Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) VersÃ£o: 20-08-2017
Executado por 3green (administrador) em 3GREEN-PC (19-08-2017 18:42:36)
Executando a partir de C:\Users\3green\Downloads
Perfis Carregados: 3green (Perfis DisponÃ­veis: 3green)
Platform: Windows 7 Professional (X64) Idioma: PortuguÃªs (Brasil)
Internet Explorer VersÃ£o 8 (Navegador padrÃ£o: Chrome)
Modo da InicializaÃ§Ã£o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Akamai Technologies, Inc.) C:\Users\3green\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Akamai Technologies, Inc.) C:\Users\3green\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
() C:\Program Files\ByteFence\rsLggr.exe
(Autodesk) C:\Program Files\Autodesk\Maya2016\bin\maya.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-24] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: RestriÃ§Ã£o <==== ATENÃÃO
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\...\Run: [Akamai NetSession Interface] => C:\Users\3green\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\...\Run: [Chromium] => c:\users\3green\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-17] (Valve Corporation)
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\...\Run: [AdobeBridge] => [X]
GroupPolicy: RestriÃ§Ã£o <==== ATENÃÃO
CHR HKLM\SOFTWARE\Policies\Google: RestriÃ§Ã£o <==== ATENÃÃO

==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

Hosts: HÃ¡ mais de uma entrada no Hosts. Veja a seÃ§Ã£o Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{9C10E0F1-8329-40E6-8B7C-D3349F417FDC}: [DhcpNameServer] 10.0.10.1
Tcpip\..\Interfaces\{ACD546E2-1863-4FDD-8F1E-CEEC728DA9EF}: [DhcpNameServer] 192.168.15.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-769174121-3863827471-3536820067-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-769174121-3863827471-3536820067-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-769174121-3863827471-3536820067-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_sprdnldn_17_22&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FyEyE0DtAtDzztByD0A0E0C0FzytBzytN0D0Tzu0StCzyyBtCtN1L2XzutAtFtBzytFtAtFyByDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByEyB0FtBtB0CyDtGtDyDtC0CtGyDtB0EtAtGtB0EyEyEtGyByByB0FyC0C0FtDtCtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtAtC0FtBzzyBtG0E0B0ByBtGyE0AyDzztGzytCtC0AtGzyzztCzy0B0AyBtD0F0DtByC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyDyB%26cr%3D1188064429%26a%3Dwbf_sprdnldn_17_22%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-04] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-03-07] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-08-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-19] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-04] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-03-07] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-08-19] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-08-19] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-03-07] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-03-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-769174121-3863827471-3536820067-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-03-07] (Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-19] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default [2017-08-19]
CHR Extension: (Google Docs) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-07]
CHR Extension: (Google Drive) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-07]
CHR Extension: (YouTube) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-07]
CHR Extension: (Avast SafePrice) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-15]
CHR Extension: (Documentos Google off-line) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-07]
CHR Extension: (Avast Online Security) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Gmail) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-08]
CHR Extension: (Chrome Media Router) - C:\Users\3green\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-13]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-769174121-3863827471-3536820067-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx

