[Resolvido!] Não consigo instalar antivirus

crynofhell · Agosto 11, 2010

Boa noite, queria ajuda o que acontece é que nao consigo intalar um antivirus já formatei o computador porem continua ocorrendo o mesmo problema

no caso do avira a tela de intalação some do nada e do avast reinicia o computador... nao sei o que esta acontecendo alguem pode me ajudar ai obrigado desde já !!!

wings · Agosto 11, 2010

Boa noite....

*Baixe o RSIT e salve-o no desktop

*Execute o RSIT e clique em [Continue]

*Ao término do processo, cole o relatório criado em C:\rsit\log.txt

crynofhell · Agosto 11, 2010

Logfile of random's system information tool 1.08 (written by random/random)

Run by Brega Night at 2010-08-10 23:18:31

Microsoft Windows XP Professional Service Pack 3

System drive C: has 76 GB (95%) free of 80 GB

Total RAM: 1015 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:18:41, on 10/8/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

c:\arquivos de programas\idt\5902xp_6033v_012208\wdm\STacSV.exe

C:\Arquivos de programas\IDT\WDM\sttray.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

C:\Arquivos de programas\Spyware Doctor\pctsTray.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Brega Night\Meus documentos\Downloads\RSIT.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Arquivos de programas\trend micro\Brega Night.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [iSTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\arquivos de programas\idt\5902xp_6033v_012208\wdm\STacSV.exe

--

End of file - 4599 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SysTrayApp"=C:\Arquivos de programas\IDT\WDM\sttray.exe [2008-09-18 516198]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-06 219928]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-06 224024]

"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-06 219928]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"ISTray"=C:\Arquivos de programas\Spyware Doctor\pctsTray.exe [2008-12-08 1173384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"msnmsgr"=C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2007-06-22 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"ForceClassicControlPanel"=1

"NoSMConfigurePrograms"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\setup.exe"="D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\setup.exe:*:Enabled:ipsec"

"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"

"C:\DOCUME~1\BREGAN~1\CONFIG~1\Temp\xsvwj.exe"="C:\DOCUME~1\BREGAN~1\CONFIG~1\Temp\xsvwj.exe:*:Enabled:ipsec"

"c:\arquivos de programas\idt\5902xp_6033v_012208\wdm\STacSV.exe"="c:\arquivos de programas\idt\5902xp_6033v_012208\wdm\STacSV.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\winhbtoxe.exe"="C:\WINDOWS\TEMP\winhbtoxe.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\once.exe"="C:\WINDOWS\TEMP\once.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\wintfxxr.exe"="C:\WINDOWS\TEMP\wintfxxr.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\wingxfhxr.exe"="C:\WINDOWS\TEMP\wingxfhxr.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\bqfpai.exe"="C:\WINDOWS\TEMP\bqfpai.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\ytel.exe"="C:\WINDOWS\TEMP\ytel.exe:*:Enabled:ipsec"

"C:\WINDOWS\TEMP\w6861a.exe"="C:\WINDOWS\TEMP\w6861a.exe:*:Enabled:ipsec"

"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe"="C:\Arquivos de programas\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-08-10 23:18:31 ----D---- C:\rsit

2010-08-10 23:18:31 ----D---- C:\Arquivos de programas\trend micro

2010-08-10 22:55:25 ----A---- C:\WINDOWS\system32\drivers\pctgntdi.sys

2010-08-10 22:55:19 ----AD---- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2010-08-10 22:55:18 ----A---- C:\WINDOWS\system32\drivers\PCTCore.sys

2010-08-10 22:55:18 ----A---- C:\WINDOWS\system32\drivers\PCTAppEvent.sys

2010-08-10 22:55:12 ----D---- C:\Arquivos de programas\Arquivos comuns\PC Tools

2010-08-10 22:55:11 ----A---- C:\WINDOWS\system32\drivers\pctplsg.sys

2010-08-10 22:55:06 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\PC Tools

2010-08-10 22:55:06 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\PC Tools

