cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Relatório do ZHPDiag v2015.4.20.40 - Nicolas Coolman (20/04/2015)
~ Iniciado por Logikoma (23/04/2015 00:21:03)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Endereço do Webforum : http://forum.nicolascoolman.fr
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Desativado pelo Utilizador
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 37.0

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
Windows Vista (TM) Ultimate, 32-bit Service Pack 2 (Build 6002)

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 2.1.4.1018

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 17 NPAPI

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3031 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 98 GB (73%) free of 134 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LOGIKOMA-00X
~ User Name: Logikoma
~ All Users Names: Logikoma, Convidado, Administrador,
~ Unselected Option: None
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Logikoma\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Logikoma\AppData\Roaming\
~ %Desktop% : C:\Users\Logikoma\Desktop\
~ %Favorites% : C:\Users\Logikoma\Favorites\
~ %LocalAppData% : C:\Users\Logikoma\AppData\Local\
~ %StartMenu% : C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 98 Go of 134 Go)
D: Hard drive, Flash drive, Thumb drive (Free 10 Go of 15 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.11/04/2009 - 10:19:30.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:21:52.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.19B481D70FBC176AE5D3E91347B0128F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.20/04/2015 - 03:14:06.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.11/04/2009 - 10:19:45.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 03:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 10:18:59.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.20/01/2008 - 23:21:58.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 10:18:59.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 11:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 10:19:01.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver de porta i8042.) (.20/01/2008 - 23:21:28.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.20/01/2008 - 23:22:35.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 10:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 10:19:51.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.03/03/2013 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver de porta paralela.) (.02/11/2006 - 05:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/01/2008 - 23:23:02.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.943B18305EAE3935598A9B4A3D560B4C] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.11/04/2009 - 10:18:59.) -- C:\Windows\system32\Drivers\rdpdr.sys [248320]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 10:19:51.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 10:19:46.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/08/2012 - 08:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/19
~ Mon Bureau (My Desktop) : 1/3964
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.3024]
[MD5.924FFA76D1E9D9365DE0ECFB00FE0926] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.1084]
[MD5.E5E37B2B65B414E841C2D797F3C38DA5] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.1280]
[MD5.2C6199D6492CBFB50430C4DF1A584E4E] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.2272]
[MD5.F565B2C95C6216678C755B666528B550] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.2340]
[MD5.A019D278E5BB5ECBF5CF15537B6C2765] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2618680] [PID.2576]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.172]
[MD5.2C009C50C0EE073EC0F993698CDB6C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198656] [PID.1780]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3960]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1176]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Instalador de Módulos do Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.1284]
[MD5.D1A1B58EA0D689E0D39805782122AEA3] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [656184] [PID.1804]
[MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1952]
[MD5.E27891A49DF92004041FEC5C3A2D4230] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120] [PID.116]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\RUNDLL32.exe [0] [PID.868]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.3664]
[MD5.F8D8BB3F6173FFF00128612F33D3197A] - (.Microsoft Corporation - WMI Reverse Performance Adapter Maintenance.) -- C:\Windows\system32\wbem\WMIADAP.exe [117248] [PID.3720]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Logikoma - z3u5bxi6.default\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}] [] FT DeepDark v12.0.1 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
~ Firefox Browser: 2 Scanned in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 10 Scanned in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File: Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
~ Application: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC7FEE50-9C2E-4F17-88E8-AE7575124E3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC7FEE50-9C2E-4F17-88E8-AE7575124E3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC7FEE50-9C2E-4F17-88E8-AE7575124E3E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Chave do Registo autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
~ Services: 3 Scanned in 00mn 11s



---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img2.jpg
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [902]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
~ Scheduled Task: 2 Scanned in 00mn 02s



---\\ Componentes instalados (ActiveSetup Installed Components) (040)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (ESProtectionDriver) . (...) - C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Driver de porta i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Driver de Classe de Teclado.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Driver de classe modem.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 66 Scanned in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) TV Wizard - (.Intel Corporation.) [HKLM] -- TVWiz
O42 - Logiciel: Malwarebytes Anti-Exploit version 1.06.1.1019 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Exploit_is1
O42 - Logiciel: Malwarebytes Anti-Malware versão 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 37.0 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 37.0 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++
O42 - Logiciel: UltraUXThemePatcher - (.Manuel Hoefs (Zottel).) [HKLM] -- UltraUXThemePatcher
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM] -- {CCF298AF-9CE1-4B26-B251-486E98A34789}
~ Logic: 24 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\INTEL]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla]
[HKCU\Software\Policies]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Broadcom]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes Anti-Exploit]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Swearware]
[HKLM\Software\TrendMicro]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\mozilla.org]
~ Key Software: 73 Scanned in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\Program Files\Arquivos Comuns
O43 - CFD: 22/04/2015 - 01:44:12 - [] ----D C:\Program Files\Common Files
O43 - CFD: 03/04/2015 - 20:45:46 - [] ----D C:\Program Files\Intel
O43 - CFD: 20/04/2015 - 03:37:26 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 22/04/2015 - 02:04:20 - [] ----D C:\Program Files\Malwarebytes Anti-Exploit
O43 - CFD: 22/04/2015 - 02:06:58 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 02/11/2006 - 09:35:50 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 22/04/2015 - 00:21:56 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 22/04/2015 - 00:11:59 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 20/04/2015 - 19:17:37 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 20/04/2015 - 02:39:54 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 09:35:50 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 03/04/2015 - 20:56:03 - [] ----D C:\Program Files\Notepad++
O43 - CFD: 02/11/2006 - 09:35:50 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 03/04/2015 - 20:55:28 - [] ----D C:\Program Files\UltraUXThemePatcher
O43 - CFD: 02/11/2006 - 10:00:30 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 11/04/2009 - 10:24:36 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 11/04/2009 - 10:24:34 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 11/04/2009 - 10:24:31 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 22/04/2015 - 00:12:12 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 22/04/2015 - 00:12:15 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 22/04/2015 - 00:12:15 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 03/04/2015 - 20:19:25 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 11/04/2009 - 10:24:33 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 22/04/2015 - 00:12:08 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 11/04/2009 - 10:24:35 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 03/04/2015 - 20:54:49 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 23/04/2015 - 00:20:00 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 02/11/2006 - 09:41:10 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 08:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\Program Files\Common Files\Sistema
O43 - CFD: 02/11/2006 - 08:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 22/04/2015 - 00:11:46 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 02/11/2006 - 10:00:38 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\ProgramData\Dados de aplicativos
O43 - CFD: 02/11/2006 - 10:00:38 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 02/11/2006 - 10:00:38 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 02/11/2006 - 10:00:38 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 22/04/2015 - 02:06:55 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 23/04/2015 - 00:18:33 - [] ----D C:\ProgramData\Malwarebytes Anti-Exploit
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\ProgramData\Menu Iniciar
O43 - CFD: 03/04/2015 - 20:50:00 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 03/04/2015 - 20:19:25 - [] -SH-D C:\ProgramData\Modelos
O43 - CFD: 03/04/2015 - 20:56:50 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 21/04/2015 - 00:29:29 - [] ----D C:\ProgramData\RogueKiller
O43 - CFD: 02/11/2006 - 10:00:38 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 02/11/2006 - 10:00:38 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 22/04/2015 - 00:11:42 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 22/04/2015 - 00:11:42 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/01/2008 - 23:41:14 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 20/01/2008 - 23:41:17 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 02/11/2006 - 09:55:26 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/04/2015 - 02:04:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