==================== ServiÃ§os (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-24] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-24] (AVAST Software)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [145888 2017-04-19] (Byte Technologies LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-10] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Arquivo nÃ£o assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-05-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-24] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-07-24] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-07-24] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-07-24] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146704 2017-08-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015880 2017-08-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-04] (AVAST Software)
R3 TXEIx64; C:\Windows\System32\DRIVERS\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== TrÃªs Meses Criados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-08-19 18:42 - 2017-08-19 18:43 - 000022597 _____ C:\Users\3green\Downloads\FRST.txt
2017-08-19 18:41 - 2017-08-19 18:42 - 000000000 ____D C:\FRST
2017-08-19 18:39 - 2017-08-19 18:39 - 002395648 _____ (Farbar) C:\Users\3green\Downloads\FRST64.exe
2017-08-19 18:38 - 2017-08-19 18:38 - 000016224 _____ (Microsoft Corporation) C:\Users\3green\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2017-08-19 18:28 - 2017-08-19 18:33 - 000000000 ____D C:\Windows\system32\MRT
2017-08-19 18:26 - 2017-08-19 18:26 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-19 18:26 - 2011-04-09 03:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-08-19 18:26 - 2011-04-09 02:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-08-19 18:23 - 2017-08-19 18:23 - 001034556 _____ C:\Users\3green\Downloads\Windows6.1-KB2999226-x64.msu
2017-08-19 18:22 - 2017-08-19 18:22 - 000629006 _____ C:\Users\3green\Downloads\Windows6.1-KB2999226-x86.msu
2017-08-19 18:21 - 2017-08-19 18:21 - 000603348 _____ C:\Users\3green\Downloads\Windows8.1-KB2999226-x86.msu
2017-08-19 18:17 - 2017-08-19 18:17 - 000000000 ____D C:\Users\3green\Downloads\Substance Painter
2017-08-19 17:10 - 2017-08-19 17:10 - 000000000 ____D C:\Users\3green\Documents\Maria Carolina - RM78251
2017-08-19 17:05 - 2017-08-19 17:05 - 011423552 _____ C:\Users\3green\Downloads\MayaBonusTools-2014-2017-win64.msi
2017-08-19 16:56 - 2017-08-19 18:24 - 003997775 _____ C:\Users\3green\Downloads\Dragao.ma
2017-08-19 16:56 - 2017-08-19 18:15 - 000297196 _____ C:\Users\3green\Downloads\Wings.ma
2017-08-15 20:04 - 2017-08-15 20:04 - 000231638 _____ C:\Users\3green\Downloads\WhatsApp Image 2017-08-15 at 20.01.12 (1).jpeg
2017-08-15 20:04 - 2017-08-15 20:04 - 000229834 _____ C:\Users\3green\Downloads\WhatsApp Image 2017-08-15 at 20.01.11 (1).jpeg
2017-08-15 20:04 - 2017-08-15 20:04 - 000225201 _____ C:\Users\3green\Downloads\WhatsApp Image 2017-08-15 at 20.01.11.jpeg
2017-08-15 20:04 - 2017-08-15 20:04 - 000143595 _____ C:\Users\3green\Downloads\WhatsApp Image 2017-08-15 at 19.59.23.jpeg
2017-08-15 20:03 - 2017-08-15 20:03 - 000152029 _____ C:\Users\3green\Downloads\WhatsApp Image 2017-08-15 at 20.01.12.jpeg
2017-08-15 18:32 - 2017-08-15 18:32 - 000519061 _____ C:\Users\3green\Downloads\Aula_12__Playtest_pt.1.pdf
2017-08-09 22:21 - 2017-08-09 22:21 - 002542891 _____ C:\Users\3green\Documents\Kaboom!.pptx
2017-08-09 21:30 - 2017-08-09 21:30 - 000006579 _____ C:\Users\3green\Downloads\atari.zip
2017-08-09 18:34 - 2017-08-09 18:34 - 000000000 ____D C:\Users\3green\Downloads\Atari
2017-08-09 18:30 - 2017-08-09 18:31 - 061044533 _____ C:\Users\3green\Downloads\Atari-20170809T212924Z-001.zip
2017-08-08 22:31 - 2017-08-08 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allegorithmic
2017-08-08 22:25 - 2017-08-08 22:25 - 000000000 ____D C:\Program Files\Allegorithmic
2017-08-08 21:29 - 2017-08-08 21:45 - 1287343056 _____ (Allegorithmic ) C:\Users\3green\Downloads\Substance_Painter-2017.2.0-1736-msvc14-x64-standard-full.exe
2017-08-07 21:52 - 2017-08-07 21:52 - 010253600 _____ C:\Users\3green\Downloads\WhatsApp Video 2017-08-07 at 20.13.02.mp4
2017-08-06 23:35 - 2017-08-06 23:36 - 002735399 _____ C:\Users\3green\Downloads\GalinhaFrente.psd
2017-08-06 23:35 - 2017-08-06 23:35 - 002734531 _____ C:\Users\3green\Downloads\GalnihaFrente.psd
2017-08-03 22:18 - 2017-08-03 23:26 - 000000000 ____D C:\Users\3green\Downloads\Wireframes
2017-08-03 22:12 - 2017-08-03 22:13 - 018011197 _____ C:\Users\3green\Downloads\Wireframes-20170804T011233Z-001.zip
2017-08-01 23:36 - 2017-08-01 23:36 - 002736799 _____ C:\Users\3green\Downloads\COH_Desenho.psd
2017-08-01 23:02 - 2017-08-01 23:10 - 045936116 _____ C:\Users\3green\Downloads\1Color.psd