2010-08-10 22:55:06 ----D---- C:\Arquivos de programas\Spyware Doctor

2010-08-10 22:39:36 ----D---- C:\Arquivos de programas\CCleaner

2010-08-10 22:18:30 ----D---- C:\Arquivos de programas\MiPony

2010-08-10 22:10:02 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

2010-08-10 22:09:52 ----D---- C:\WINDOWS\Minidump

2010-08-10 22:06:19 ----D---- C:\Arquivos de programas\Asprate

2010-08-10 22:05:01 ----D---- C:\Arquivos de programas\WinRAR

2010-08-10 22:04:33 ----D---- C:\Arquivos de programas\Tibia

2010-08-10 21:48:43 ----D---- C:\WINDOWS\system32\LogFiles

2010-08-10 21:47:34 ----D---- C:\Arquivos de programas\Messenger Plus! Live

2010-08-10 21:37:18 ----D---- C:\Arquivos de programas\Microsoft

2010-08-10 21:37:02 ----D---- C:\Arquivos de programas\Windows Live SkyDrive

2010-08-10 21:32:31 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\Broad Intelligence

2010-08-10 21:26:22 ----A---- C:\WINDOWS\system32\igfxres.dll

2010-08-10 21:23:56 ----D---- C:\Arquivos de programas\MediaCoder

2010-08-10 21:20:23 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\Macromedia

2010-08-10 21:20:23 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\Adobe

2010-08-10 21:17:29 ----D---- C:\Arquivos de programas\DirectX

2010-08-10 21:13:27 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\Mozilla

2010-08-10 21:13:09 ----D---- C:\Arquivos de programas\Windows Live

2010-08-10 21:12:31 ----D---- C:\Arquivos de programas\Arquivos comuns\Windows Live

2010-08-10 21:12:10 ----D---- C:\Arquivos de programas\Mozilla Firefox

2010-08-10 20:59:14 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys

2010-08-10 20:59:13 ----D---- C:\WINDOWS\OPTIONS

2010-08-10 20:59:12 ----D---- C:\Arquivos de programas\Realtek

2010-08-10 20:59:02 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\InstallShield

2010-08-10 20:57:57 ----A---- C:\WINDOWS\system32\drivers\splitter.sys

2010-08-10 20:57:55 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys

2010-08-10 20:57:54 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys

2010-08-10 20:57:53 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys

2010-08-10 20:57:52 ----A---- C:\WINDOWS\system32\drivers\aec.sys

2010-08-10 20:57:51 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys

2010-08-10 20:57:50 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys

2010-08-10 20:57:49 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys

2010-08-10 20:57:48 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys

2010-08-10 20:57:47 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys

2010-08-10 20:57:46 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2010-08-10 20:57:38 ----A---- C:\WINDOWS\system32\stlang.dll

2010-08-10 20:57:38 ----A---- C:\WINDOWS\system32\stacsv.exe

2010-08-10 20:57:38 ----A---- C:\WINDOWS\sttray.exe

2010-08-10 20:57:37 ----A---- C:\WINDOWS\system32\ksuser.dll

2010-08-10 20:57:37 ----A---- C:\WINDOWS\system32\drivers\portcls.sys

2010-08-10 20:57:36 ----A---- C:\WINDOWS\system32\drivers\drmk.sys

2010-08-10 20:57:33 ----A---- C:\WINDOWS\system32\staco.dll

2010-08-10 20:57:29 ----A---- C:\WINDOWS\system32\stacapi.dll

2010-08-10 20:57:29 ----A---- C:\WINDOWS\system32\drivers\sthda.sys

2010-08-10 20:57:18 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2010-08-10 20:57:18 ----D---- C:\Arquivos de programas\IDT

2010-08-10 20:57:08 ----D---- C:\Arquivos de programas\Arquivos comuns\InstallShield