O43 - CFD: 22/04/2015 - 02:06:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 03/04/2015 - 20:56:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 02/11/2006 - 09:49:43 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/11/2006 - 09:35:50 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 03/04/2015 - 20:54:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 23/04/2015 - 00:20:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 04/04/2015 - 02:00:18 - [] ----D C:\Users\Logikoma\AppData\Roaming\Adobe
O43 - CFD: 03/04/2015 - 20:21:55 - [] ----D C:\Users\Logikoma\AppData\Roaming\Identities
O43 - CFD: 04/04/2015 - 02:00:18 - [] ----D C:\Users\Logikoma\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 09:35:50 - [0] ----D C:\Users\Logikoma\AppData\Roaming\Media Center Programs
O43 - CFD: 20/04/2015 - 02:14:37 - [] -S--D C:\Users\Logikoma\AppData\Roaming\Microsoft
O43 - CFD: 03/04/2015 - 20:57:11 - [] ----D C:\Users\Logikoma\AppData\Roaming\Mozilla
O43 - CFD: 04/04/2015 - 01:33:14 - [] ----D C:\Users\Logikoma\AppData\Roaming\Notepad++
O43 - CFD: 20/04/2015 - 13:54:42 - [] ----D C:\Users\Logikoma\AppData\Roaming\WinRAR
O43 - CFD: 23/04/2015 - 00:21:53 - [] ----D C:\Users\Logikoma\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 04/04/2015 - 01:58:14 - [0] ----D C:\Users\Logikoma\AppData\Local\Adobe
O43 - CFD: 20/04/2015 - 02:14:35 - [] ----D C:\Users\Logikoma\AppData\Local\Apps
O43 - CFD: 03/04/2015 - 20:21:39 - [] -SH-D C:\Users\Logikoma\AppData\Local\Dados de aplicativos
O43 - CFD: 03/04/2015 - 20:21:39 - [] -SH-D C:\Users\Logikoma\AppData\Local\Histórico
O43 - CFD: 04/04/2015 - 02:00:18 - [] ----D C:\Users\Logikoma\AppData\Local\Macromedia
O43 - CFD: 03/04/2015 - 20:22:28 - [] ----D C:\Users\Logikoma\AppData\Local\Microsoft
O43 - CFD: 21/04/2015 - 00:22:40 - [] ----D C:\Users\Logikoma\AppData\Local\MigWiz
O43 - CFD: 03/04/2015 - 20:57:02 - [] ----D C:\Users\Logikoma\AppData\Local\Mozilla
O43 - CFD: 23/04/2015 - 00:20:02 - [] ----D C:\Users\Logikoma\AppData\Local\temp
O43 - CFD: 03/04/2015 - 20:21:39 - [] -SH-D C:\Users\Logikoma\AppData\Local\Temporary Internet Files
O43 - CFD: 04/04/2015 - 01:46:43 - [] ----D C:\Users\Logikoma\AppData\Local\VirtualStore
O43 - CFD: 20/01/2008 - 23:41:14 - [] R---D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 03/04/2015 - 20:22:07 - [] R---D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 20/01/2008 - 23:41:14 - [] R---D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 03/04/2015 - 20:56:01 - [0] ----D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 03/04/2015 - 20:22:07 - [] R---D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 03/04/2015 - 20:55:28 - [] ----D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraUXThemePatcher
O43 - CFD: 20/04/2015 - 02:14:35 - [] ----D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
O43 - CFD: 03/04/2015 - 20:54:49 - [] ----D C:\Users\Logikoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 89 Scanned in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.DC81EECB36A1D19B428C73EE85B0BC91] - 20/04/2015 - 02:19:44 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [246920]
O44 - LFC:[MD5.C16128AF698D98D23849A6AC59D0E672] - 20/04/2015 - 02:59:15 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [778416]
O44 - LFC:[MD5.B432B52EAD3006A61D7A37A2F7978416] - 20/04/2015 - 02:59:15 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [142512]
O44 - LFC:[MD5.0D5DAD610D7EA1627581ED06FB2BAA9A] - 20/04/2015 - 03:01:17 ---A- . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153600]
O44 - LFC:[MD5.A36F7A256E65D858A7039DB00ADEEBDD] - 20/04/2015 - 03:01:55 ---A- . (.Microsoft Corporation - WDF:UMDF Framework Library.) -- C:\Windows\System32\WUDFx.dll [613888]
O44 - LFC:[MD5.980B6A5F92B8DB235C4A26728C2BE732] - 20/04/2015 - 03:01:55 ---A- . (.Microsoft Corporation - Windows Driver Foundation - Processo de Hos.) -- C:\Windows\System32\WUDFHost.exe [196608]
O44 - LFC:[MD5.D689B2C2E69156D954C24810F4081C1E] - 20/04/2015 - 03:01:56 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Platf.) -- C:\Windows\System32\WUDFCoinstaller.dll [38912]
O44 - LFC:[MD5.48704647CD2E9DAA2EB81BDE6D029EDB] - 20/04/2015 - 03:01:58 ---A- . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\System32\Drivers\WdfLdr.sys [47720]
O44 - LFC:[MD5.D5CF1536137026ACDED95BF6CBF849F6] - 20/04/2015 - 03:01:59 ---A- . (.Microsoft Corporation - Windows Driver Foundation - Biblioteca de P.) -- C:\Windows\System32\WUDFPlatform.dll [172032]
O44 - LFC:[MD5.FE47B7BC8EA320C2D9B5E5BF6E303765] - 20/04/2015 - 03:01:59 ---A- . (.Microsoft Corporation - Windows Driver Foundation - Serviço de Estr.) -- C:\Windows\System32\WUDFSvc.dll [73216]
O44 - LFC:[MD5.06E6F32C8D0A3F66D956F57B43A2E070] - 20/04/2015 - 03:02:00 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\Drivers\WUDFPf.sys [66560]
O44 - LFC:[MD5.867C301E8B790040AE9CF6486E8041DF] - 20/04/2015 - 03:02:00 ---A- . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\Windows\System32\Drivers\WUDFRd.sys [155136]
O44 - LFC:[MD5.76FD230DEAB73D2826458617DBB56A63] - 20/04/2015 - 03:02:00 ---A- . (.Microsoft Corporation - Windows USB Driver User Library.) -- C:\Windows\System32\winusb.dll [16896]
O44 - LFC:[MD5.2F0BC1FC6142DCB31C7D9804962A7011] - 20/04/2015 - 03:02:08 ---A- . (.Microsoft Corporation - Kernel Mode Driver Framework Resource.) -- C:\Windows\System32\Wdfres.dll [9728]
O44 - LFC:[MD5.933222B19FF3E7EA5F65517EA1F7D57E] - 20/04/2015 - 03:02:20 ---A- . (...) -- C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [3]
O44 - LFC:[MD5.735B1EB4521724784A6C142CE923DBFC] - 20/04/2015 - 03:03:05 ---A- . (.Microsoft Corporation - Mecanismo do editor de configuração de segu.) -- C:\Windows\System32\scesrv.dll [306176]
O44 - LFC:[MD5.F86293D93760C70ADF4F19E66E3FA5E8] - 20/04/2015 - 03:03:26 ---A- . (.Microsoft Corporation - HTTP Protocol Stack API.) -- C:\Windows\System32\httpapi.dll [30720]
O44 - LFC:[MD5.F870AA3E254628EBEAFE754108D664DE] - 20/04/2015 - 03:03:26 ---A- . (.Microsoft Corporation - Pilha do protocolo HTTP.) -- C:\Windows\System32\Drivers\http.sys [411648]
O44 - LFC:[MD5.478ABCCF01166AC6D6AD0FA188051418] - 20/04/2015 - 03:03:28 ---A- . (.Microsoft Corporation - DLL do HTTP netsh.) -- C:\Windows\System32\nshhttp.dll [24064]
O44 - LFC:[MD5.4E404505B3F62ECFBDBCBBCF0A72DBC5] - 20/04/2015 - 03:04:31 ---A- . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\Drivers\fastfat.sys [143360]
O44 - LFC:[MD5.2BF660554AD726BD43869E2A452B547F] - 20/04/2015 - 03:05:28 ---A- . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll [11587584]
O44 - LFC:[MD5.66BCFB248EF26CABCD955FB27A7D439B] - 20/04/2015 - 03:05:53 ---A- . (.Microsoft Corporation - Network Connectivity Status Indicator.) -- C:\Windows\System32\ncsi.dll [93184]
O44 - LFC:[MD5.16D4D2D721E6DB8518225A37674163F8] - 20/04/2015 - 03:05:53 ---A- . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll [48640]
O44 - LFC:[MD5.C96411DD46AABC0D6F3CF06D0E0E7E14] - 20/04/2015 - 03:05:53 ---A- . (.Microsoft Corporation - Reconhecimento de Locais de Rede 2.) -- C:\Windows\System32\nlasvc.dll [174080]
O44 - LFC:[MD5.BE377621E2D2B483F8EF447079E55585] - 20/04/2015 - 03:06:23 ---A- . (.Microsoft Corporation - Audio Engine.) -- C:\Windows\System32\AudioEng.dll [396800]
O44 - LFC:[MD5.56B73070DB745E192307EB7AB6C55CD5] - 20/04/2015 - 03:06:23 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll [274432]
O44 - LFC:[MD5.A0344CD5E3F552340AB226E864E1710B] - 20/04/2015 - 03:06:23 ---A- . (.Microsoft Corporation - Media Foundation Crash Dump Encryption DLL.) -- C:\Windows\System32\EncDump.dll [170496]
O44 - LFC:[MD5.8E98A99187FF17FC1D48E6FAFFD870BE] - 20/04/2015 - 03:06:23 ---A- . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\audiosrv.dll [316928]
O44 - LFC:[MD5.1BD89641D9B1012796AFADAB9A659974] - 20/04/2015 - 03:07:30 ---A- . (.Microsoft Corporation - Interface do Usuário da Autenticação do Win.) -- C:\Windows\System32\authui.dll [1993728]
O44 - LFC:[MD5.BAC7D3632B09A5DF7D2BD067933E49E0] - 20/04/2015 - 03:07:30 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [2264064]
O44 - LFC:[MD5.8FAD1550A16432D56CF6F40953797345] - 20/04/2015 - 03:07:30 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [332800]
O44 - LFC:[MD5.5E50B8E904FCB8DFC7C29BD3FEB7A593] - 20/04/2015 - 03:07:31 ---A- . (.Microsoft Corporation - IU de consentimento para aplicativos admini.) -- C:\Windows\System32\consent.exe [82432]
O44 - LFC:[MD5.8F7D200717A58E9800D391F4C2101577] - 20/04/2015 - 03:07:31 ---A- . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [33280]
O44 - LFC:[MD5.0C96812AAEDA38C89DC6C3F0AE7B6930] - 20/04/2015 - 03:08:26 ---A- . (.Microsoft Corporation - DLL do servidor LSA.) -- C:\Windows\System32\lsasrv.dll [1259008]
O44 - LFC:[MD5.5035EDF1F2E72F78BB1EC5BD9B97463F] - 20/04/2015 - 03:08:26 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [440760]
O44 - LFC:[MD5.4ABCE74D012971305249E45E095E9EA6] - 20/04/2015 - 03:08:27 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [218624]
O44 - LFC:[MD5.93620229F3CC3B67A3528BF39F064C30] - 20/04/2015 - 03:08:27 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [175104]
O44 - LFC:[MD5.A3E186B4B935905B829219502557314E] - 20/04/2015 - 03:08:27 ---A- . (.Microsoft Corporation - Processo de Autoridade de Segurança Local.) -- C:\Windows\System32\lsass.exe [9728]
O44 - LFC:[MD5.2D357C80ABB17CFACB7B552BC9CC8548] - 20/04/2015 - 03:08:27 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [279040]
O44 - LFC:[MD5.D602FEDBD9155FC2DED6863FB60C950F] - 20/04/2015 - 03:08:28 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [72704]
O44 - LFC:[MD5.6E895BDCB3158E3860A49662332736BA] - 20/04/2015 - 03:12:01 ---A- . (.Microsoft Corporation - Direct3D 11 Runtime.) -- C:\Windows\System32\d3d11.dll [519680]
O44 - LFC:[MD5.60BBAF3F5A38D0274B0C46710A218051] - 20/04/2015 - 03:12:01 ---A- . (.Microsoft Corporation - Ferramenta de Diagnóstico do DirectX da Mic.) -- C:\Windows\System32\dxdiag.exe [252928]
O44 - LFC:[MD5.D1C47F951EA35073C97EF2E928CF9D6F] - 20/04/2015 - 03:12:01 ---A- . (.Microsoft Corporation - Ferramenta de Diagnóstico do DirectX da Mic.) -- C:\Windows\System32\dxdiagn.dll [195584]
O44 - LFC:[MD5.012A965F34414458075EF4F0EDC11536] - 20/04/2015 - 03:12:01 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Extended Library.) -- C:\Windows\System32\WindowsCodecsExt.dll [189440]
O44 - LFC:[MD5.247609D2CD28A57BC1FE37FDA48AC0DB] - 20/04/2015 - 03:12:01 ---A- . (.Microsoft Corporation - Photo Metadata Handler.) -- C:\Windows\System32\PhotoMetadataHandler.dll [321024]
O44 - LFC:[MD5.AAAE543C535ED596ECAD2AB8761C2C6F] - 20/04/2015 - 03:12:41 ---A- . (.Microsoft Corporation - DirectX Graphics Infrastructure.) -- C:\Windows\System32\dxgi.dll [478720]
O44 - LFC:[MD5.5EC8FB83F31AA2D6F421F02C3F4F4475] - 20/04/2015 - 03:12:41 ---A- . (.Microsoft Corporation - Driver de spooler do Windows.) -- C:\Windows\System32\winspool.drv [258048]
O44 - LFC:[MD5.DFD714F1A410B32DA258423CF592A96E] - 20/04/2015 - 03:12:41 ---A- . (.Microsoft Corporation - Host de Pipeline de Filtro de Impressão.) -- C:\Windows\System32\printfilterpipelinesvc.exe [667648]
O44 - LFC:[MD5.A15ED03919107C2A6A3395EE02C7DD47] - 20/04/2015 - 03:12:41 ---A- . (.Microsoft Corporation - Native Code OPC Services Library.) -- C:\Windows\System32\OpcServices.dll [847360]