2017-08-01 22:27 - 2017-08-01 22:27 - 000000000 ____D C:\Users\3green\Downloads\2prot___
2017-08-01 22:26 - 2017-08-01 22:26 - 000032223 _____ C:\Users\3green\Downloads\2prot___.zip
2017-08-01 22:00 - 2017-08-01 22:00 - 000000000 ____D C:\Users\3green\Downloads\wood2
2017-08-01 21:59 - 2017-08-01 21:59 - 000065220 _____ C:\Users\3green\Downloads\wood2.zip
2017-08-01 18:56 - 2017-08-01 22:58 - 046171751 _____ C:\Users\3green\Downloads\1 (1).psd
2017-08-01 17:58 - 2017-08-01 18:53 - 042460545 _____ C:\Users\3green\Downloads\1.psd
2017-07-30 23:36 - 2017-07-30 23:36 - 000000000 ____D C:\Users\3green\Documents\My Games
2017-07-30 23:36 - 2017-07-30 23:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-30 23:36 - 2017-07-30 23:36 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-07-30 23:35 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-07-30 23:35 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-07-30 23:35 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-07-30 23:35 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-07-30 23:35 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-07-30 23:35 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-07-30 23:35 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-07-30 23:35 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-07-30 23:35 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-07-30 23:35 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-07-30 23:35 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-07-30 23:35 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-07-30 23:35 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-07-30 23:35 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-07-30 23:35 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-07-30 23:35 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-07-30 23:35 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-07-30 23:35 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-07-30 23:35 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-07-30 23:35 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-07-30 23:35 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-07-30 23:35 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-07-30 23:35 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-07-30 23:35 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-07-30 23:35 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-07-30 23:35 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-07-30 23:35 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-07-30 23:35 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-07-30 23:35 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-07-30 23:35 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-07-30 23:35 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-07-30 23:35 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-07-30 23:35 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-07-30 23:35 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-07-30 23:35 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-07-30 23:35 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-07-30 23:35 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-07-30 23:35 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-07-30 23:35 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-07-30 23:35 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-07-30 23:35 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-07-30 23:35 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-07-30 23:35 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-07-30 23:35 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-07-30 23:35 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-07-30 23:35 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-07-30 23:35 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-07-30 23:35 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-07-30 23:35 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-07-30 23:35 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-07-30 23:35 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-07-30 23:35 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-07-30 23:35 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-07-30 23:35 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-07-30 23:35 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-07-30 23:35 