2010-08-10 20:33:28 ----A---- C:\WINDOWS\system32\igfxTMM.dll

2010-08-10 20:33:28 ----A---- C:\WINDOWS\system32\igfxCoIn_v1283.dll

2010-08-10 20:33:28 ----A---- C:\WINDOWS\system32\igdumd32.dll

2010-08-10 20:33:28 ----A---- C:\WINDOWS\system32\ig4icd32.dll

2010-08-10 20:33:28 ----A---- C:\WINDOWS\system32\ig4dev32.dll

2010-08-10 20:33:27 ----A---- C:\WINDOWS\system32\oemdspif.dll

2010-08-10 20:33:27 ----A---- C:\WINDOWS\system32\drivers\igdkmd32.sys

2010-08-10 20:31:08 ----A---- C:\WINDOWS\system32\igxprd32.dll

2010-08-10 20:31:08 ----A---- C:\WINDOWS\system32\igfxtray.exe

2010-08-10 20:31:08 ----A---- C:\WINDOWS\system32\igfxpers.exe

2010-08-10 20:31:08 ----A---- C:\WINDOWS\system32\igfxexps.dll

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\igxpgd32.dll

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\igxpdv32.dll

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\igldev32.dll

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\igfxsrvc.dll

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\igfxext.exe

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\igfxcfg.exe

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\hccutils.dll

2010-08-10 20:31:06 ----A---- C:\WINDOWS\system32\drivers\igxpmp32.sys

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igxpdx32.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\iglicd32.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxzoom.exe

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxsrvc.exe

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxress.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxpph.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxdo.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxdev.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\igfxCoIn_v4847.dll

2010-08-10 20:31:05 ----A---- C:\WINDOWS\system32\hkcmd.exe

2010-08-10 20:31:04 ----D---- C:\WINDOWS\system32\Lang

2010-08-10 20:31:04 ----A---- C:\WINDOWS\system32\igxpun.exe

2010-08-10 20:31:04 ----A---- C:\WINDOWS\system32\difxapi.dll

2010-08-10 20:23:37 ----D---- C:\WINDOWS\system32\ReinstallBackups

2010-08-10 20:23:35 ----DC---- C:\WINDOWS\system32\DRVSTORE

2010-08-10 20:23:35 ----D---- C:\Arquivos de programas\Intel

2010-08-10 20:23:28 ----D---- C:\Intel

2010-08-10 20:20:17 ----D---- C:\Documents and Settings\Brega Night\Dados de aplicativos\Identities

2010-08-10 20:20:16 ----HD---- C:\Arquivos de programas\Uninstall Information

2010-08-10 20:20:09 ----SD---- C:\Documents and Settings\Brega Night\Dados de aplicativos\Microsoft

2010-08-10 20:20:09 ----ASH---- C:\Documents and Settings\Brega Night\Dados de aplicativos\desktop.ini

2010-08-10 20:20:03 ----SHD---- C:\WINDOWS\CSC

2010-08-10 20:18:44 ----D---- C:\WINDOWS\SoftwareDistribution

2010-08-10 20:18:43 ----D---- C:\WINDOWS\Prefetch

2010-08-10 20:18:42 ----SD---- C:\WINDOWS\system32\Microsoft

2010-08-10 20:18:42 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-08-10 20:09:46 ----D---- C:\WINDOWS\system32\xircom

2010-08-10 20:09:46 ----D---- C:\Arquivos de programas\xerox

2010-08-10 20:09:46 ----D---- C:\Arquivos de programas\microsoft frontpage

2010-08-10 20:09:33 ----RASH---- C:\MSDOS.SYS

2010-08-10 20:09:33 ----RASH---- C:\IO.SYS

2010-08-10 20:09:33 ----A---- C:\WINDOWS\control.ini

2010-08-10 20:09:33 ----A---- C:\CONFIG.SYS

2010-08-10 20:09:33 ----A---- C:\AUTOEXEC.BAT

2010-08-10 20:09:19 ----A---- C:\WINDOWS\OEWABLog.txt

2010-08-10 20:09:16 ----A---- C:\WINDOWS\system32\mapi32.dll

2010-08-10 20:08:34 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-08-10 20:08:34 ----RD---- C:\WINDOWS\Offline Web Pages

2010-08-10 20:08:34 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2010-08-10 20:08:28 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2010-08-10 20:08:25 ----HD---- C:\Arquivos de programas\WindowsUpdate

2010-08-10 20:08:23 ----D---- C:\Arquivos de programas\Serviços on-line

2010-08-10 20:08:11 ----D---- C:\WINDOWS\system32\DirectX

2010-08-10 20:08:06 ----A---- C:\WINDOWS\system32\atrace.dll

2010-08-10 20:08:04 ----A---- C:\WINDOWS\system32\desktop.ini

2010-08-10 20:08:04 ----A---- C:\WINDOWS\desktop.ini

2010-08-10 20:07:59 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2010-08-10 20:07:58 ----A---- C:\WINDOWS\system32\acctres.dll