O44 - LFC:[MD5.E821547F853BF67CABE187B6FAA5D212] - 20/04/2015 - 03:12:41 ---A- . (.Microsoft Corporation - Print Filter Pipeline Proxy.) -- C:\Windows\System32\printfilterpipelineprxy.dll [26112]
O44 - LFC:[MD5.E607F9C6A2386647B572580CB147C7B3] - 20/04/2015 - 03:12:41 ---A- . (.Microsoft Corporation - Xps Object Model in memory creation and des.) -- C:\Windows\System32\xpsservices.dll [1554432]
O44 - LFC:[MD5.3439DFAD865BF24C3E3DE3BCB2F9C39F] - 20/04/2015 - 03:12:42 ---A- . (.Microsoft Corporation - XPS Rasterization Service Component.) -- C:\Windows\System32\XpsRasterService.dll [135680]
O44 - LFC:[MD5.167AC31450C0C53A01FA1491E94D7678] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Biblioteca de Objetos Doc de Shell e Contro.) -- C:\Windows\System32\shdocvw.dll [1075712]
O44 - LFC:[MD5.67D16247C56C26A4F0D79D1A7F272B8F] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Media Foundation DLL.) -- C:\Windows\System32\mf.dll [2873344]
O44 - LFC:[MD5.743B1957729DE905DC44782A957FD284] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Media Foundation MP4 Source DLL.) -- C:\Windows\System32\mfmp4src.dll [302592]
O44 - LFC:[MD5.BF142D4F8C61ED3629A9CDD7BA867900] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Media Foundation Platform DLL.) -- C:\Windows\System32\mfplat.dll [209920]
O44 - LFC:[MD5.B9103A56ACABDED3E87C2A8777B6456C] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Media Foundation Proxy DLL.) -- C:\Windows\System32\mfps.dll [98816]
O44 - LFC:[MD5.7BE8835CA7E2975F2E865CEEE8821EB6] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Media Foundation ReadWrite DLL.) -- C:\Windows\System32\mfreadwrite.dll [261632]
O44 - LFC:[MD5.44CEE5264282105A89B650FDB07E40FF] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Microsoft AAC Audio Decoder MFT.) -- C:\Windows\System32\MFHEAACdec.dll [357376]
O44 - LFC:[MD5.BC5E45CB2304AFB4D2EF2FD9C41299AF] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Microsoft DTV-DVD Video Decoder.) -- C:\Windows\System32\MFH264Dec.dll [979456]
O44 - LFC:[MD5.B5950DF243837D8217F4E597919B224A] - 20/04/2015 - 03:12:43 ---A- . (.Microsoft Corporation - Objeto de serviço do shell de Systray.) -- C:\Windows\System32\stobject.dll [586240]
O44 - LFC:[MD5.ED6F6FBBCDEC95483B7351E23F4FCDF6] - 20/04/2015 - 03:13:58 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\IEAdvpack.dll [110592]
O44 - LFC:[MD5.1E7094AFAD0C369DD6D400C7047E4AB2] - 20/04/2015 - 03:13:58 ---A- . (.Microsoft Corporation - Internet Explorer Administration Kit Engine.) -- C:\Windows\System32\ieakeng.dll [130560]
O44 - LFC:[MD5.02D9B399770C9C971F3B3344017106BA] - 20/04/2015 - 03:13:58 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [10752]
O44 - LFC:[MD5.686DFDA82EE2DBE1F58A48C9E3093996] - 20/04/2015 - 03:13:58 ---A- . (.Microsoft Corporation - Sincronização em Segundo Plano para Feeds M.) -- C:\Windows\System32\msfeedsbs.dll [41472]
O44 - LFC:[MD5.031DA76A5A7DC13F015DD3491394865E] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\System32\advpack.dll [114176]
O44 - LFC:[MD5.DB754FF5F6ADBA2A25EC1B6672D1C91E] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - DLL da UI compartilhada do Microsoft IEAK.) -- C:\Windows\System32\ieakui.dll [163840]
O44 - LFC:[MD5.49729570B7FD369BBDEC16D7683324A0] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - Extensão Snap-in do Internet Explorer à Pol.) -- C:\Windows\System32\ieaksie.dll [227840]
O44 - LFC:[MD5.68563AC389F92EE79F1C714288BA1DCE] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - IE plugin image decoder support DLL.) -- C:\Windows\System32\imgutil.dll [35840]
O44 - LFC:[MD5.3F7A8BCF37433A69CEEDE1E6AEE79784] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - IEAK Global Policy Template Parser.) -- C:\Windows\System32\admparse.dll [101888]
O44 - LFC:[MD5.95D3A97897CE0386358FA6F65D8F343D] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [717824]
O44 - LFC:[MD5.5FCA6B58D90B6D17327B48216451266D] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [1810944]
O44 - LFC:[MD5.90A57CA422923286838AAC7DE2D41B92] - 20/04/2015 - 03:13:59 ---A- . (.Microsoft Corporation - Objetos pares do Internet Explorer.) -- C:\Windows\System32\iepeers.dll [118784]
O44 - LFC:[MD5.67BC2BA6F94D2D0C51213691FBFEEBB1] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Autoextrator de arquivo de gabinete Win32.) -- C:\Windows\System32\wextract.exe [152064]
O44 - LFC:[MD5.6B4701D3D9724812E8C3801E7BF87157] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - DLL do Gerenciador de Licenças da Microsoft.) -- C:\Windows\System32\licmgr10.dll [23552]
O44 - LFC:[MD5.9B1B09743E49F4E2364C34203F843844] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Host de Aplicativo HTML da Microsoft(R).) -- C:\Windows\System32\mshta.exe [11776]
O44 - LFC:[MD5.04A8B2F67825380BC0C7C46D56776133] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - IE PNG plugin image decoder.) -- C:\Windows\System32\pngfilt.dll [54272]
O44 - LFC:[MD5.F0FEFB0B5D25A75D478A4317139D937E] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll [353584]
O44 - LFC:[MD5.60B4F624BB87A3B21D3EC68F38DA6B61] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Mecanismo de instalação.) -- C:\Windows\System32\inseng.dll [78848]
O44 - LFC:[MD5.6B5500DE200DC9C51A3F6A9377D14789] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [607744]
O44 - LFC:[MD5.C1BC2B2E0AA56E9C28299273C86A73E4] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [421376]
O44 - LFC:[MD5.5E2BFFFBAA061C1660F8255B2E3BD25C] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [73216]
O44 - LFC:[MD5.E38129C89502D27580368D9762B6AFC6] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848]
O44 - LFC:[MD5.5193DE33F3284C447E0D31DAFBF92570] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\System32\webcheck.dll [203776]
O44 - LFC:[MD5.B76F31C79764D2D8835CBEC935D49DB7] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Painel de Controle da Internet.) -- C:\Windows\System32\inetcpl.cpl [1427968]
O44 - LFC:[MD5.E6DE7F4A4BF8CD9E5C4F9466981892EC] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Utilitário de Instalação Autônoma do IE 7.0.) -- C:\Windows\System32\ieUnatt.exe [142848]
O44 - LFC:[MD5.1035970885DD6ABA0EBCB3C02006A8E9] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll [12377600]
O44 - LFC:[MD5.5B37190F79F5D63C1033ED88C006080C] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Visualizador de controles de objetos.) -- C:\Windows\System32\occache.dll [123392]
O44 - LFC:[MD5.51AF0A12CD86E22E1A027C38CC021AC6] - 20/04/2015 - 03:14:00 ---A- . (.Microsoft Corporation - Wizard.) -- C:\Windows\System32\iexpress.exe [150528]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 20/04/2015 - 03:14:01 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.7AC9B18F1BE210702DA5E586224B1571] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Auxiliar do IE da Placa de Informações Micr.) -- C:\Windows\System32\icardie.dll [66048]
O44 - LFC:[MD5.F73E3C29743621D9AAF09503E523E175] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Conversor de HTML da Microsoft.) -- C:\Windows\System32\html.iec [367104]
O44 - LFC:[MD5.E8DFFB36F1120DC1DB7C0BCBCF1640AD] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [231936]
O44 - LFC:[MD5.802B0229D904E28C1EA9A5274AB457FC] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Mapa de versão IOD.) -- C:\Windows\System32\iesetup.dll [74752]
O44 - LFC:[MD5.83F5D4B41BB12CE146786E97F6AAD75E] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter Data File.) -- C:\Windows\System32\ieapfltr.dat [3695416]
O44 - LFC:[MD5.EE9D715AF1B928982F417238B9914484] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [434176]
O44 - LFC:[MD5.F83865A3007357A5E498EB9E3BED273D] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Processamento de RunOnce estendido com inte.) -- C:\Windows\System32\iernonce.dll [31744]
O44 - LFC:[MD5.C0B8B96D018849FD8CCF15FED84E8782] - 20/04/2015 - 03:14:01 ---A- . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do.) -- C:\Windows\System32\ie4uinit.exe [74240]
O44 - LFC:[MD5.59717C2C872AAEA7519B0124409B4578] - 20/04/2015 - 03:14:02 ---A- . (.Microsoft Corporation - Navegador da Internet.) -- C:\Windows\System32\ieframe.dll [9747968]
O44 - LFC:[MD5.76EB0222590D5DCD050CF862237F414A] - 20/04/2015 - 03:14:02 ---A- . (.Microsoft Corporation - TDC ActiveX Control.) -- C:\Windows\System32\tdc.ocx [63488]
O44 - LFC:[MD5.76E987D8CF0683337CF165363B6FDFD9] - 20/04/2015 - 03:14:03 ---A- . (.Microsoft Corporation - DLL de Recurso do Componente de Edição de H.) -- C:\Windows\System32\mshtmler.dll [48640]
O44 - LFC:[MD5.EE0AFCEE88098F754212F9069E80A766] - 20/04/2015 - 03:14:03 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [86528]
O44 - LFC:[MD5.16BAD3B8ABC01EC9D34E912162CA4A53] - 20/04/2015 - 03:14:03 ---A- . (.Microsoft Corporation - Mecanismo da Interface do Usuário do Intern.) -- C:\Windows\System32\ieui.dll [176640]
O44 - LFC:[MD5.6B036492120E65C0C367DC31D01088A1] - 20/04/2015 - 03:14:03 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [74752]
O44 - LFC:[MD5.736D1B28224F9DF8008BE8B0DEDFC9EF] - 20/04/2015 - 03:14:03 ---A- . (.Microsoft Corporation - Sets the date that IE was installed.) -- C:\Windows\System32\SetIEInstalledDate.exe [76800]
O44 - LFC:[MD5.67DB0E50E830E45BA24AA7B1B2143B93] - 20/04/2015 - 03:14:04 ---A- . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll [1139200]
O44 - LFC:[MD5.0B8FE658BD033EC8B1F6FBC305CC65E7] - 20/04/2015 - 03:14:05 ---A- . (.Microsoft Corporation - Classificação da Internet e DLL de gerencia.) -- C:\Windows\System32\msrating.dll [162304]
O44 - LFC:[MD5.052A629983DD1A2116629293D02B1B58] - 20/04/2015 - 03:14:05 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [1803264]
O44 - LFC:[MD5.19B481D70FBC176AE5D3E91347B0128F] - 20/04/2015 - 03:14:06 ---A- . (.Microsoft Corporation - Internet Extensions para Win32.) -- C:\Windows\System32\wininet.dll [1129472]
O44 - LFC:[MD5.B4AAF0FD9C32478889639DE464B21DA0] - 20/04/2015 - 03:14:06 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [65024]
O44 - LFC:[MD5.35AAE2E841AA1A949775168E119482C9] - 20/04/2015 - 03:14:06 ---A- . (.Microsoft Corporation - Microsoft Line Services library file.) -- C:\Windows\System32\msls31.dll [161792]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 20/04/2015 - 03:14:24 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 20/04/2015 - 03:14:24 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988]
O44 - LFC:[MD5.FD7A26BF790751B527E632BD9346DDFD] - 20/04/2015 - 03:15:32 ---A- . (.Microsoft Corporation - Microsoft IME.) -- C:\Windows\System32\IMJP10K.DLL [729600]
O44 - LFC:[MD5.259F6A6294AF75E74F93F480E05F264A] - 20/04/2015 - 03:16:11 ---A- . (.Microsoft Corporation - DLL de servidor MSCTF.) -- C:\Windows\System32\msctf.dll [807936]
O44 - LFC:[MD5.ED1E4D1CA97596E0871C1F59AC4DE8F0] - 20/04/2015 - 03:18:20 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.AB272D0B2EF1C79E43E7744D098352B2] - 20/04/2015 - 03:18:20 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [296960]
O44 - LFC:[MD5.EF764E33878B3A4A9E5A2FB5D0D031D0] - 20/04/2015 - 03:18:20 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll [10240]
O44 - LFC:[MD5.FE5372B0B1A34728106845F5B5AF131D] - 20/04/2015 - 03:18:20 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll [72704]