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-07-30 23:35 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-07-30 23:35 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-07-30 23:35 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-07-30 23:35 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-07-30 23:35 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-07-30 23:35 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-07-30 23:35 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-07-30 23:34 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-07-30 23:34 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-07-30 23:34 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-07-30 23:34 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-07-30 23:34 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-07-30 23:34 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-07-30 23:34 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-07-30 23:34 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-07-30 23:34 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-07-30 23:34 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-07-30 23:34 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-07-30 23:34 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-07-30 23:34 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-07-30 23:34 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-07-30 23:34 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-07-30 23:34 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-07-30 23:34 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-07-30 23:34 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-07-30 23:34 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-07-30 23:34 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-07-30 23:34 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-07-30 23:34 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-07-30 23:34 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-07-30 23:34 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-07-30 23:34 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-07-30 23:34 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-07-30 23:34 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-07-30 23:34 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-07-30 23:34 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-07-30 23:34 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-07-30 23:34 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-07-30 23:34 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-07-30 23:34 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-07-30 23:34 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-07-30 23:34 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-07-30 23:34 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-07-30 23:34 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-07-30 23:34 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-07-30 23:34 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-07-30 23:34 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-07-30 23:34 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-07-30 23:34 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-07-30 23:34 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-07-30 23:34 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-07-30 23:34 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-07-30 23:34 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-07-30 23:34 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-07-30 23:34 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-07-30 23:34 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-07-30 23:34 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-07-30 23:34 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-07-30 23:34 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-07-30 23:34 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-07-30 23:34 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-07-30 23:34 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-07-30 23:34 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-07-30 23:34 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-07-30 23:34 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-07-30 23:34 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-07-30 23:34 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-07-30 23:34 