2010-08-10 20:07:57 ----D---- C:\Arquivos de programas\Arquivos comuns\Serviços

2010-08-10 20:07:55 ----SD---- C:\WINDOWS\Tasks

2010-08-10 20:07:55 ----D---- C:\Arquivos de programas\Arquivos comuns\MSSoap

2010-08-10 20:07:55 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2010-08-10 20:07:52 ----D---- C:\WINDOWS\srchasst

2010-08-10 20:07:51 ----D---- C:\WINDOWS\system32\Macromed

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wuweb.dll

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wups.dll

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wucltui.dll

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wuauserv.dll

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wuaueng.dll

2010-08-10 20:07:49 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\wuauclt.exe

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\wuapi.dll

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\qmgr.dll

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\bitsprx4.dll

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2010-08-10 20:07:48 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2010-08-10 20:07:45 ----D---- C:\Arquivos de programas\Movie Maker

2010-08-10 20:07:32 ----A---- C:\WINDOWS\system32\safrslv.dll

2010-08-10 20:07:32 ----A---- C:\WINDOWS\system32\safrdm.dll

2010-08-10 20:07:32 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2010-08-10 20:07:32 ----A---- C:\WINDOWS\system32\racpldlg.dll

2010-08-10 20:07:29 ----D---- C:\WINDOWS\system32\Restore

2010-08-10 20:07:29 ----A---- C:\WINDOWS\system32\srrstr.dll

2010-08-10 20:07:29 ----A---- C:\WINDOWS\system32\fltMc.exe

2010-08-10 20:07:29 ----A---- C:\WINDOWS\system32\fltlib.dll

2010-08-10 20:07:29 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\srsvc.dll

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\srclient.dll

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\mnmdd.dll

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\ils.dll

2010-08-10 20:07:28 ----A---- C:\WINDOWS\system32\drivers\sr.sys

2010-08-10 20:07:27 ----A---- C:\WINDOWS\system32\msconf.dll

2010-08-10 20:07:27 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2010-08-10 20:07:25 ----D---- C:\Arquivos de programas\NetMeeting