O44 - LFC:[MD5.EB0E02749CE5C488741C9A0ABEAB5DEC] - 20/04/2015 - 03:18:20 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll [23552]
O44 - LFC:[MD5.71B479749F0F52C4FEC726C6FFA2CE1C] - 20/04/2015 - 13:50:48 ---A- . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll [98304]
O44 - LFC:[MD5.D16A740186870C32941C0E61DF4F1298] - 20/04/2015 - 13:50:48 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll [172544]
O44 - LFC:[MD5.684C130BBC6DB681BAD4920A4C944AA5] - 20/04/2015 - 13:50:48 ---A- . (.Microsoft Corporation - Serviços de criptografia.) -- C:\Windows\System32\cryptsvc.dll [133120]
O44 - LFC:[MD5.9F472BA4FB0872ACC545B525C5ACE69B] - 20/04/2015 - 13:51:16 ---A- . (.Microsoft Corporation - Windows Media Player System Preparation DLL.) -- C:\Windows\System32\spwmp.dll [7680]
O44 - LFC:[MD5.EC28527CEA47E0695524D66E7D966648] - 20/04/2015 - 13:51:17 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\dxmasf.dll [4096]
O44 - LFC:[MD5.EC28527CEA47E0695524D66E7D966648] - 20/04/2015 - 13:51:17 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\msdxm.ocx [4096]
O44 - LFC:[MD5.57CF7F07E92195E84AB41B2F96FF627F] - 20/04/2015 - 13:51:18 ---A- . (.Microsoft Corporation - Utilitário de Instalação do Microsoft Windo.) -- C:\Windows\System32\unregmp2.exe [310784]
O44 - LFC:[MD5.62748E921160C680C13AD8953C2CB015] - 20/04/2015 - 13:51:32 ---A- . (.Microsoft Corporation - Windows Media Audio Voice Decoder.) -- C:\Windows\System32\WMSPDMOD.DLL [604672]
O44 - LFC:[MD5.E66587751D859A88FA61149C9CC2C15C] - 20/04/2015 - 13:51:33 ---A- . (.Microsoft Corporation - DLL do Relatório de Erros do Windows.) -- C:\Windows\System32\wer.dll [876032]
O44 - LFC:[MD5.8D31A140B55021BBD3A608F5A7AA2E18] - 20/04/2015 - 13:51:34 ---A- . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\Drivers\usb8023.sys [15872]
O44 - LFC:[MD5.9EFDF7F0153C066BE619450E3D5D59DD] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Biblioteca de suporte a arquivos AVI da Mic.) -- C:\Windows\System32\avifil32.dll [91136]
O44 - LFC:[MD5.27281831FF4D6F5738A2F70E75E3DD40] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Compactador Microsoft Vídeo 1.) -- C:\Windows\System32\msvidc32.dll [31744]
O44 - LFC:[MD5.EACACA0F2FF4CC54A909E3C5721FCDE8] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - DLL do Microsoft Vídeo para Windows.) -- C:\Windows\System32\msvfw32.dll [123904]
O44 - LFC:[MD5.49481223D2451181266FD6BA51ACACAC] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Driver MCI do Vídeo para Windows.) -- C:\Windows\System32\mciavi32.dll [82944]
O44 - LFC:[MD5.A613A29FB640FB2E45DA418C396D186C] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Intel Indeo(R) Video YUV Codec.) -- C:\Windows\System32\iyuv_32.dll [50176]
O44 - LFC:[MD5.73AD972616D10FDF40E668FEA983BC78] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Microsoft RLE Compressor.) -- C:\Windows\System32\msrle32.dll [13312]
O44 - LFC:[MD5.7E1BC7AA112F5ED12AB6E08E41CA6726] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Microsoft UYVY Video Decompressor.) -- C:\Windows\System32\msyuv.dll [22528]
O44 - LFC:[MD5.BC35B4551D705D1B931A3362B2B93CCD] - 20/04/2015 - 13:51:37 ---A- . (.Microsoft Corporation - Toshiba Video Codec.) -- C:\Windows\System32\tsbyuv.dll [12288]
O44 - LFC:[MD5.FF41E1AC301F51E16F61AD7C0F45467C] - 20/04/2015 - 13:51:40 ---A- . (.Microsoft Corporation - Structured Query.) -- C:\Windows\System32\msshsq.dll [231424]
O44 - LFC:[MD5.8F7AC8BEB2EA9A9EA82D2458143F74C5] - 20/04/2015 - 13:51:46 ---A- . (.Microsoft Corporation - Microsoft Fax Cover Page Editor.) -- C:\Windows\System32\FXSCOVER.exe [191488]
O44 - LFC:[MD5.AD48183027CAFCEBC322CB9CAC60F9B8] - 20/04/2015 - 13:52:24 ---A- . (.Microsoft Corporation - Web Services for Devices API DLL.) -- C:\Windows\System32\WSDApi.dll [355328]
O44 - LFC:[MD5.3B0489DE8CC3058B48471660C60A7B75] - 20/04/2015 - 13:52:28 ---A- . (.Microsoft Corporation - Remote Access PPP EAP-TLS.) -- C:\Windows\System32\rastls.dll [243712]
O44 - LFC:[MD5.BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8] - 20/04/2015 - 13:52:36 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\hidparse.sys [25472]
O44 - LFC:[MD5.4E07C27B4207ABB35F694E10ED609D2C] - 20/04/2015 - 13:52:44 ---A- . (.Microsoft Corporation - Caixas de diálogo de certificados comuns da.) -- C:\Windows\System32\cryptdlg.dll [24576]
O44 - LFC:[MD5.16FEE292E95EDC274385103E6B498019] - 20/04/2015 - 13:52:47 ---A- . (.Microsoft Corporation - Conexão de Área de Trabalho Remota.) -- C:\Windows\System32\mstsc.exe [677888]
O44 - LFC:[MD5.A508314231C49AEE86987CEA3EAECAD1] - 20/04/2015 - 13:52:49 ---A- . (.Microsoft Corporation - DLL do Windows Server para multiusuários.) -- C:\Windows\System32\winsrv.dll [376320]
O44 - LFC:[MD5.EE2FF9A3FC4404234BE3B7C6AA383AF8] - 20/04/2015 - 13:52:51 ---A- . (.Microsoft Corporation - ASN.1 Runtime APIs.) -- C:\Windows\System32\msasn1.dll [60928]
O44 - LFC:[MD5.C127EBD5AFAB31524662C48DFCEB773A] - 20/04/2015 - 13:52:52 ---A- . (.Microsoft Corporation - RDP Terminal Stack Driver.) -- C:\Windows\System32\Drivers\rdpwd.sys [180736]
O44 - LFC:[MD5.58035212AB7869A5FC3AF186ACBA8F09] - 20/04/2015 - 13:52:53 ---A- . (.Microsoft Corporation - Biblioteca de Controles de Experiência do U.) -- C:\Windows\System32\comctl32.dll [532480]
O44 - LFC:[MD5.1908CC7673F72601AFFDCA022689CEDF] - 20/04/2015 - 13:52:57 ---A- . (.Microsoft Corporation - Microsoft XmlLite Library.) -- C:\Windows\System32\xmllite.dll [182784]
O44 - LFC:[MD5.6A166182E32844369FD072057782A22B] - 20/04/2015 - 13:52:58 ---A- . (.Microsoft Corporation - Cliente ActiveX de serviços de terminal.) -- C:\Windows\System32\mstscax.dll [2067968]
O44 - LFC:[MD5.DC15AB7168C0309D8F04FD95B6240422] - 20/04/2015 - 13:53:33 ---A- . (.Microsoft Corporation - Active Accessibility Core Component.) -- C:\Windows\System32\oleacc.dll [238080]
O44 - LFC:[MD5.7E38DA8C11833B99766A97CEE3F80F07] - 20/04/2015 - 13:53:33 ---A- . (.Microsoft Corporation - Active Accessibility Resource DLL.) -- C:\Windows\System32\oleaccrc.dll [4096]
O44 - LFC:[MD5.CCE5E7C0F8AA13207E777C43F4DA80A3] - 20/04/2015 - 13:53:33 ---A- . (.Microsoft Corporation - Núcleo de Automação de Interface de Usuário.) -- C:\Windows\System32\UIAutomationCore.dll [555520]
O44 - LFC:[MD5.DBD02E3E6F061EBBBF9B99A9D7CBA30B] - 20/04/2015 - 13:53:37 ---A- . (.Microsoft Corporation - Windows HTTP Services.) -- C:\Windows\System32\winhttp.dll [377344]
O44 - LFC:[MD5.DBD9448D06E67FE6F29261FFAD205B68] - 20/04/2015 - 13:53:39 ---A- . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll [615936]
O44 - LFC:[MD5.2D74D853886BDD0CDE60BE5FDF22AD9A] - 20/04/2015 - 13:53:55 ---A- . (.Microsoft Corporation - Cliente do Gerenciamento de Direitos do Win.) -- C:\Windows\System32\msdrm.dll [332288]
O44 - LFC:[MD5.8FB90F7CFBCCF50DF2E3080A2BC6F23B] - 20/04/2015 - 13:53:55 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate.exe [518144]
O44 - LFC:[MD5.D1194E75C78C451698D7DFFDAB22C5DA] - 20/04/2015 - 13:53:55 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_ssp.exe [347136]
O44 - LFC:[MD5.A64C3712DF40DF6BD489A98E280130E7] - 20/04/2015 - 13:53:55 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_ssp_isv.exe [346624]
O44 - LFC:[MD5.B385C4E499591941E362E324969BB6FB] - 20/04/2015 - 13:53:55 ---A- . (.Microsoft Corporation - Windows Rights Management Services Server S.) -- C:\Windows\System32\secproc_ssp.dll [152064]
O44 - LFC:[MD5.7857CFD06825D710E18793D5306C7724] - 20/04/2015 - 13:53:55 ---A- . (.Microsoft Corporation - Windows Rights Management Services Server S.) -- C:\Windows\System32\secproc_ssp_isv.dll [152576]
O44 - LFC:[MD5.C7EF2D81B9AC543DA9205701C45F62BD] - 20/04/2015 - 13:53:56 ---A- . (.Microsoft Corporation - Windows Rights Management Desktop Security.) -- C:\Windows\System32\secproc.dll [471552]
O44 - LFC:[MD5.F4BFD5330DA0899771EB24A0DDEF87AF] - 20/04/2015 - 13:53:56 ---A- . (.Microsoft Corporation - Windows Rights Management Desktop Security.) -- C:\Windows\System32\secproc_isv.dll [471552]
O44 - LFC:[MD5.447D3599FA65A9A8BCF7F9048BDB7035] - 20/04/2015 - 13:53:56 ---A- . (.Microsoft Corporation - Windows Rights Management Services Activati.) -- C:\Windows\System32\RMActivate_isv.exe [526336]
O44 - LFC:[MD5.B972A66758577E0BFD1DE0F91AAA27B5] - 20/04/2015 - 13:53:59 ---A- . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System32\Drivers\fs_rec.sys [12800]
O44 - LFC:[MD5.87CDFFCBD09C1CA03A068343D5D93250] - 20/04/2015 - 13:53:59 ---A- . (.Microsoft Corporation - WMI DC and DP functionality.) -- C:\Windows\System32\wmi.dll [5120]
O44 - LFC:[MD5.09EA40F4DAD2EDB3587E5E0BAA9C3E15] - 20/04/2015 - 13:53:59 ---A- . (.Microsoft Corporation - Windows NT Image Helper.) -- C:\Windows\System32\imagehlp.dll [158208]
O44 - LFC:[MD5.E1E52D56D266C2741058BA6611970D0C] - 20/04/2015 - 13:54:00 ---A- . (.Microsoft Corporation - DirectShow DVD PlayBack Runtime..) -- C:\Windows\System32\qdvd.dll [497152]
O44 - LFC:[MD5.14D9A057A082E00116A7A4415051D07C] - 20/04/2015 - 13:54:02 ---A- . (...) -- C:\Windows\System32\WFP.TMF [218228]
O44 - LFC:[MD5.EE16F3E01C4A6C77383F1BBBD10AD6C2] - 20/04/2015 - 13:54:02 ---A- . (.Microsoft Corporation - API de Modo de Usuário FWP/IPsec.) -- C:\Windows\System32\FWPUCLNT.DLL [596480]
O44 - LFC:[MD5.4687EE0C0DD2CE5F7AAA9C2E33C1DC78] - 20/04/2015 - 13:54:02 ---A- . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\IKEEXT.DLL [444928]
O44 - LFC:[MD5.2321379B7924CD3F50D95A25FCC79EFC] - 20/04/2015 - 13:54:04 ---A- . (.Microsoft Corporation - Microsoft ActiveMovie Control Type Library.) -- C:\Windows\System32\amcompat.tlb [18432]
O44 - LFC:[MD5.8EC93A9C48DDCB89FB6B66AA2C84BED3] - 20/04/2015 - 13:54:04 ---A- . (.Microsoft Corporation - Windows Media Player 6.4 Type Library.) -- C:\Windows\System32\msdxm.tlb [43520]
O44 - LFC:[MD5.B52E8C97C4B1085FCE930B16042CB971] - 20/04/2015 - 13:54:06 ---A- . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll [313344]
O44 - LFC:[MD5.25944D2CC49E0A6C581D02A74B7D6645] - 20/04/2015 - 13:54:16 ---A- . (.Microsoft Corporation - Tempo de Execução da Estrutura de Driver em.) -- C:\Windows\System32\Drivers\Wdf01000.sys [527064]
O44 - LFC:[MD5.695DB97B018FB06F693F37108322AA1E] - 20/04/2015 - 13:54:29 ---A- . (.Microsoft Corporation - DLL cliente da API BASE do Windows NT.) -- C:\Windows\System32\kernel32.dll [894464]
O44 - LFC:[MD5.B44B59C85DC2C2D39542F97BF545A308] - 20/04/2015 - 13:54:32 ---A- . (.Microsoft Corporation - Microsoft (R) Console Based Script Host.) -- C:\Windows\System32\cscript.exe [135168]
O44 - LFC:[MD5.DDEA43CDF00D6987F633F80AE4B7F2CE] - 20/04/2015 - 13:54:32 ---A- . (.Microsoft Corporation - Microsoft (R) Script Runtime.) -- C:\Windows\System32\scrrun.dll [172032]
O44 - LFC:[MD5.F9D5C623E913CDAA198ECF0E6D2AA54A] - 20/04/2015 - 13:54:32 ---A- . (.Microsoft Corporation - Microsoft (R) Windows Script Controller.) -- C:\Windows\System32\wshcon.dll [36864]
O44 - LFC:[MD5.1D0A82B11235D68CF55A54B2ADECB9F1] - 20/04/2015 - 13:54:33 ---A- . (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\wscript.exe [155648]
O44 - LFC:[MD5.2497FD012104DFF64BF01DA98ECF6F75] - 20/04/2015 - 13:54:33 ---A- . (.Microsoft Corporation - Windows Script Host Runtime Library.) -- C:\Windows\System32\wshom.ocx [131072]
O44 - LFC:[MD5.5827CF5BBA5AEBDB416556E076A19EAF] - 20/04/2015 - 13:54:45 ---A- . (.Microsoft Corporation - Active Directory Certificate Services Encod.) -- C:\Windows\System32\certenc.dll [41984]