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-07-30 23:34 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-07-30 23:34 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-07-30 23:34 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-07-30 23:34 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-07-30 23:34 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-07-30 23:34 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-07-30 23:34 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-07-30 23:34 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-07-30 23:34 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-07-30 23:34 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-07-30 23:34 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-07-30 23:34 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-07-30 23:11 - 2017-07-30 23:11 - 000000222 _____ C:\Users\3green\Desktop\Life is Strange.url
2017-07-30 20:00 - 2017-07-30 20:00 - 011374277 _____ C:\Users\3green\Downloads\FarmBook.psd
2017-07-30 16:58 - 2017-07-30 16:58 - 018527227 _____ C:\Users\3green\Downloads\TelaGameOver (1).psd
2017-07-28 23:28 - 2017-07-28 23:28 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\HP
2017-07-28 23:28 - 2017-07-28 23:28 - 000000000 ____D C:\ProgramData\HP
2017-07-28 22:29 - 2017-07-28 22:30 - 000000000 ____D C:\Users\3green\Documents\HTML
2017-07-28 22:27 - 2017-07-28 23:37 - 000000000 ____D C:\Users\3green\Documents\HistÃ³rias
2017-07-28 22:26 - 2017-07-28 23:37 - 000000000 ____D C:\Users\3green\Documents\Documentos
2017-07-28 22:23 - 2017-08-16 20:50 - 000000000 ____D C:\Users\3green\Documents\RPG
2017-07-28 22:22 - 2017-07-28 22:31 - 000000000 ____D C:\Users\3green\Documents\Notebook
2017-07-24 14:17 - 2017-07-24 14:16 - 000400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-08 00:22 - 2017-07-08 00:23 - 017999759 _____ C:\Users\3green\Downloads\peter & roman - I have hella feelings for you..mp4
2017-07-08 00:09 - 2017-07-08 00:14 - 073403258 _____ C:\Users\3green\Downloads\Little Mix - Power (Official Video) ft. Stormzy.mp4
2017-07-08 00:01 - 2017-07-08 00:03 - 016372782 _____ C:\Users\3green\Downloads\ONCE UPON A TIME IN VENICE Official Trailer + Clip (2017) Jason Momoa VS Bruce Willis Movie HD.mp4
2017-07-07 23:54 - 2017-07-07 23:59 - 052393512 _____ C:\Users\3green\Downloads\Halsey - Now Or Never.mp4
2017-07-07 23:52 - 2017-07-07 23:58 - 026311691 _____ C:\Users\3green\Downloads\Hemlock Grove - Radioactive.mp4
2017-07-07 22:59 - 2017-07-07 22:59 - 009344052 _____ C:\Users\3green\Downloads\POMPEII Movie Clip # 3 (Emily Browning & Kit Harington).mp4
2017-07-07 22:46 - 2017-07-07 22:47 - 013971574 _____ C:\Users\3green\Downloads\Nevs Raphael Sander.mp4
2017-07-07 17:53 - 2017-07-07 17:54 - 031963036 _____ C:\Users\3green\Downloads\The Veronicas - Lolita [OFFICIAL VIDEO].mp4
2017-07-05 23:24 - 2017-07-05 23:25 - 010170705 _____ C:\Users\3green\Downloads\Zoe Saldana - GQ September 2011.mp4
2017-07-05 23:08 - 2017-07-05 23:09 - 005768572 _____ C:\Users\3green\Downloads\DOCTOR WHO Exclusive Deleted Scene from The Time of The Doctor Christmas Special - BBC America.mp4
2017-07-05 23:07 - 2017-07-05 23:09 - 019913105 _____ C:\Users\3green\Downloads\Love, Rosie - Official Trailer (HD).mp4
2017-07-05 23:02 - 2017-07-05 23:04 - 064360193 _____ C:\Users\3green\Downloads\Cartier ' DestinÃ©e ' a Romantic Short Film - å¡å°äº æµªæ¼«å®æå·´é».mp4
2017-07-05 22:53 - 2017-07-05 22:56 - 073144304 _____ C:\Users\3green\Downloads\Chuck and Sarah Alternate Ending.mp4
2017-07-05 22:51 - 2017-07-05 22:51 - 011850483 _____ C:\Users\3green\Downloads\Little Brutes - Make Our Own Way (Official Music Video).mp4
2017-07-05 22:50 - 2017-07-05 22:50 - 014258649 _____ C:\Users\3green\Downloads\Pearl Harbor (2001) - Evelyn and Danny Best Romantic Scenes [HQ].mp4
2017-07-05 22:43 - 2017-07-05 22:47 - 049360152 _____ C:\Users\3green\Downloads\Katy Perry - Thinking Of You (Official).mp4
2017-07-05 22:32 - 2017-07-05 22:33 - 016563836 _____ C:\Users\3green\Downloads\Josh Hartnett in conversation with Bruce Weber - MARC O'POLO Campaign Fall-Winter 2015.mp4
2017-07-05 22:03 - 2017-07-05 22:06 - 028676677 _____ C:\Users\3green\Downloads\Charles e Debora - Take control.mp4
2017-07-05 21:51 - 2017-07-05 21:51 - 011914092 _____ C:\Users\3green\Downloads\How to Date Lauren Cohan.mp4
2017-07-05 21:49 - 2017-07-05 21:50 - 034394502 _____ C:\Users\3green\Downloads\'Point Break' Star Luke Bracey Reveals How Remake's Stunts Top the Original.mp4