2010-08-10 20:07:25 ----A---- C:\WINDOWS\system32\msoert2.dll

2010-08-10 20:07:25 ----A---- C:\WINDOWS\system32\msoeacct.dll

2010-08-10 20:07:24 ----A---- C:\WINDOWS\system32\inetres.dll

2010-08-10 20:07:24 ----A---- C:\WINDOWS\system32\inetcomm.dll

2010-08-10 20:07:23 ----D---- C:\Arquivos de programas\Outlook Express

2010-08-10 20:07:23 ----A---- C:\WINDOWS\system32\schedsvc.dll

2010-08-10 20:07:23 ----A---- C:\WINDOWS\system32\mstinit.exe

2010-08-10 20:07:23 ----A---- C:\WINDOWS\system32\mstask.dll

2010-08-10 20:07:22 ----A---- C:\WINDOWS\system32\isign32.dll

2010-08-10 20:07:22 ----A---- C:\WINDOWS\system32\inetcfg.dll

2010-08-10 20:07:22 ----A---- C:\WINDOWS\system32\icwphbk.dll

2010-08-10 20:07:22 ----A---- C:\WINDOWS\system32\icwdial.dll

2010-08-10 20:07:18 ----D---- C:\Arquivos de programas\Arquivos comuns\System

2010-08-10 20:07:13 ----D---- C:\Arquivos de programas\Internet Explorer

2010-08-10 20:06:43 ----D---- C:\Arquivos de programas\ComPlus Applications

2010-08-10 20:06:42 ----A---- C:\WINDOWS\vbaddin.ini

2010-08-10 20:06:42 ----A---- C:\WINDOWS\vb.ini

2010-08-10 20:06:38 ----D---- C:\WINDOWS\Registration

2010-08-10 20:06:32 ----D---- C:\Arquivos de programas\Windows Media Player

2010-08-10 20:06:27 ----D---- C:\Arquivos de programas\Messenger

2010-08-10 20:06:24 ----D---- C:\Arquivos de programas\MSN Gaming Zone

2010-08-10 20:06:24 ----A---- C:\WINDOWS\system32\write.exe

2010-08-10 20:06:17 ----A---- C:\WINDOWS\system32\sndvol32.exe

2010-08-10 20:06:17 ----A---- C:\WINDOWS\system32\hticons.dll

2010-08-10 20:06:17 ----A---- C:\WINDOWS\system32\avwav.dll

2010-08-10 20:06:17 ----A---- C:\WINDOWS\system32\avtapi.dll

2010-08-10 20:06:17 ----A---- C:\WINDOWS\system32\avmeter.dll

2010-08-10 20:06:16 ----A---- C:\WINDOWS\system32\winchat.exe

2010-08-10 20:06:11 ----A---- C:\WINDOWS\system32\winmine.exe

2010-08-10 20:06:11 ----A---- C:\WINDOWS\system32\sol.exe

2010-08-10 20:06:11 ----A---- C:\WINDOWS\system32\getuname.dll

2010-08-10 20:06:11 ----A---- C:\WINDOWS\system32\charmap.exe

2010-08-10 20:06:11 ----A---- C:\WINDOWS\system32\calc.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\tslabels.ini

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\tskill.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\tscon.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\shadow.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\rwinsta.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\reset.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\mshearts.exe

2010-08-10 20:06:10 ----A---- C:\WINDOWS\system32\freecell.exe

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\regini.exe

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\qwinsta.exe

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\qappsrv.exe

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\msg.exe

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\logoff.exe

2010-08-10 20:06:09 ----A---- C:\WINDOWS\system32\cdmodem.dll

2010-08-10 20:06:05 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2010-08-10 20:06:04 ----A---- C:\WINDOWS\system32\sndrec32.exe

2010-08-10 20:06:04 ----A---- C:\WINDOWS\system32\accwiz.exe

2010-08-10 20:06:03 ----D---- C:\Arquivos de programas\Windows NT

2010-08-10 20:06:03 ----A---- C:\WINDOWS\system32\mspaint.exe

2010-08-10 20:06:03 ----A---- C:\WINDOWS\system32\mplay32.exe

2010-08-10 20:06:03 ----A---- C:\WINDOWS\system32\hypertrm.dll

2010-08-10 20:06:03 ----A---- C:\WINDOWS\system32\clipbrd.exe

2010-08-10 20:06:02 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2010-08-10 20:06:02 ----A---- C:\WINDOWS\system32\spider.exe

2010-08-10 20:06:02 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys

2010-08-10 20:06:02 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys

2010-08-10 20:06:02 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys

2010-08-10 20:06:01 ----A---- C:\WINDOWS\system32\tsgqec.dll

2010-08-10 20:06:01 ----A---- C:\WINDOWS\system32\rhttpaa.dll

2010-08-10 20:06:01 ----A---- C:\WINDOWS\system32\mstscax.dll

2010-08-10 20:06:01 ----A---- C:\WINDOWS\system32\mstsc.exe

2010-08-10 20:06:01 ----A---- C:\WINDOWS\system32\aaclient.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\termsrv.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\sessmgr.exe

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\remotepg.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\rdshost.exe

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\rdpclip.exe

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\rdchost.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\qprocess.exe

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\icaapi.dll

2010-08-10 20:06:00 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2010-08-10 20:05:59 ----D---- C:\WINDOWS\system32\MsDtc