O44 - LFC:[MD5.84BDC77A844493FCD76858B52690F31B] - 20/04/2015 - 13:54:45 ---A- . (.Microsoft Corporation - CertUtil.exe.) -- C:\Windows\System32\certutil.exe [812544]
O44 - LFC:[MD5.0317420D419E1885894B3ED9D375D245] - 20/04/2015 - 13:54:57 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [993792]
O44 - LFC:[MD5.C43A71C2845C88D7E5A8A26D3850BDFB] - 20/04/2015 - 13:55:00 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\System32\WMVDECOD.DLL [1548288]
O44 - LFC:[MD5.2D3D47B93E0BE86EEBB261734AB5B6A1] - 20/04/2015 - 13:55:07 ---A- . (.Microsoft Corporation - Print System COM component host.) -- C:\Windows\System32\printcom.dll [37376]
O44 - LFC:[MD5.A4E7946B71BBDF8708C7AC97FD9E9008] - 20/04/2015 - 13:55:08 ---A- . (.Microsoft Corporation - Provedor de Impressão do Processo do Client.) -- C:\Windows\System32\win32spl.dll [443904]
O44 - LFC:[MD5.8FFDEB99EAC611D617016F2174D48FC6] - 20/04/2015 - 13:55:11 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [739328]
O44 - LFC:[MD5.C43DECDAC58C0A43E0376A216590F40A] - 20/04/2015 - 13:55:13 ---A- . (.Microsoft Corporation - Tempo de execução do DirectShow..) -- C:\Windows\System32\quartz.dll [1314816]
O44 - LFC:[MD5.420B075CD71AB9E58D15DD258958FBA3] - 20/04/2015 - 13:55:14 ---A- . (.Microsoft Corporation - Biblioteca de utilitário abreviado para She.) -- C:\Windows\System32\shlwapi.dll [353280]
O44 - LFC:[MD5.2A6A2C09ECC2CB495628E45F1379ECE8] - 20/04/2015 - 13:55:17 ---A- . (.Microsoft Corporation - Plug-in de compatibilidade com versões ante.) -- C:\Windows\System32\taskcomp.dll [270336]
O44 - LFC:[MD5.3D50C4B10352367D5CB20ED1F50F8DA2] - 20/04/2015 - 13:55:18 ---A- . (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) -- C:\Windows\System32\taskeng.exe [171520]
O44 - LFC:[MD5.1A58069DB21D05EB2AB58EE5753EBE8D] - 20/04/2015 - 13:55:18 ---A- . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [601600]
O44 - LFC:[MD5.52E129522C1775DBB8CC252E7A0655C7] - 20/04/2015 - 13:55:18 ---A- . (.Microsoft Corporation - Task Scheduler COM API.) -- C:\Windows\System32\taskschd.dll [352768]
O44 - LFC:[MD5.220DD3DF04EDE0BCA371F6C44171CFB7] - 20/04/2015 - 13:55:18 ---A- . (.Microsoft Corporation - WMI CMI Plugin.) -- C:\Windows\System32\wmicmiplugin.dll [345600]
O44 - LFC:[MD5.73FF24E21B690625A58109637DDA0DF7] - 20/04/2015 - 13:55:36 ---A- . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\Drivers\usbvideo.sys [134272]
O44 - LFC:[MD5.300DB877AC094FEAB0BE7688C3454A9C] - 20/04/2015 - 13:55:39 ---A- . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) -- C:\Windows\System32\Drivers\tunnel.sys [25088]
O44 - LFC:[MD5.1998BD97F950680BB55F55A7244679C2] - 20/04/2015 - 13:55:39 ---A- . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em u.) -- C:\Windows\System32\iphlpsvc.dll [200704]
O44 - LFC:[MD5.608C345A255D82A6289C2D468EB41FD7] - 20/04/2015 - 13:55:39 ---A- . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\System32\Drivers\tcpipreg.sys [30720]
O44 - LFC:[MD5.0857BDD856888D78E6E991CDDA49A4B8] - 20/04/2015 - 13:55:42 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm [220672]
O44 - LFC:[MD5.8A64A3F68F0E24917759852C842DCD74] - 20/04/2015 - 13:55:42 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm [62464]
O44 - LFC:[MD5.421613767407C639E9E115B092A0EE3B] - 20/04/2015 - 13:55:44 ---A- . (.Microsoft Corporation - Stream Buffer IO DLL.) -- C:\Windows\System32\sbeio.dll [153088]
O44 - LFC:[MD5.5CAA8398B6A769B24880C18DA4185BEC] - 20/04/2015 - 13:55:45 ---A- . (.Microsoft Corporation - DirectShow MPEG-2 Splitter..) -- C:\Windows\System32\mpg2splt.ax [177664]
O44 - LFC:[MD5.14E9E1A4472C7D0BB7A2A7A26D60CB35] - 20/04/2015 - 13:55:45 ---A- . (.Microsoft Corporation - DirectShow Stream Buffer Filter..) -- C:\Windows\System32\sbe.dll [322560]
O44 - LFC:[MD5.1E06779EDB55D035DD3F4A2B7432A291] - 20/04/2015 - 13:56:10 ---A- . (.Microsoft Corporation - MSXML 6.0 SP2.) -- C:\Windows\System32\msxml6.dll [1401344]
O44 - LFC:[MD5.648AB74D9C104FB500B6C4EEDC6A8772] - 20/04/2015 - 13:56:12 ---A- . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\System32\wmpmde.dll [867328]
O44 - LFC:[MD5.44056325428A8E4C755830426E29878F] - 20/04/2015 - 13:56:33 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [23552]
O44 - LFC:[MD5.2AE6BCEBD85D31317E433733DAF25888] - 20/04/2015 - 13:56:34 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [197632]
O44 - LFC:[MD5.153E8515CB86F8BB5D1A8B478EBF4BB2] - 20/04/2015 - 13:56:34 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [39936]
O44 - LFC:[MD5.B09C74A41F26B08149707EA5E7F956C2] - 20/04/2015 - 13:56:34 ---A- . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\Windows\System32\Drivers\usbport.sys [226304]
O44 - LFC:[MD5.AAB0B5F72D2D726FBFDC895A2902DE1D] - 20/04/2015 - 13:56:34 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [73216]
O44 - LFC:[MD5.FE619ED13CE12F5B43C04E3EA061BBD6] - 20/04/2015 - 13:56:34 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [6016]
O44 - LFC:[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - 20/04/2015 - 13:56:35 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys [273408]
O44 - LFC:[MD5.17AF64D727545F2804F6E6D998327E3F] - 20/04/2015 - 13:56:37 ---A- . (.Microsoft Corporation - Windows NT CRT DLL.) -- C:\Windows\System32\msvcrt.dll [680448]
O44 - LFC:[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - 20/04/2015 - 13:56:38 ---A- . (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) -- C:\Windows\System32\Drivers\ntfs.sys [1082232]
O44 - LFC:[MD5.F99DDD5E4F807B43E8B85DCD5F4B59EA] - 20/04/2015 - 13:56:47 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\System32\GameUXLegacyGDFs.dll [4240384]
O44 - LFC:[MD5.61FB963F6EFDB10CCBB2819A8A7555A5] - 20/04/2015 - 13:56:47 ---A- . (.Microsoft Corporation - Módulo de Ajuda da Compatibilidade do Aplic.) -- C:\Windows\System32\Apphlpdm.dll [28672]
O44 - LFC:[MD5.9A75518600FBA10980EE94267CA98489] - 20/04/2015 - 13:56:48 ---A- . (.Microsoft Corporation - Explorador de Jogos.) -- C:\Windows\System32\gameux.dll [1696256]
O44 - LFC:[MD5.13CC59C1B04E9F20A87987C68CD4BE3F] - 20/04/2015 - 13:56:51 ---A- . (.Microsoft Corporation - Windows cryptographic library.) -- C:\Windows\System32\ncrypt.dll [204288]
O44 - LFC:[MD5.3D418A22A56471295AEB1CEB9027C3DA] - 20/04/2015 - 13:56:54 ---A- . (.Microsoft Corporation - Routing Utilities.) -- C:\Windows\System32\rtutils.dll [36864]
O44 - LFC:[MD5.1217AEB3DBED42C54ADD826EDDC21660] - 20/04/2015 - 13:57:31 ---A- . (.Microsoft Corporation - XPS to GDI Converter.) -- C:\Windows\System32\XpsGdiConverter.dll [288768]
O44 - LFC:[MD5.2A64FE405579BB073FBABD68AF1468E7] - 20/04/2015 - 13:57:35 ---A- . (.Microsoft Corporation - Biblioteca MFCDLL Compartilhada - Versão Co.) -- C:\Windows\System32\mfc40u.dll [954288]
O44 - LFC:[MD5.82D5C25C2757EE8093EB29A316EC09B3] - 20/04/2015 - 13:57:36 ---A- . (.Microsoft Corporation - Biblioteca MFCDLL Compartilhada - Versão Co.) -- C:\Windows\System32\mfc40.dll [954752]
O44 - LFC:[MD5.A4941E30143F6FD4EC670C5F897BF2E8] - 20/04/2015 - 13:58:02 ---A- . (.Microsoft Corporation - Windows Media MPEG-4 S Video Decoder.) -- C:\Windows\System32\MP4SDECD.DLL [317952]
O44 - LFC:[MD5.4B19A9A4191353007E9819A832B81186] - 20/04/2015 - 13:58:05 ---A- . (.Microsoft Corporation - Miniaplicativo Data e Hora do Painel de Con.) -- C:\Windows\System32\timedate.cpl [714240]
O44 - LFC:[MD5.69407A3E716210A27CD1DAC2DBC8D658] - 20/04/2015 - 13:58:07 ---A- . (.Microsoft Corporation - Edição com o DirectShow..) -- C:\Windows\System32\qedit.dll [506880]
O44 - LFC:[MD5.7605C0E1D01A08F3ECD743F38B834A44] - 20/04/2015 - 13:58:09 ---A- . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.sys [102400]
O44 - LFC:[MD5.FF33AFF99564B1AA534F58868CBE41EF] - 20/04/2015 - 13:58:09 ---A- . (.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\Windows\System32\Drivers\srv2.sys [146432]
O44 - LFC:[MD5.98B656EAF128CD06F625B09C84D959E1] - 20/04/2015 - 13:58:16 ---A- . (.Microsoft Corporation - Net Win32 API DLL.) -- C:\Windows\System32\netapi32.dll [467968]
O44 - LFC:[MD5.31F57ACBE76A0E17976E18614DE58399] - 20/04/2015 - 13:58:18 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [37376]
O44 - LFC:[MD5.5C2C209CDEFBC51D83D66E8A53B2BE89] - 20/04/2015 - 13:58:18 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [638400]
O44 - LFC:[MD5.A623666C8A8EC9A57DCA07915A3F1EC6] - 20/04/2015 - 13:58:23 ---A- . (.Microsoft Corporation - Backup do Windows da Microsoft®.) -- C:\Windows\System32\sdclt.exe [1169408]
O44 - LFC:[MD5.C7230FBEE14437716701C15BE02C27B8] - 20/04/2015 - 13:58:30 ---A- . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [247808]
O44 - LFC:[MD5.786DB5771F05EF300390399F626BF30A] - 20/04/2015 - 13:58:37 ---A- . (.Microsoft Corporation - Driver de cópia de sombra de volume.) -- C:\Windows\System32\Drivers\volsnap.sys [224640]
O44 - LFC:[MD5.E389C328AC7FE5673593ECAD269E7A54] - 20/04/2015 - 13:58:40 ---A- . (.Microsoft Corporation - Tempo de Execução da Chamada de Procediment.) -- C:\Windows\System32\rpcrt4.dll [783360]
O44 - LFC:[MD5.57390AF2F8939AB038FC4A5D10B50D52] - 20/04/2015 - 13:58:56 ---A- . (.Microsoft Corporation - Extensão do Painel de Controle FX do Sistem.) -- C:\Windows\System32\SysFxUI.dll [335360]
O44 - LFC:[MD5.2A63675F6FA8EF0FF9F5C72695584CAA] - 20/04/2015 - 13:58:56 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Descrambler Filter.) -- C:\Windows\System32\Drivers\drmk.sys [130048]
O44 - LFC:[MD5.6DBA75306DD9B242B6F1C343179AD201] - 20/04/2015 - 13:58:56 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\Windows\System32\Drivers\portcls.sys [167936]
O44 - LFC:[MD5.BFA034AAC103D8A6F591AC9364688339] - 20/04/2015 - 13:58:58 ---A- . (.Microsoft Corporation - Microsoft T2Embed Font Embedding.) -- C:\Windows\System32\t2embed.dll [157184]
O44 - LFC:[MD5.1DB69705B695B987082C8BAEC0C6B34F] - 20/04/2015 - 13:59:01 ---A- . (.Microsoft Corporation - DLL do Serviço de Estação de Trabalho.) -- C:\Windows\System32\wkssvc.dll [160256]
O44 - LFC:[MD5.B9C2B89F08670E159F7181891E449CD9] - 20/04/2015 - 13:59:02 ---A- . (.Microsoft Corporation - Partition Management Driver.) -- C:\Windows\System32\Drivers\partmgr.sys [53120]
O44 - LFC:[MD5.9258E6D71D65B90A9308978085B934AA] - 20/04/2015 - 13:59:03 ---A- . (.Microsoft Corporation - Microsoft DirectPlay.) -- C:\Windows\System32\dpnet.dll [376320]
O44 - LFC:[MD5.F189F4921D3C24AC96861AA27D329B9B] - 20/04/2015 - 13:59:03 ---A- . (.Microsoft Corporation - Servidor Microsoft DirectPlay8.) -- C:\Windows\System32\dpnsvr.exe [23040]
O44 - LFC:[MD5.8554097E5136C3BF9F69FE578A1B35F4] - 20/04/2015 - 14:00:17 ---A- . (.Microsoft Corporation - Aplicativo de subsistema de spooler.) -- C:\Windows\System32\spoolsv.exe [128000]
O44 - LFC:[MD5.D0F138624B9B49F349C5D3D2341199A1] - 20/04/2015 - 14:00:18 ---A- . (.Microsoft Corporation - Filtros de Marcadores XDSCodec & Criptograf.) -- C:\Windows\System32\EncDec.dll [429056]
O44 - LFC:[MD5.9586E7CB2255A8B097A7E4538202585E] - 20/04/2015 - 14:00:20 ---A- . (.Microsoft Corporation - Microsoft OLE para Windows e Windows NT.) -- C:\Windows\System32\ole32.dll [1316864]
O44 - LFC:[MD5.409F36C8BD06FCE184631EB4142B009A] - 20/04/2015 - 14:00:22 ---A- . (.Microsoft Corporation - ATL Module for Windows XP (Unicode).) -- C:\Windows\System32\atl.dll [71680]