2017-07-05 21:42 - 2017-07-05 21:42 - 000046762 _____ C:\Users\3green\Downloads\Daisy Ridley December Cover Star - Behind the Scenes - ELLE.mp4.crdownload
2017-07-05 21:29 - 2017-07-05 21:33 - 068118611 _____ C:\Users\3green\Downloads\How Tarzan Met Jane - Hannah Stocking & Anwar Jibawi.mp4
2017-07-05 21:26 - 2017-07-05 21:26 - 037438120 _____ C:\Users\3green\Downloads\DeadFall -  Dakota - Jay & Liza.mp4
2017-07-05 21:25 - 2017-07-05 21:26 - 007705742 _____ C:\Users\3green\Downloads\Deadfall- Clip 5 2012 Movie Scene.mp4
2017-07-05 21:24 - 2017-07-05 21:24 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Wondershare
2017-07-05 21:24 - 2017-07-05 21:24 - 000000000 ____D C:\ProgramData\Wondershare
2017-07-05 21:13 - 2017-07-05 21:14 - 031972775 _____ C:\Users\3green\Downloads\HD # ÐÐ¸Ð»Ð¸ Ð¸ ÐÑÐ²Ð¸Ð´ # Ðº-Ñ -- ÐÑÐµÐ½Ñ ÑÐ¾ÑÐ¾ÑÐ¸Ðµ Ð´ÐµÐ²Ð¾ÑÐºÐ¸ --.mp4
2017-07-05 21:12 - 2017-07-05 21:12 - 000000000 ____D C:\Users\3green\AppData\Local\Wondershare
2017-07-05 21:11 - 2017-07-05 21:11 - 000001034 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2017-07-05 21:11 - 2017-07-05 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-07-05 21:08 - 2017-07-28 22:27 - 000000000 ____D C:\Users\3green\Documents\Wondershare Filmora
2017-07-05 21:08 - 2017-07-05 21:08 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Wondershare Video Editor
2017-07-05 21:08 - 2017-07-05 21:08 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2017-07-05 21:08 - 2017-07-05 21:08 - 000000000 ____D C:\Program Files\Wondershare
2017-07-05 21:08 - 2017-03-17 11:43 - 001250304 _____ (CineForm Inc.) C:\Windows\system32\CFDecode64.ax
2017-07-05 21:04 - 2017-07-05 21:06 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-07-05 21:03 - 2017-07-05 21:04 - 001066128 _____ C:\Users\3green\Downloads\filmora_setup_full846.exe
2017-07-03 04:35 - 2017-07-04 22:04 - 019104519 _____ C:\Users\3green\Downloads\SelecaodeFases.psd
2017-07-03 04:27 - 2017-07-03 04:27 - 009001548 _____ C:\Users\3green\Downloads\Fases.psd
2017-07-03 03:43 - 2017-07-30 20:00 - 011373413 _____ C:\Users\3green\Downloads\TelaGameOver.psd
2017-07-03 02:54 - 2017-07-03 02:54 - 008682868 _____ C:\Users\3green\Downloads\levels.psd
2017-07-03 02:43 - 2017-07-03 02:44 - 008436640 _____ C:\Users\3green\Downloads\baseIconeHome.psd
2017-07-03 02:02 - 2017-07-03 02:02 - 001367852 _____ C:\Users\3green\Downloads\Check.psd
2017-07-03 01:30 - 2017-07-03 01:30 - 000561478 _____ C:\Users\3green\Downloads\TomÃ¡s.psd
2017-07-03 01:09 - 2017-07-03 01:09 - 000000000 ____D C:\Users\3green\Downloads\PT_Sans_Narrow
2017-07-03 00:55 - 2017-07-03 03:43 - 018525115 _____ C:\Users\3green\Downloads\TelaCreditos.psd
2017-07-03 00:28 - 2017-07-03 04:27 - 009000684 _____ C:\Users\3green\Downloads\botaoPause.psd
2017-07-03 00:28 - 2017-07-03 00:28 - 009228806 _____ C:\Users\3green\Downloads\BaseBotaoVoltar.psd
2017-07-03 00:28 - 2017-07-03 00:28 - 002806722 _____ C:\Users\3green\Downloads\TelaMenu.psd
2017-07-03 00:04 - 2017-07-03 00:04 - 000000000 ___RD C:\Program Files\Crack
2017-07-02 23:58 - 2017-07-02 23:58 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2017-07-02 23:57 - 2017-07-02 23:57 - 000000000 ____D C:\Program Files\Adobe
2017-07-02 23:55 - 2017-07-02 23:55 - 000001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2017-07-02 23:51 - 2017-07-02 23:51 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2017-07-02 23:50 - 2017-07-02 23:50 - 000001436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2017-07-02 23:49 - 2017-07-02 23:49 - 000000000 ____D C:\Windows\SysWOW64\spool
2017-07-02 23:48 - 2017-07-02 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-07-02 23:48 - 2017-07-02 23:48 - 000000000 ____D C:\Program Files (x86)\Adobe Media Player
2017-07-02 23:47 - 2017-07-02 23:47 - 000001192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2017-07-02 23:43 - 2017-07-03 22:07 - 000000000 ____D C:\Users\3green\AppData\Local\Adobe
2017-07-02 23:41 - 2017-07-03 22:07 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Adobe
2017-07-02 23:41 - 2017-07-03 22:07 - 000000000 ____D C:\ProgramData\Adobe
2017-07-02 23:41 - 2017-07-02 23:55 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-07-02 23:41 - 2017-07-02 23:41 - 000001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2017-07-02 23:41 - 2017-07-02 23:41 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2017-07-02 23:40 - 2017-07-02 23:59 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-06-30 18:29 - 2017-06-30 18:29 - 000000000 ____D C:\Users\3green\Downloads\site