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\xolehlp.dll

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\mtxoci.dll

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\msdtctm.dll

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\msdtclog.dll

2010-08-10 20:05:59 ----A---- C:\WINDOWS\system32\msdtc.exe

2010-08-10 20:05:58 ----D---- C:\WINDOWS\system32\Com

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\mtxex.dll

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\mtxdm.dll

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\comrepl.dll

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\comaddin.dll

2010-08-10 20:05:58 ----A---- C:\WINDOWS\system32\colbact.dll

2010-08-10 20:05:57 ----A---- C:\WINDOWS\system32\stclient.dll

2010-08-10 20:05:57 ----A---- C:\WINDOWS\system32\comsvcs.dll

2010-08-10 20:05:57 ----A---- C:\WINDOWS\system32\clbcatex.dll

2010-08-10 20:05:57 ----A---- C:\WINDOWS\system32\catsrvut.dll

2010-08-10 20:05:57 ----A---- C:\WINDOWS\system32\catsrvps.dll

2010-08-10 20:05:57 ----A---- C:\WINDOWS\system32\catsrv.dll

2010-08-10 20:05:56 ----A---- C:\WINDOWS\system32\comuid.dll

2010-08-10 20:05:56 ----A---- C:\WINDOWS\system32\comsnap.dll

2010-08-10 20:05:56 ----A---- C:\WINDOWS\system32\clbcatq.dll

2010-08-10 20:05:51 ----A---- C:\WINDOWS\system32\servdeps.dll

2010-08-10 20:05:51 ----A---- C:\WINDOWS\system32\mmfutil.dll

2010-08-10 20:05:51 ----A---- C:\WINDOWS\system32\licwmi.dll

2010-08-10 20:05:51 ----A---- C:\WINDOWS\system32\cmprops.dll

2010-08-10 20:05:45 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

2010-08-10 20:05:45 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

2010-08-10 17:05:08 ----A---- C:\WINDOWS\system32\h323log.txt

2010-08-10 17:02:56 ----A---- C:\WINDOWS\system32\drivers\audstub.sys

2010-08-10 17:02:16 ----A---- C:\WINDOWS\system32\drivers\redbook.sys

2010-08-10 17:01:46 ----A---- C:\WINDOWS\system32\usbui.dll

2010-08-10 17:00:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-08-10 17:00:48 ----SHD---- C:\WINDOWS\Installer

2010-08-10 17:00:48 ----D---- C:\Arquivos de programas\Arquivos comuns\ODBC

2010-08-10 17:00:48 ----A---- C:\WINDOWS\ODBCINST.INI

2010-08-10 17:00:45 ----D---- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2010-08-10 17:00:45 ----D---- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

2010-08-10 17:00:44 ----RD---- C:\Arquivos de programas

2010-08-10 17:00:44 ----D---- C:\Arquivos de programas\Arquivos comuns

2010-08-10 17:00:42 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2010-08-10 17:00:42 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2010-08-10 17:00:42 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdur.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdru.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2010-08-10 17:00:40 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2010-08-10 17:00:39 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2010-08-10 17:00:37 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2010-08-10 17:00:37 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2010-08-10 17:00:37 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2010-08-10 17:00:37 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2010-08-10 17:00:37 ----RA---- C:\WINDOWS\system32\kbdest.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdro.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2010-08-10 17:00:36 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2010-08-10 17:00:32 ----A---- C:\WINDOWS\system32\spxcoins.dll

2010-08-10 17:00:32 ----A---- C:\WINDOWS\system32\irclass.dll

2010-08-10 17:00:32 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2010-08-10 17:00:32 ----A---- C:\WINDOWS\system32\dgsetup.dll

2010-08-10 17:00:32 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2010-08-10 17:00:30 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2010-08-10 17:00:30 ----A---- C:\WINDOWS\TASKMAN.EXE

2010-08-10 17:00:30 ----A---- C:\WINDOWS\system32\drivers\irenum.sys

2010-08-10 17:00:30 ----A---- C:\WINDOWS\system32\batt.dll

2010-08-10 17:00:29 ----A---- C:\WINDOWS\NOTEPAD.EXE

2010-08-10 17:00:28 ----A---- C:\WINDOWS\system32\storprop.dll

2010-08-10 17:00:21 ----ASH---- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini

2010-08-10 17:00:18 ----RA---- C:\WINDOWS\SET8.tmp

2010-08-10 17:00:16 ----RA---- C:\WINDOWS\SET4.tmp

2010-08-10 17:00:15 ----RA---- C:\WINDOWS\SET3.tmp

2010-08-10 17:00:09 ----D---- C:\WINDOWS\system32\CatRoot2

2010-08-10 17:00:09 ----D---- C:\WINDOWS\system32\CatRoot

2010-08-10 17:00:03 ----SD---- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft

2010-08-10 16:59:47 ----A---- C:\WINDOWS\setuplog.txt

2010-08-10 16:59:43 ----SHD---- C:\System Volume Information

2010-08-10 16:59:43 ----D---- C:\Documents and Settings

2010-08-10 16:59:09 ----SH---- C:\boot.ini

2010-08-10 16:53:55 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-08-10 16:53:55 ----RSD---- C:\WINDOWS\Fonts