O44 - LFC:[MD5.A6950BA89334D51EC281904781B89BD2] - 20/04/2015 - 14:00:24 ---A- . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\asycfilt.dll [67072]
O44 - LFC:[MD5.1D99767E82C4C2CB1C9AD8F094ACCC2A] - 20/04/2015 - 14:00:25 ---A- . (.Microsoft Corporation - DNSCache Unattend Generic Command.) -- C:\Windows\System32\dnscacheugc.exe [25088]
O44 - LFC:[MD5.57D762F6F5974AF0DA2BE88A3349BAAA] - 20/04/2015 - 14:00:25 ---A- . (.Microsoft Corporation - Serviço de resolução de cache do DNS.) -- C:\Windows\System32\dnsrslvr.dll [86528]
O44 - LFC:[MD5.85E861D0B88DB2B54ACB0839654C09F7] - 20/04/2015 - 14:00:26 ---A- . (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\System32\dnsapi.dll [168448]
O44 - LFC:[MD5.C3CB1B40AD4A0124D617A1199B0B9D7C] - 20/04/2015 - 14:00:27 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys [79872]
O44 - LFC:[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - 20/04/2015 - 14:00:27 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\Drivers\mrxsmb.sys [106496]
O44 - LFC:[MD5.4FCCB34D793B116423209C0F8B7A3B03] - 20/04/2015 - 14:00:28 ---A- . (.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32\Drivers\mrxsmb10.sys [214016]
O44 - LFC:[MD5.41987F9FC0E61ADF54F581E15029AD91] - 20/04/2015 - 14:00:29 ---A- . (.Microsoft Corporation - Server driver.) -- C:\Windows\System32\Drivers\srv.sys [305152]
O44 - LFC:[MD5.50ABE7CDA2DAE898216121D14092C182] - 20/04/2015 - 14:00:32 ---A- . (.Microsoft Corporation - Windows Media Playback/Authoring DLL.) -- C:\Windows\System32\WMVCORE.DLL [2386944]
O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 20/04/2015 - 19:00:34 ---A- . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll [81920]
O44 - LFC:[MD5.C7B0746FCD576D7EEBA6A2530B0B2966] - 20/04/2015 - 19:00:37 ---A- . (.Microsoft Corporation - TCP/IP Driver.) -- C:\Windows\System32\Drivers\tcpip.sys [905664]
O44 - LFC:[MD5.EF24642D5FB52A1EEF56DE9E47CBB993] - 20/04/2015 - 19:00:47 ---A- . (.Microsoft Corporation - Biblioteca MFCDLL Compartilhada - Versão Co.) -- C:\Windows\System32\mfc42.dll [1136640]
O44 - LFC:[MD5.1B593FBB763150BD225DF266C69A9329] - 20/04/2015 - 19:00:47 ---A- . (.Microsoft Corporation - Biblioteca MFCDLL Compartilhada - Versão Co.) -- C:\Windows\System32\mfc42u.dll [1162240]
O44 - LFC:[MD5.E87F6492F5406287EDF05DF40BB86780] - 20/04/2015 - 19:01:20 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [102608]
O44 - LFC:[MD5.63396CBB1365769D520E0FD89C2419F2] - 20/04/2015 - 19:02:17 ---A- . (.Microsoft Corporation - DLL do spooler local.) -- C:\Windows\System32\localspl.dll [623616]
O44 - LFC:[MD5.622C41A07CA7E6DD91770F50D532CB6C] - 20/04/2015 - 19:02:21 ---A- . (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\Drivers\dfsc.sys [75264]
O44 - LFC:[MD5.FF8FCDF1913016813AFB966A0F41B299] - 20/04/2015 - 19:02:23 ---A- . (.Microsoft Corporation - Controlador MCI para seqüenciador MIDI.) -- C:\Windows\System32\mciseq.dll [23552]
O44 - LFC:[MD5.14FF750EFE13B0C21E5A06507C3A97B1] - 20/04/2015 - 19:02:23 ---A- . (.Microsoft Corporation - MCI API DLL.) -- C:\Windows\System32\winmm.dll [189952]
O44 - LFC:[MD5.18B2C06EF8DC3FAF83C074089024391E] - 20/04/2015 - 19:02:27 ---A- . (...) -- C:\Windows\System32\wlan.tmf [2501921]
O44 - LFC:[MD5.C08178DB25AA6BDD033A7BCEE51926C2] - 20/04/2015 - 19:02:27 ---A- . (.Microsoft Corporation - Classes do Auxiliar de Diagnóstico de Segur.) -- C:\Windows\System32\L2SecHC.dll [127488]
O44 - LFC:[MD5.17C0E094BEE5BC03CF491972F71AA6EF] - 20/04/2015 - 19:02:27 ---A- . (.Microsoft Corporation - DLL de API do Cliente de Configuração Autom.) -- C:\Windows\System32\wlanapi.dll [65024]
O44 - LFC:[MD5.C008405E4FEEB069E30DA1D823910234] - 20/04/2015 - 19:02:27 ---A- . (.Microsoft Corporation - DLL do Serviço de Configuração Automática d.) -- C:\Windows\System32\wlansvc.dll [513536]
O44 - LFC:[MD5.3727F8B85E24BBDD325BFF75F029DDE3] - 20/04/2015 - 19:02:27 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 MSM DLL.) -- C:\Windows\System32\wlanmsm.dll [293376]
O44 - LFC:[MD5.4662AF853DFAD5648CE3814E7D9EF3D6] - 20/04/2015 - 19:02:27 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 MSM Security Mo.) -- C:\Windows\System32\wlansec.dll [302592]
O44 - LFC:[MD5.35F376253F687BDE63976CCB3F2108CA] - 20/04/2015 - 19:02:30 ---A- . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Windows\System32\Drivers\bowser.sys [69632]
O44 - LFC:[MD5.351FA1DF82CFFDEDA801604246E63E95] - 20/04/2015 - 19:02:32 ---A- . (.Microsoft Corporation - DLL Interface to TermDD Device Driver.) -- C:\Windows\System32\icaapi.dll [15872]
O44 - LFC:[MD5.F4EAA7ECBCB25DE901C9B7F2CDCDA0B3] - 20/04/2015 - 19:02:32 ---A- . (.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\Drivers\tssecsrv.sys [24064]
O44 - LFC:[MD5.60840945586A62FCFFD6C3597F8035E5] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - Aplicativo Hostname.) -- C:\Windows\System32\HOSTNAME.EXE [8704]
O44 - LFC:[MD5.7015022E8158E382A6AC73912B456ECA] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - Comando Arp do TCP/IP.) -- C:\Windows\System32\ARP.EXE [19968]
O44 - LFC:[MD5.E6EDFE3DB66028E4455DF14C25D1B3D4] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - Comando Finger do TCP/IP.) -- C:\Windows\System32\finger.exe [10240]
O44 - LFC:[MD5.E54FA72D9BB028CADA7EB973F06442A9] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - Comando Netstat do TCP/IP.) -- C:\Windows\System32\NETSTAT.EXE [27136]
O44 - LFC:[MD5.2EDF2D42EF46DF131ABC14D9592881B1] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - Comando de rota TCP/IP.) -- C:\Windows\System32\ROUTE.EXE [17920]
O44 - LFC:[MD5.0BD4C230A75675CFD4865A759FE60B96] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - Informações de multicast.) -- C:\Windows\System32\MRINFO.EXE [11264]
O44 - LFC:[MD5.A275FBB7C99458C12E088DFF3E58EB4D] - 20/04/2015 - 19:03:19 ---A- . (.Microsoft Corporation - TCP/IP Services Application.) -- C:\Windows\System32\TCPSVCS.EXE [9728]
O44 - LFC:[MD5.B1B3391B59BA5D2B6D0795E4EC1D0EB6] - 20/04/2015 - 19:03:20 ---A- . (.Microsoft Corporation - DLL do Netio Helper.) -- C:\Windows\System32\netiohlp.dll [105984]
O44 - LFC:[MD5.862363973DCBCC31DD161EF41A69153C] - 20/04/2015 - 19:03:30 ---A- . (.Microsoft Corporation - ODBC Driver Manager.) -- C:\Windows\System32\odbc32.dll [413696]
O44 - LFC:[MD5.1B45ED071775A5E8BF51682EC5B61231] - 20/04/2015 - 19:03:33 ---A- . (.Microsoft Corporation - Microsoft MPEG-2 Section and Table Acquisit.) -- C:\Windows\System32\Mpeg2Data.ax [69632]
O44 - LFC:[MD5.D1AE4D2D559C23CE9DE4B3B10A90B901] - 20/04/2015 - 19:03:33 ---A- . (.Microsoft Corporation - Microsoft Network Provider for MPEG2 based.) -- C:\Windows\System32\MSDvbNP.ax [57856]
O44 - LFC:[MD5.959A4BC486951267EE6343A431A92B12] - 20/04/2015 - 19:03:33 ---A- . (.Microsoft Corporation - Microsoft SI/PSI parser for MPEG2 based net.) -- C:\Windows\System32\psisdecd.dll [293376]
O44 - LFC:[MD5.3A78D48221D32BC99C4B11B112D6EADA] - 20/04/2015 - 19:03:33 ---A- . (.Microsoft Corporation - Microsoft Transport Information Filter for.) -- C:\Windows\System32\psisrndr.ax [217088]
O44 - LFC:[MD5.FB3E5FD7F74BFC301AD3FB7DE670EDCB] - 20/04/2015 - 19:03:40 ---A- . (.Microsoft Corporation - Uniscribe Unicode script processor.) -- C:\Windows\System32\usp10.dll [502784]
O44 - LFC:[MD5.9441A231C0AA0712F7CF3B10D9CFCF76] - 20/04/2015 - 19:04:00 ---A- . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.DLL [8147456]
O44 - LFC:[MD5.015E99A7634B93E8BB0380C70F3D2CC3] - 20/04/2015 - 19:04:03 ---A- . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll [10628096]
O44 - LFC:[MD5.950343D413EEDC3A24472BB2046CFB59] - 20/04/2015 - 19:06:25 ---A- . (.Microsoft Corporation - Windows Briefcase Engine.) -- C:\Windows\System32\synceng.dll [75776]
O44 - LFC:[MD5.FD44FA80DA03EA144153A76DEBBB61B4] - 21/04/2015 - 00:29:33 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [35064]
O44 - LFC:[MD5.9F3A1B7FB81A41C7C7AC82B3D07A1091] - 21/04/2015 - 00:42:12 ---A- . (.Microsoft Corporation - XPS Printing DLL.) -- C:\Windows\System32\XpsPrint.dll [876032]
O44 - LFC:[MD5.E0F15C8A63D2FCC40D0A6F9354DF0118] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Direct3D 10 Runtime.) -- C:\Windows\System32\d3d10.dll [1029120]
O44 - LFC:[MD5.2067598D57CCD988A88BBBDDD6EAE13D] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Direct3D 10 Runtime.) -- C:\Windows\System32\d3d10core.dll [189952]
O44 - LFC:[MD5.F64812456BD11244322F0B0F1B236841] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Direct3D 10 to Direct3D9 Translation Runtim.) -- C:\Windows\System32\d3d10level9.dll [486400]
O44 - LFC:[MD5.1D1C3BBA2191F0F5B14555757DDB729A] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Direct3D 10.1 Runtime.) -- C:\Windows\System32\d3d10_1.dll [160768]
O44 - LFC:[MD5.2434237DFBC70483B63A667B9573891E] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Direct3D 10.1 Runtime.) -- C:\Windows\System32\d3d10_1core.dll [219648]
O44 - LFC:[MD5.E828C391BB999BD85C15DA20B51CDF9C] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Microsoft D2D Library.) -- C:\Windows\System32\d2d1.dll [683008]
O44 - LFC:[MD5.2AFA3A46986AE935DAECEBC7E66314CF] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Serviço de Cache de Fontes do Windows.) -- C:\Windows\System32\FntCache.dll [798208]
O44 - LFC:[MD5.9BD443B52350D2784544B637F103EBCF] - 21/04/2015 - 00:42:25 ---A- . (.Microsoft Corporation - Serviços de Tipografia de DirectX da Micros.) -- C:\Windows\System32\DWrite.dll [1069056]
O44 - LFC:[MD5.52673DCDFA7687EABC0C779894D0F4FF] - 21/04/2015 - 00:42:26 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [1172480]
O44 - LFC:[MD5.7CFE68BDC065E55AA5E8421607037511] - 21/04/2015 - 01:27:02 ---A- . (.Microsoft Corporation - Serviço WSMan.) -- C:\Windows\System32\WsmSvc.dll [1181696]
O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 21/04/2015 - 01:27:03 ---A- . (...) -- C:\Windows\System32\WsmTxt.xsl [2426]
O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 21/04/2015 - 01:27:03 ---A- . (...) -- C:\Windows\System32\winrm.vbs [201184]
O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 21/04/2015 - 01:27:03 ---A- . (...) -- C:\Windows\System32\wsmanconfig_schema.xml [4675]
O44 - LFC:[MD5.DE21E8012F3946A647C9B38A636EE9EC] - 21/04/2015 - 01:27:03 ---A- . (.Microsoft Corporation - WSMAN Automation.) -- C:\Windows\System32\WsmAuto.dll [145408]
O44 - LFC:[MD5.148DB2E11E0A44FEB053250303BA02DD] - 21/04/2015 - 01:27:03 ---A- . (.Microsoft Corporation - WSMAN WMI Provider.) -- C:\Windows\System32\WsmWmiPl.dll [214016]
O44 - LFC:[MD5.6D106AB92DDE6B605A74E13147039CA6] - 21/04/2015 - 01:27:03 ---A- . (.Microsoft Corporation - WSMan HTTP Configuration File.) -- C:\Windows\System32\WSManHTTPConfig.exe [246272]
O44 - LFC:[MD5.6B57C7A878B176E6D95200CEF19DDEEC] - 21/04/2015 - 01:27:03 ---A- . (.Microsoft Corporation - WinRM Migration Plugin.) -- C:\Windows\System32\WSManMigrationPlugin.dll [252416]
O44 - LFC:[MD5.D1C18ACA47C53DA18FAD42C8FB9D6BE3] - 21/04/2015 - 01:27:03 ---A- . (.Microsoft Corporation - remtsvc.) -- C:\Windows\System32\winrscmd.dll [241152]
O44 - LFC:[MD5.F7D20026623E7136730FC42E25CBD2E6] - 21/04/2015 - 01:27:05 ---A- . (.Microsoft Corporation - Event Collector Configuration API.) -- C:\Windows\System32\wecapi.dll [56320]
O44 - LFC:[MD5.AE3736E7E8892241C23E4EBBB7453B60] - 21/04/2015 - 01:27:05 ---A- . (.Microsoft Corporation - Serviço Coletor de Eventos.) -- C:\Windows\System32\wecsvc.dll [146944]
