dis%o1(el # $%ark &ro'ser
Process a)e : s%ark
Mouse clicks : 1
30/07/2014
11:34:05
User Processes s(c3ost-e.e Process sto%%ed
30/07/2014
11:33:39
30/07/2014
11:33:37
User Processes a%%store9s"c-e.e Process sto%%ed
30/07/2014
11:33:35
User Processes searc30ilter3ost Process started
30/07/2014
11:33:35
30/07/2014
11:33:33
User Processes ')i32-e.e Process sto%%ed
30/07/2014
11:33:2*
User Processes a%%store9s"c Process started
30/07/2014
11:33:24
User Processes dll3ost-e.e Process sto%%ed
30/07/2014
11:33:20
User Processes dll3ost Process started
30/07/2014
11:33:20
User Processes s%arku%date-e.e Process sto%%ed
30/07/2014
11:33:1*
User Processes s%arku%date Process started
30/07/2014
User Processes s%ark-e.e Process sto%%ed
11:32:54
30/07/2014
11:32:52
User
Mouse
click
Claro Internet - Navegue no seu
comuta!or" note#ook ou ta#let -
$ark %ro&ser
'ctive &in!o& : Claro Internet - Navegue no seu comuta!or" note#ook ou ta#let - $ark %ro&ser
(rocess name : sark
Mouse clicks : 1
30/07/2014
11:32:4)
User (rocesses sark (rocess starte!
30/07/2014
11:32:47
User
Mouse
click
(rogram Manager
'ctive &in!o& : (rogram Manager
(rocess name : e*lorer
Mouse clicks : 1
30/07/2014
11:32:4+
User
Mouse
click
Claro
'ctive &in!o& : Claro
(rocess name : claro
Mouse clicks : 1
30/07/2014
11:32:44
User (rocesses task,ost (rocess starte!
30/07/2014
11:32:42
User
Mouse
click
-rro !e $crit
'ctive &in!o& : -rro !e $crit
(rocess name : claro
Mouse clicks : 1
30/07/2014
11:32:32
User
Mouse
click
Claro Internet - Navegue no seu
comuta!or" note#ook ou ta#let -
$ark %ro&ser
'ctive &in!o& : Claro Internet - Navegue no seu comuta!or" note#ook ou ta#let - $ark %ro&ser
(rocess name : sark
Mouse clicks : 1
30/07/2014
11:32:31
User (rocesses svc,ost (rocess starte!
30/07/2014
11:32:2)
30/07/2014
11:32:2)
User (rocesses U!ater.e*e (rocess stoe!
30/07/2014
11:32:2)
User (rocesses ssvc (rocess starte!
30/07/2014
11:32:24
User (rocesses !ll,ost.e*e (rocess stoe!
30/07/2014
11:32:1)
User (rocesses !ll,ost (rocess starte!
30/07/2014
11:32:1)
30/07/2014
11:32:15
User (rocesses /mi(rv$-.e*e (rocess stoe!
30/07/2014
11:32:11
30/07/2014
11:32:00
30/07/2014
11:32:00
30/07/2014
11:32:00
User (rocesses 1$tart$creen.e*e (rocess stoe!
30/07/2014
11:32:07
30/07/2014
11:32:05
30/07/2014
11:32:02
30/07/2014
11:31:54
User (rocesses *startscreen (rocess starte!
30/07/2014
11:31:52
User (rocesses claro (rocess starte!
30/07/2014
11:31:50
User (rocesses liveu!ate.e*e (rocess stoe!
30/07/2014
11:31:50
User $2stem user active User &ent active
30/07/2014
11:31:50
User
Mouse
click
Unkno&n 'lication
'ctive &in!o& : Unkno&n 'lication
(rocess name : s2s!ir
Mouse clicks : 1
30/07/2014
11:31:50
User
Mouse
click
(rogram Manager
'ctive &in!o& : (rogram Manager
(rocess name : e*lorer
Mouse clicks : 1
30/07/2014
11:31:4+
User (rocesses $earc,(rotocol3ost.e*e (rocess stoe!
30/07/2014
11:31:4+
User (rocesses $earc,4ilter3ost.e*e (rocess stoe!
30/07/2014
11:31:41
User (rocesses regsvr32.e*e (rocess stoe!
30/07/2014
11:31:30
User (rocesses regsvr32 (rocess starte!
30/07/2014
11:31:33
30/07/2014
11:31:33
User (rocesses liveu!ate (rocess starte!
30/07/2014
11:31:31
User $2stem user inactive User &ent inactive
30/07/2014
11:31:2)
30/07/2014
11:30:54
User (rocesses &mi32 (rocess starte!
30/07/2014
11:30:44
User (rocesses msos2nc (rocess starte!
30/07/2014
11:30:40
30/07/2014
11:30:37
User (rocesses cscrit.e*e (rocess stoe!
30/07/2014
11:30:37
User (rocesses con,ost.e*e (rocess stoe!
30/07/2014
11:30:35
User (rocesses outlook (rocess starte!
30/07/2014
11:20:20
User $2stem 5ogon
User : User
6,e comuter ,ave logge! on

ProgramData SysDir Temp Print-HtmlReport

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

ProgramData SysDir Temp Print-HtmlReport

Загружено:

Авторское право:

Доступные форматы

LOG REPORT

Generated by The Best Keylogger 3.54 ( Build 1 !

Вам также может понравиться