2017-06-29 01:32 - 2017-06-29 01:39 - 000000000 ____D C:\Users\3green\Documents\Faculdade
2017-06-29 00:30 - 2017-06-29 00:30 - 000000000 ____D C:\Users\3green\Downloads\Photoshop 16
2017-06-29 00:04 - 2017-06-29 00:08 - 071832901 _____ C:\Users\3green\Downloads\Photoshop 16 LS20 (64-Bit).zip
2017-06-23 18:49 - 2017-06-23 18:49 - 000000000 ____D C:\Users\3green\Downloads\Originals
2017-06-18 19:19 - 2017-06-28 23:57 - 000000000 ____D C:\Users\3green\Documents\Adobe
2017-06-18 19:03 - 2017-06-18 19:03 - 003733552 _____ C:\Users\3green\Downloads\winrar-x64-54br.exe
2017-06-18 18:59 - 2017-06-18 18:59 - 002240192 _____ (BitTorrent Inc.) C:\Users\3green\Downloads\uTorrent.exe
2017-06-13 17:09 - 2017-06-13 17:09 - 000165962 _____ C:\Users\3green\Downloads\Cabeca.ma
2017-06-11 11:51 - 2017-06-11 11:51 - 000000833 _____ C:\Users\3green\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-06-11 11:51 - 2017-06-11 11:51 - 000000785 _____ C:\Users\3green\Desktop\Start Tor Browser.lnk
2017-06-11 11:51 - 2017-06-11 11:51 - 000000000 ____D C:\Users\3green\Desktop\Tor Browser
2017-06-11 11:50 - 2017-06-11 11:50 - 054278592 _____ C:\Users\3green\Downloads\torbrowser-install-7.0_en-US.exe
2017-06-09 11:17 - 2017-06-09 11:18 - 000000000 ____D C:\Users\3green\AppData\Local\PAYDAY 2
2017-06-09 11:17 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-06-08 16:12 - 2017-07-30 23:11 - 000000000 ____D C:\Users\3green\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-08 16:09 - 2017-06-08 16:09 - 000000000 ____D C:\Users\3green\AppData\Local\Steam
2017-06-08 15:59 - 2017-08-19 16:41 - 000000000 ____D C:\Program Files (x86)\Steam
2017-06-08 15:59 - 2017-06-08 15:59 - 000000963 _____ C:\Users\Public\Desktop\Steam.lnk
2017-06-08 15:59 - 2017-06-08 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-08 15:58 - 2017-06-08 15:59 - 001446792 _____ C:\Users\3green\Downloads\SteamSetup.exe
2017-06-07 23:24 - 2017-06-07 23:24 - 013890615 _____ C:\Users\3green\Downloads\Monotype_eBook_Type_and_Games.pdf
2017-06-07 23:23 - 2017-06-07 23:24 - 003484916 _____ C:\Users\3green\Downloads\pictogramas.pdf
2017-06-05 17:44 - 2017-06-05 17:44 - 000000000 ____D C:\Users\3green\Downloads\exercicio_layout
2017-06-05 17:43 - 2017-06-05 17:44 - 001775937 _____ C:\Users\3green\Downloads\exercicio_layout.zip
2017-06-05 17:41 - 2017-06-05 17:41 - 002215894 _____ C:\Users\3green\Downloads\Aula-011.ppsx
2017-06-03 19:20 - 2017-08-13 22:55 - 001603966 _____ C:\Users\3green\Downloads\Dragon.ma
2017-05-31 17:20 - 2017-05-31 17:20 - 001889590 _____ C:\Users\3green\Downloads\CONSULTA11.pdf
2017-05-31 17:20 - 2017-05-31 17:20 - 001627691 _____ C:\Users\3green\Downloads\CONSULTA21.pdf
2017-05-29 20:40 - 2017-05-29 20:40 - 000130989 _____ C:\Users\3green\Downloads\drive-download-20170529T234008Z-001.zip
2017-05-25 22:52 - 2017-05-25 22:52 - 000071616 _____ C:\Users\3green\Downloads\Conquistas.psd
2017-05-25 22:50 - 2017-05-25 22:50 - 000366317 _____ C:\Users\3green\Downloads\chic.psd
2017-05-25 21:41 - 2017-05-25 21:41 - 000003883 _____ C:\Users\3green\AppData\Local\recently-used.xbel
2017-05-25 20:44 - 2017-05-25 20:44 - 000003480 _____ C:\Windows\System32\Tasks\ByteFence Scan
2017-05-25 20:44 - 2017-05-25 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2017-05-25 20:39 - 2017-05-25 21:41 - 000000000 ____D C:\Users\3green\AppData\Local\gtk-2.0
2017-05-25 20:39 - 2017-05-25 20:39 - 000000000 ____D C:\Users\3green\.thumbnails
2017-05-25 19:56 - 2017-05-25 19:56 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\ByteFence
2017-05-25 19:56 - 2017-05-25 19:56 - 000000000 ____D C:\ProgramData\ByteFence
2017-05-25 19:54 - 2017-05-25 23:31 - 000000000 ____D C:\Users\3green\.gimp-2.8
2017-05-25 19:54 - 2017-05-25 19:54 - 000000000 ____D C:\Users\3green\AppData\Local\gegl-0.2
2017-05-25 19:54 - 2017-05-25 19:54 - 000000000 ____D C:\Users\3green\AppData\Local\fontconfig
2017-05-25 19:46 - 2017-05-26 22:51 - 000000000 ____D C:\Users\3green\AppData\Local\chromium
2017-05-25 19:45 - 2017-05-25 19:45 - 000003380 _____ C:\Windows\System32\Tasks\ByteFence
2017-05-25 19:44 - 2017-08-19 16:44 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\{CEC10BA2-4483-8164-C245-1F26580794E8}
2017-05-25 19:44 - 2017-08-19 16:44 - 000000000 ____D C:\ProgramData\{CEC10BA2-4483-8164-C245-1F26580794E8}