O44 - LFC:[MD5.B48DB26FF92EA10802DDA092E4B44872] - 21/04/2015 - 01:27:05 ---A- . (.Microsoft Corporation - Utilitário de Linha de Comando Coletor de E.) -- C:\Windows\System32\wecutil.exe [79872]
O44 - LFC:[MD5.D595A88D377366F93AFAEA20B8764A50] - 21/04/2015 - 01:27:05 ---A- . (.Microsoft Corporation - WS-Management Event Forwarding Plug-in.) -- C:\Windows\System32\wevtfwd.dll [81408]
O44 - LFC:[MD5.1311171CF8F6D2954441EF2A42693035] - 21/04/2015 - 01:27:05 ---A- . (.Microsoft Corporation - WSMan Resource DLL.) -- C:\Windows\System32\WsmRes.dll [54272]
O44 - LFC:[MD5.9E07A84FF9532B3DE8886A84F28EEB99] - 21/04/2015 - 01:27:05 ---A- . (.Microsoft Corporation - pwrshplugin.dll.) -- C:\Windows\System32\pwrshplugin.dll [41472]
O44 - LFC:[MD5.12C7EAF8A0EF6DE0066AAB801DCA021F] - 21/04/2015 - 01:27:06 ---A- . (.Microsoft Corporation - winrs.) -- C:\Windows\System32\winrs.exe [40448]
O44 - LFC:[MD5.2662DBEAD02082F1AB671E550B56E920] - 21/04/2015 - 01:27:06 ---A- . (.Microsoft Corporation - winrscmde.) -- C:\Windows\System32\winrshost.exe [20480]
O44 - LFC:[MD5.19CFA2BAEE7FA471786897A0113B52D9] - 21/04/2015 - 01:27:06 ---A- . (.Microsoft Corporation - winrssrv.) -- C:\Windows\System32\winrssrv.dll [10240]
O44 - LFC:[MD5.D80AAE1CDAFAC1E0ADEDC7D312EF61D0] - 21/04/2015 - 01:27:06 ---A- . (.Microsoft Corporation - wsmplpxy.) -- C:\Windows\System32\wsmplpxy.dll [10240]
O44 - LFC:[MD5.9A626BF1143410771075503B2AB3F564] - 21/04/2015 - 01:27:06 ---A- . (.Microsoft Corporation - wsmprovhost.) -- C:\Windows\System32\wsmprovhost.exe [12800]
O44 - LFC:[MD5.3FA837E3C30334BA8CA5EEB2B375D50C] - 21/04/2015 - 01:27:10 ---A- . (.Microsoft Corporation - WSMan Shell API.) -- C:\Windows\System32\winrsmgr.dll [2048]
O44 - LFC:[MD5.15515AE1540B4EE2B75DF63FC15129DF] - 21/04/2015 - 01:38:49 ---A- . (.Microsoft Corporation - Extensible Performance Counter Shim.) -- C:\Windows\System32\netfxperf.dll [49472]
O44 - LFC:[MD5.302964DCAC79D618CC7B72C778DA9FD2] - 21/04/2015 - 01:38:49 ---A- . (.Microsoft Corporation - Host do Windows Presentation Foundation.) -- C:\Windows\System32\PresentationHost.exe [295264]
O44 - LFC:[MD5.128DD9AF8640DBCC711940903C8B554F] - 21/04/2015 - 01:38:49 ---A- . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll [297808]
O44 - LFC:[MD5.DFF617498211FBB3D8D3FCC51A37B777] - 21/04/2015 - 01:38:49 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Host Proxy.) -- C:\Windows\System32\PresentationHostProxy.dll [99176]
O44 - LFC:[MD5.0D8FBC644E556C40E06B7EB25A73F6E5] - 21/04/2015 - 01:46:14 ---A- . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\oleaut32.dll [564224]
O44 - LFC:[MD5.BC4C024BDC8B676CC58BCE1D5BA7BC04] - 21/04/2015 - 01:51:25 ---A- . (.Microsoft Corporation - Gerenciador de Objetos 2.) -- C:\Windows\System32\packager.dll [67072]
O44 - LFC:[MD5.1DE1C07B256961012DCE0674EA488DE7] - 21/04/2015 - 01:52:05 ---A- . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll [499200]
O44 - LFC:[MD5.2205A220A264E8C8B86492BF3D112907] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Componentes API do Dispositivo Portátil do.) -- C:\Windows\System32\PortableDeviceApi.dll [334848]
O44 - LFC:[MD5.E92143D1B2E32FAF6CC56FD97B908F6A] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Extensão Shell dos Dispositivos Portáteis.) -- C:\Windows\System32\wpdshext.dll [2537472]
O44 - LFC:[MD5.81072240917688254A55C1C568B2377B] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Instalador da Classe de Instalação de Drive.) -- C:\Windows\System32\wpd_ci.dll [546816]
O44 - LFC:[MD5.49456BFE373D90B895795C5A1A13A7C8] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - WMDM Service Provider for Windows Portable.) -- C:\Windows\System32\WPDSp.dll [350208]
O44 - LFC:[MD5.883D02AB5D350BC45E0F60E8CFA97FDC] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Windows Portable Device (Parameter) Types C.) -- C:\Windows\System32\PortableDeviceTypes.dll [160256]
O44 - LFC:[MD5.B2B117BD8D1EA80536CDD91797EF4A0A] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Windows Portable Device Class Extension Com.) -- C:\Windows\System32\PortableDeviceClassExtension.dll [100864]
O44 - LFC:[MD5.6B5C53E0932C510606D700B7A896EF73] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\Windows\System32\WPDShServiceObj.dll [87552]
O44 - LFC:[MD5.C220FC95DA7AD00AB03C184AFDDC5314] - 21/04/2015 - 01:59:42 ---A- . (.Microsoft Corporation - Windows Portable Device WMDRM Component.) -- C:\Windows\System32\PortableDeviceWMDRM.dll [196608]
O44 - LFC:[MD5.B53BD9E63867CD9FD853F666CA172713] - 21/04/2015 - 01:59:43 ---A- . (.Microsoft Corporation - Portable Device Connection API Components.) -- C:\Windows\System32\PortableDeviceConnectApi.dll [60928]
O44 - LFC:[MD5.801FBDB89D472B3C467EB112A0FC9246] - 21/04/2015 - 01:59:45 ---A- . (.Microsoft Corporation - Enumerador de Dispositivos Portáteis.) -- C:\Windows\System32\wpdbusenum.dll [81920]
O44 - LFC:[MD5.9B9108D3019C18BD6D38B860813E6E52] - 21/04/2015 - 01:59:45 ---A- . (.Microsoft Corporation - Manipulador de Menu de Contexto MTP Bluetoo.) -- C:\Windows\System32\BthMtpContextHandler.dll [31232]
O44 - LFC:[MD5.1D7D7E32A80109D5C3167309265EAC83] - 21/04/2015 - 01:59:45 ---A- . (.Microsoft Corporation - Manipulador de Reprodução Automática da Ext.) -- C:\Windows\System32\WPDShextAutoplay.exe [30208]
O44 - LFC:[MD5.8C459CFAC2FB3DFB693BCFEC32F25407] - 21/04/2015 - 02:00:25 ---A- . (.Microsoft Corporation - Estrutura da Faixa de Opções do Windows.) -- C:\Windows\System32\UIRibbon.dll [3023360]
O44 - LFC:[MD5.D6BACADF83661F08F9E1515AAE74B03E] - 21/04/2015 - 02:00:25 ---A- . (.Microsoft Corporation - Windows Animation Manager.) -- C:\Windows\System32\UIAnimation.dll [92672]
O44 - LFC:[MD5.22C2646DD3ED24004F994D0DA9755955] - 21/04/2015 - 02:00:25 ---A- . (.Microsoft Corporation - Windows Ribbon Framework Resources.) -- C:\Windows\System32\UIRibbonRes.dll [1164800]
O44 - LFC:[MD5.D7E28676D83AE6568CCF99BD01700734] - 21/04/2015 - 02:02:57 ---A- . (.Microsoft Corporation - DLL do recurso Fusos Horários.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.B0584CA7DEF55929FDB5169BD28B2484] - 21/04/2015 - 02:03:35 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys [115200]
O44 - LFC:[MD5.DBD84E59D631569EC3E756EF144E8431] - 21/04/2015 - 02:04:05 ---A- . (.Microsoft Corporation - Gerenciador de conexões remotas do Terminal.) -- C:\Windows\System32\termsrv.dll [449536]
O44 - LFC:[MD5.51992CC4DF2DB150950C6CB505556B9A] - 21/04/2015 - 02:04:06 ---A- . (.Microsoft Corporation - DLL de eventos de auditoria de segurança.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.15F315B53C69930BF907D9A0FFCB6206] - 21/04/2015 - 02:04:06 ---A- . (.Microsoft Corporation - DLL do Esquema de auditoria de segurança.) -- C:\Windows\System32\adtschema.dll [619520]
O44 - LFC:[MD5.8580484193CE0A0788830FBAB97CF13B] - 21/04/2015 - 02:05:57 ---A- . (.Microsoft Corporation - ClickOnce Application Deployment Support Li.) -- C:\Windows\System32\dfshim.dll [1131664]
O44 - LFC:[MD5.653DFC2662680AB61232E1531147558A] - 21/04/2015 - 02:05:58 ---A- . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll [81560]
O44 - LFC:[MD5.842DE20A6487D830A458DDB5E0363F13] - 21/04/2015 - 02:05:58 ---A- . (.Microsoft Corporation - Recursos do IE em TE do Microsoft .NET.) -- C:\Windows\System32\mscorier.dll [156824]
O44 - LFC:[MD5.9F0BF29BB9D6E77C6F909412FB052F1D] - 21/04/2015 - 02:07:01 ---A- . (.Microsoft Corporation - Driver Win32 multiusuário.) -- C:\Windows\System32\win32k.sys [2064384]
O44 - LFC:[MD5.BFC1892FFA0E8D3351EF59D6E3F39A2F] - 21/04/2015 - 02:07:31 ---A- . (.Microsoft Corporation - MSXML 3.0 SP10.) -- C:\Windows\System32\msxml3.dll [1249280]
O44 - LFC:[MD5.06A9049BA8B9F20D755CF03FD12E8AFD] - 21/04/2015 - 02:07:31 ---A- . (.Microsoft Corporation - XML Resources.) -- C:\Windows\System32\msxml3r.dll [2048]
O44 - LFC:[MD5.E66A29C118DE2FE3E5766E5C7A2E8E2B] - 21/04/2015 - 02:09:01 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480]
O44 - LFC:[MD5.667A4DAAD3AA57B1051484BAC057CF7C] - 21/04/2015 - 02:09:04 ---A- . (.Microsoft Corporation - Windows CardSpace User Interface Agent.) -- C:\Windows\System32\icardagt.exe [619664]
O44 - LFC:[MD5.A86F5EEC0ACEC16906532F2B1A7C00B6] - 21/04/2015 - 02:09:04 ---A- . (.Microsoft Corporation - Windows CardSpace.) -- C:\Windows\System32\icardres.dll [8856]
O44 - LFC:[MD5.3662E6500C477AC0DFAECE4CF7B163B8] - 21/04/2015 - 02:09:05 ---A- . (.Microsoft Corporation - Microsoft InfoCards.) -- C:\Windows\System32\infocardapi.dll [99480]
O44 - LFC:[MD5.217B3071BA854D5D704EE24CFF7E5F9C] - 21/04/2015 - 02:17:17 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [975360]
O44 - LFC:[MD5.AC841E83E5B0914C700D236AC2E84BB0] - 21/04/2015 - 02:19:14 ---A- . (.Microsoft Corporation - Codec de Foto do Windows Media.) -- C:\Windows\System32\WMPhoto.dll [369664]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/04/2015 - 00:11:27 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/04/2015 - 00:11:28 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdFs_01_07_00.Wdf [0]
O44 - LFC:[MD5.2C5616B65330A543D016F41DDC33F735] - 22/04/2015 - 00:14:57 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [228664]
O44 - LFC:[MD5.1BF5EEBFD518DD7298434D8C862F825D] - 22/04/2015 - 00:50:58 ---A- . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [125952]
O44 - LFC:[MD5.1F774CEDD6E96893CEE86AFEF1CCF57F] - 22/04/2015 - 00:50:58 ---A- . (.Microsoft Corporation - Manipulador de eventos da rede.) -- C:\Windows\System32\netevent.dll [17920]
O44 - LFC:[MD5.1EF562CB56E714BC6220FE2FFCFD58F6] - 22/04/2015 - 01:00:43 ---A- . (...) -- C:\Windows\setupact.log [3172]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 22/04/2015 - 01:40:43 ---A- . (...) -- C:\Windows\MBR.exe [208896]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 22/04/2015 - 01:40:43 ---A- . (...) -- C:\Windows\PEV.exe [256000]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 22/04/2015 - 01:40:43 ---A- . (...) -- C:\Windows\grep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 22/04/2015 - 01:40:43 ---A- . (...) -- C:\Windows\sed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 22/04/2015 - 01:40:43 ---A- . (...) -- C:\Windows\zip.exe [68096]
O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 22/04/2015 - 01:40:43 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416]
O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 22/04/2015 - 01:40:43 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144]
O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 22/04/2015 - 01:40:43 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528]
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 22/04/2015 - 01:46:57 ---A- . (...) -- C:\Windows\system.ini [215]
O44 - LFC:[MD5.740C4F7E73D2A35C750133C8162D42DE] - 22/04/2015 - 01:47:58 ---A- . (...) -- C:\ComboFix.txt [14179]
O44 - LFC:[MD5.AB73A39A5E45F465B02C11C500BB0278] - 22/04/2015 - 02:06:55 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [23256]
O44 - LFC:[MD5.C2730E796F3A84DE3D4FCFF899028838] - 22/04/2015 - 02:06:55 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888]
O44 - LFC:[MD5.17A18AC4B266F74EE6BB163156AA38AC] - 22/04/2015 - 02:06:55 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [51928]
O44 - LFC:[MD5.377602E869DA9C05AC67CA3A5019A051] - 22/04/2015 - 03:00:09 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [3604920]