2010-08-10 16:53:55 ----RD---- C:\WINDOWS\Web

2010-08-10 16:53:55 ----HD---- C:\WINDOWS\inf

2010-08-10 16:53:55 ----D---- C:\WINDOWS\WinSxS

2010-08-10 16:53:55 ----D---- C:\WINDOWS\twain_32

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Temp

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\wins

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\wbem

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\usmt

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\spool

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\ShellExt

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\Setup

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\ras

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\pt-BR

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\oobe

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\npp

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\mui

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\inetsrv

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\IME

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\icsxml

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\ias

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\export

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\drivers\etc

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\drivers\disdn

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\drivers

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\dhcp

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\config

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\3com_dmi

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\3076

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\2052

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1054

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1046

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1042

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1041

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1037

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1033

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1031

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1028

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32\1025

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system32

2010-08-10 16:53:55 ----D---- C:\WINDOWS\system

2010-08-10 16:53:55 ----D---- C:\WINDOWS\security

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Resources

2010-08-10 16:53:55 ----D---- C:\WINDOWS\repair

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Provisioning

2010-08-10 16:53:55 ----D---- C:\WINDOWS\PeerNet

2010-08-10 16:53:55 ----D---- C:\WINDOWS\pchealth

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Network Diagnostic

2010-08-10 16:53:55 ----D---- C:\WINDOWS\mui

2010-08-10 16:53:55 ----D---- C:\WINDOWS\msapps

2010-08-10 16:53:55 ----D---- C:\WINDOWS\msagent

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Media

2010-08-10 16:53:55 ----D---- C:\WINDOWS\L2Schemas

2010-08-10 16:53:55 ----D---- C:\WINDOWS\java

2010-08-10 16:53:55 ----D---- C:\WINDOWS\ime

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Help

2010-08-10 16:53:55 ----D---- C:\WINDOWS\ehome

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Driver Cache

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Debug

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Cursors

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Connection Wizard

2010-08-10 16:53:55 ----D---- C:\WINDOWS\Config

2010-08-10 16:53:55 ----D---- C:\WINDOWS\AppPatch

2010-08-10 16:53:55 ----D---- C:\WINDOWS\addins

2010-08-10 16:53:55 ----D---- C:\WINDOWS

2010-08-10 16:53:54 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 months======

2010-08-10 20:23:10 ----A---- C:\WINDOWS\system.ini

2010-08-10 20:09:33 ----A---- C:\WINDOWS\win.ini

2010-08-10 20:09:07 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys [2009-04-03 130936]

R1 intelppm;Driver de Processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40448]

R3 asc3360pr;asc3360pr; \??\C:\WINDOWS\system32\drivers\gemonn.sys []

R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-22 5762208]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-28 12288]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]

R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-09-18 1293149]

R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Arquivos de programas\MediaCoder\SysInfo.sys []

S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2007-05-31 1774080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 sdAuxService;PC Tools Auxiliary Service; C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]

R2 sdCoreService;PC Tools Security Service; C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]

R2 STacSV;Audio Service; c:\arquivos de programas\idt\5902xp_6033v_012208\wdm\STacSV.exe [2008-09-18 290908]

-----------------EOF-----------------

wings · Agosto 11, 2010

Seu PC está contaminado pelo Sality. Trata-se de um vírus de difícil remoção.

Podemos tentar...mas, antes:

Seu Windows está particdionado?

crynofhell · Agosto 11, 2010

Sim c: e d: formatei apenas o C: :S tem como remover sem ter que formatar a partição D: ?

wings · Agosto 11, 2010

Sim c: e d: formatei apenas o C: :S tem como remover sem ter que formatar a partição D: ?

Vamos tentar...mas, sem garantia de sucesso. OK?

*Baixe o SalityKiller e salve-o no desktop

*Extraia o seu conteúdo para C:\

*Desative a Restauração do Sistema

*Clique com o botão direito do mouse em Meu Computador > Propriedades > Restauração do Sistema > Selecione a caixa [] Desativar Restauração do Sistema > OK > Sim

*Este programa será executado em 2 janelas distintas ao mesmo tempo!!

*A primeira janela:

*Clique em [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -m

*Clique [OK]

*Mantenha a janela rodando. Não feche-a!! Se desejar, minimize-a.