2017-05-25 19:44 - 2017-05-25 19:44 - 077404656 _____ (The GIMP Team ) C:\Users\3green\Downloads\Superdownloads_gimp.exe
2017-05-25 19:44 - 2017-05-25 19:44 - 000004348 _____ C:\Windows\System32\Tasks\Yahoo! Powered ranil
2017-05-25 19:43 - 2017-05-25 19:43 - 000000372 __RSH C:\Users\Todos os UsuÃ¡rios\ntuser.pol
2017-05-25 19:43 - 2017-05-25 19:43 - 000000372 __RSH C:\ProgramData\ntuser.pol
2017-05-25 19:42 - 2017-08-19 18:41 - 000000000 ____D C:\Program Files\ByteFence
2017-05-25 19:41 - 2017-05-25 19:41 - 001219528 _____ ( ) C:\Users\3green\Downloads\Superdownloads_gimp_0123774102.exe

==================== TrÃªs Meses Modificados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-08-19 17:12 - 2017-04-27 20:57 - 000000000 ___SD C:\Users\3green\AppData\LocalLow\Temp
2017-08-19 17:08 - 2017-03-23 22:15 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Autodesk
2017-08-19 17:08 - 2017-03-23 22:15 - 000000000 ____D C:\ProgramData\Autodesk
2017-08-19 16:55 - 2017-03-09 17:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-19 16:42 - 2017-03-07 18:29 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-19 16:42 - 2017-03-07 18:29 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-19 16:37 - 2009-07-14 01:45 - 000014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-19 16:37 - 2009-07-14 01:45 - 000014816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-19 16:33 - 2009-07-14 14:55 - 000705070 _____ C:\Windows\system32\prfh0416.dat
2017-08-19 16:33 - 2009-07-14 14:55 - 000146910 _____ C:\Windows\system32\prfc0416.dat
2017-08-19 16:33 - 2009-07-14 02:13 - 001633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-19 16:33 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2017-08-19 16:28 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-15 19:48 - 2017-03-09 17:51 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\regid.1991-06.com.microsoft
2017-08-15 19:48 - 2017-03-09 17:51 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-13 18:40 - 2017-03-07 18:30 - 000003900 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1488922253
2017-08-09 18:01 - 2017-03-07 18:25 - 001015880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-08-09 18:01 - 2017-03-07 18:25 - 000146704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-08-08 22:31 - 2017-03-23 22:18 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Package Cache
2017-08-08 22:31 - 2017-03-23 22:18 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-03 22:09 - 2009-07-14 01:45 - 003044456 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-03 18:52 - 2017-03-07 18:22 - 000116408 _____ C:\Users\3green\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-03 18:32 - 2017-03-24 18:01 - 000000000 ____D C:\Users\Todos os UsuÃ¡rios\Skype
2017-08-03 18:32 - 2017-03-24 18:01 - 000000000 ____D C:\ProgramData\Skype
2017-08-01 17:55 - 2017-03-07 18:25 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-07-24 20:26 - 2017-03-15 10:58 - 000000000 ____D C:\Users\3green\AppData\Roaming\Adobe
2017-07-24 14:15 - 2017-03-07 18:25 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-07-24 14:15 - 2017-03-07 18:25 - 000320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-07-24 14:15 - 2017-03-07 18:25 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-07-24 14:15 - 2017-03-07 18:25 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys

==================== Arquivos na raiz de alguns diretÃ³rios =======

2017-05-25 21:41 - 2017-05-25 21:41 - 000003883 _____ () C:\Users\3green\AppData\Local\recently-used.xbel

Alguns arquivos em TEMP:
====================
2017-03-23 23:39 - 2015-01-26 05:59 - 000060296 _____ (Autodesk, Inc.) C:\Users\3green\AppData\Local\Temp\AcDeltree.exe
2017-03-15 10:31 - 2017-03-15 10:31 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\3green\AppData\Local\Temp\EAD113F.exe
2009-03-28 18:08 - 2009-03-28 18:08 - 000195056 _____ (Electronic Arts, Inc.) C:\Users\3green\AppData\Local\Temp\UninstallEADM.dll
2017-06-30 17:33 - 2017-06-30 17:33 - 014456872 _____ (Microsoft Corporation) C:\Users\3green\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

C:\Windows\system32\winlogon.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\explorer.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\services.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo Ã© assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo Ã© assinado digitalmente

LastRegBack: 2017-08-02 00:30

==================== Fim de FRST.txt ============================