O44 - LFC:[MD5.952EA6E27E3A16F02F85C10BB7F4752A] - 22/04/2015 - 03:00:09 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3552184]
O44 - LFC:[MD5.D9DD1D278927A9CD5FF135887928C8EC] - 22/04/2015 - 03:00:10 ---A- . (.Microsoft Corporation - Client Server Runtime Process.) -- C:\Windows\System32\csrsrv.dll [49152]
O44 - LFC:[MD5.E33CD56F2F344658C6000821611BBBD7] - 22/04/2015 - 03:00:10 ---A- . (.Microsoft Corporation - DLL de nível do NT.) -- C:\Windows\System32\ntdll.dll [1205168]
O44 - LFC:[MD5.B5C66E0B251D954D6CED30E4FDB07792] - 22/04/2015 - 03:00:10 ---A- . (.Microsoft Corporation - Windows Session Manager.) -- C:\Windows\System32\smss.exe [64000]
O44 - LFC:[MD5.5D9311526801643000D7032A83B18B12] - 22/04/2015 - 03:00:20 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\clfs.sys [244152]
O44 - LFC:[MD5.2FF4B8BA9805BABA5E8FB923AF44F480] - 22/04/2015 - 03:00:20 ---A- . (.Microsoft Corporation - Common Log Marshalling Win32 DLL.) -- C:\Windows\System32\clfsw32.dll [57344]
O44 - LFC:[MD5.1359F3CD7DF4D105C6C70CCE671F8520] - 22/04/2015 - 03:07:03 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [297984]
O44 - LFC:[MD5.B5EAA49A2B428E8FA66BF62602EDDFB1] - 23/04/2015 - 00:11:53 ---A- . (...) -- C:\Windows\PFRO.log [802]
O44 - LFC:[MD5.72AA0787E935A0E8BA362D33D525763C] - 23/04/2015 - 00:12:58 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.04B309A1A653177994630C2773E659F1] - 23/04/2015 - 00:14:20 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O44 - LFC:[MD5.26A6A4B8A3E45622853216653DD5C966] - 23/04/2015 - 00:17:05 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1503098]
O44 - LFC:[MD5.CF1CAD85AEFDBE26967BA32F862F9E35] - 23/04/2015 - 00:21:01 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1463430]
O44 - LFC:[MD5.333CF5C7FA03DE5093631A983E792A51] - 23/04/2015 - 00:21:01 ---A- . (...) -- C:\Windows\System32\perfc009.dat [104070]
O44 - LFC:[MD5.DF1DA7883084580C22673033FA646403] - 23/04/2015 - 00:21:01 ---A- . (...) -- C:\Windows\System32\perfh009.dat [595996]
O44 - LFC:[MD5.F78630DD730E753CD0291900AB5B0527] - 23/04/2015 - 00:21:01 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [123836]
O44 - LFC:[MD5.E10CA361149CA1F4672A178A73F47227] - 23/04/2015 - 00:21:01 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [638346]
~ Files: 401 Scanned in 00mn 30s



---\\ Negação do serviço (Local Security Authority) (048)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Controlo do Modo de Segurança (CSB) (49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Pesquisa de infeções nos drivers (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:20/01/2008 - 23:21:29 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:20/01/2008 - 23:21:33 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600]
O58 - SDL:20/01/2008 - 23:21:34 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432]
O58 - SDL:20/01/2008 - 23:21:35 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560]
O58 - SDL:20/01/2008 - 23:21:09 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464]
O58 - SDL:20/01/2008 - 23:21:32 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [79416]
O58 - SDL:20/01/2008 - 23:21:32 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [79928]
O58 - SDL:17/12/2008 - 05:56:50 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL6.SYS [1331192]
O58 - SDL:02/11/2006 - 05:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:02/11/2006 - 05:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:02/11/2006 - 05:25:24 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [71808]
O58 - SDL:02/11/2006 - 05:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:02/11/2006 - 05:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:02/11/2006 - 05:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:20/01/2008 - 23:21:09 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [19000]
O58 - SDL:02/11/2006 - 06:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [71272]
O58 - SDL:20/01/2008 - 23:21:33 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784]
O58 - SDL:20/01/2008 - 23:21:30 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:11/04/2009 - 10:18:59 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [69096]
O58 - SDL:20/01/2008 - 23:21:31 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [235064]
O58 - SDL:16/01/2009 - 09:53:32 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [4568064]
O58 - SDL:02/11/2006 - 06:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41576]
O58 - SDL:02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:20/01/2008 - 23:21:31 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [96312]
O58 - SDL:20/01/2008 - 23:21:33 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89656]
O58 - SDL:20/01/2008 - 23:21:31 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96312]
O58 - SDL:17/03/2015 - 06:15:22 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [23256]
O58 - SDL:17/03/2015 - 06:15:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [92888]
O58 - SDL:23/04/2015 - 00:14:20 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [119512]
O58 - SDL:20/01/2008 - 23:21:35 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [31288]
O58 - SDL:20/01/2008 - 23:21:35 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [386616]
O58 - SDL:02/11/2006 - 06:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [33384]
O58 - SDL:17/03/2015 - 06:15:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [51928]
O58 - SDL:02/11/2006 - 06:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [45160]
O58 - SDL:02/11/2006 - 04:36:50 ---A- . (.N-trig Innovative Technologies - Driver nativo digitalizador de tablet N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys [20608]
O58 - SDL:20/01/2008 - 23:21:29 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [102968]
O58 - SDL:20/01/2008 - 23:21:29 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [45112]
O58 - SDL:20/01/2008 - 23:21:33 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1122360]
O58 - SDL:02/11/2006 - 06:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106088]
O58 - SDL:02/11/2006 - 03:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:20/01/2008 - 23:21:34 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [74808]
O58 - SDL:02/11/2006 - 06:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [35944]
O58 - SDL:02/11/2006 - 06:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [31848]
O58 - SDL:02/11/2006 - 06:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [34920]
O58 - SDL:21/04/2015 - 00:29:33 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [35064]
O58 - SDL:20/01/2008 - 23:21:28 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:20/01/2008 - 23:21:31 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:20/01/2008 - 23:21:09 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [20024]
O58 - SDL:20/01/2008 - 23:21:32 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [130616]
O58 - SDL:01/09/2008 - 07:19:40 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\System32\Drivers\yk60x86.sys [304128]
O58 - SDL:02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 67 Scanned in 00mn 04s



---\\ Últimos ficheiros alterados ou criados (Utilizador) (061)
O61 - LFC: 20/04/2015 - 00:22:35 R--A- . (...) -- C:\Users\Logikoma\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe [119808]
O61 - LFC: 20/04/2015 - 00:22:36 ---A- . (.SosVirus.) -- C:\Users\Logikoma\Downloads\AdsFix.exe [2459784]
O61 - LFC: 21/04/2015 - 00:22:35 ---A- . (...) -- C:\Users\Logikoma\AppData\Roaming\ZHP\ZHPCleaner.exe [1807360] =>.Nicolas Coolman
O61 - LFC: 22/04/2015 - 00:22:36 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Logikoma\Downloads\mbam-setup-2.1.4.1018.exe [21540440]
O61 - LFC: 22/04/2015 - 00:22:36 ---A- . (.Malwarebytes.) -- C:\Users\Logikoma\Downloads\mbae-setup-1.06.1.1019.exe [3020968]
O61 - LFC: 22/04/2015 - 00:22:36 R---- . (.Swearware.) -- C:\Users\Logikoma\Downloads\ComboFix.exe [5619466]
~ 2 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 6 Scanned in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 08/04/2015 - C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys (ESProtectionDriver) .(...) - LEGACY_ESPROTECTIONDRIVER
O64 - Services: CurCS - 17/03/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 23/04/2015 - C:\Windows\system32\drivers\MBAMSwissArmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - 17/03/2015 - C:\Windows\system32\drivers\mwac.sys (MBAMWebAccessControl) .(.Malwarebytes Corporation - Malwarebytes Web Access Control.) - LEGACY_MBAMWEBACCESSCONTROL
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 21/04/2015 - C:\Windows\system32\drivers\TrueSight.sys (TrueSight) .(...) - LEGACY_TRUESIGHT
~ Legacy: 69 Scanned in 00mn 00s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Listagem dos serviços iniciados pelo Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [444928]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [316928]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft(R) Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de conexões remotas do Terminal Server.) -- C:\Windows\System32\termsrv.dll [449536]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração dos Serviços de Terminal.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [68096]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\System32\appmgmts.dll [148992]
~ Services: 32 Scanned in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 20/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 27/03/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 20/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 08/04/2015 656184 | (MbaeSvc) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
SR - | Auto 17/03/2015 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 17/03/2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 20/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 12s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBR) (080)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Logikoma at 23/04/2015 00:23:02
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys dxgkrnl.sys igdkmd32.sys partmgr.sys volmgr.sys fvevol.sys ecache.sys volsnap.sys Ntfs.sys
C:\Windows\system32\DRIVERS\igdkmd32.sys Intel Corporation Intel Graphics Accelerator Drivers for Windows Vista(R)
1 ntkrnlpa!IofCallDriver[0x81A5E936] >> \Device\Harddisk0\DR0[0x85252420]
3 CLASSPNP[0x89FC98B3] >> ntkrnlpa!IofCallDriver[0x81A5E936] >> \Device\Ide\IdeDeviceP0T0L0-0[0x84D0D8A0]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Scanned in 00mn 02s



---\\ Pesquisa de infeção no Registo Mestre de Inicialização (MBRCheck) (080)
Written by ad13, http://ad13.geekstog
Run by Logikoma at 23/04/2015 00:23:04
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scâner Aditional (088)
Database Version : 13008 - (20/04/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 114954 Items scanned in 00mn 20s



---\\ Informações complémentaires do módulos
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Gestão do Proxy (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 2 Scanned in 00mn 00s



End of the scan (1168 lines in 02mn 27s)(0.4)

Publicité


Signaler le contenu de ce document

Publicité