*A segunda janela:

*Clique em [iniciar] > [Executar] > copie e cole: C:\salitykiller.exe -y -x -k -j -l sality.txt -v

*Clique [OK]

*Ao término, a janela 2 será fechada automaticamente. Feche, então, a janela 1.

*Cole o resumo localizado no final do arquivo C:\sality.txt, conforme mostrado abaixo:

23:57:51:0 Infected files: 8

23:57:51:0 Infected processes: 0

23:57:51:0 Infected threads: 2

23:57:51:0 Cured files: 8

23:57:51:0 Executed registry scripts: 1

crynofhell · Agosto 11, 2010

tipo eu fiz isso mais nao apareceu o Sality.txt

wings · Agosto 11, 2010

A segunda janela rodou ou abriu e fechou rápido?

crynofhell · Agosto 11, 2010

Abriu e Fechou Rapido

23:57:51:0 Infected files: 39

23:57:51:0 Infected processes: 0

23:57:51:0 Infected threads: 0

23:57:51:0 Cured files: 0

23:57:51:0 Executed registry scripts: 1

tipo eu rodei o programa ate o fim e os resultados foram esses nao sei se sao confiaveis pos na outra vez que rodei tinha dado 339 files infected

wings · Agosto 11, 2010

OK...

Repita novamente o procedimento só que na segunda janela use o seguinte comando:

C:\salitykiller.exe -y -x -j -l sality.txt -v

crynofhell · Agosto 11, 2010

completed

0:41:8:718 Infected files: 39

0:41:8:718 Infected processes: 0

0:41:8:718 Infected threads: 0

0:41:8:718 Cured files: 0

0:41:8:718 Executed registry scripts: 1

ta ai desculpa a demora estava esperando acabar

wings · Agosto 11, 2010

É...parece que será difícil a remoção.

1.

*Delete os arquivos C:\salitykiller.exe e C:\sality.txt

2.

*Baixe o Dr.WebCureit e salve-o no desktop

*Execute-o, clique em [Opções] e altere o idioma para "Português"

*Selecione a opção [Verificação completa] e clique na seta para iniciar o scan

*Ao término, clique em [Ficheiro] e selecione a opção [Guardar lista de relatórios] e salve-a no desktop

*Cole o relatório

crynofhell · Agosto 11, 2010

Processos em memória: C:\WINDOWS\explorer.exe:1844;;Win32.Sector.8;Erradicado.;

kb888111srvrtm.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\srvrtm\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\srvsp1\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2k3\jpn;Win32.Sector.5;Desinfectado.;

kb901105.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2k3\us;Win32.Sector.5;Desinfectado.;

kb888111w2ksp4.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2ksp4\us;Win32.Sector.5;Desinfectado.;

kb835221.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2k_xp\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp1.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\xpsp1\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp2.exe;C:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\xpsp2\us;Win32.Sector.5;Desinfectado.;

kb888111srvrtm.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\srvrtm\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\srvsp1\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2k3\jpn;Win32.Sector.5;Desinfectado.;

kb901105.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2k3\us;Win32.Sector.5;Desinfectado.;

kb888111w2ksp4.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2ksp4\us;Win32.Sector.5;Desinfectado.;

kb835221.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2k_xp\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp1.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\xpsp1\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp2.exe;D:\Animes\audio_945gcx_IDT095_1127\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\xpsp2\us;Win32.Sector.5;Desinfectado.;

kb888111srvrtm.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\srvrtm\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\srvsp1\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2k3\jpn;Win32.Sector.5;Desinfectado.;

kb901105.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2k3\us;Win32.Sector.5;Desinfectado.;

kb888111w2ksp4.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2ksp4\us;Win32.Sector.5;Desinfectado.;

kb835221.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\win2k_xp\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp1.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\xpsp1\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp2.exe;D:\Arquivos de programas\IDT\5902XP_6033V_012208\HDAQFE\xpsp2\us;Win32.Sector.5;Desinfectado.;

KB888111xpsp2.exe;D:\Arquivos de programas\Realtek\Audio\InstallShield;Win32.Sector.5;Desinfectado.;

IE8-WindowsXP-x86-PTB.exe;D:\Documents and Settings\Administrador\Dados de aplicativos\OpenCandy;Win32.Sector.5;Desinfectado.;

kb888111srvrtm.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\srvrtm\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\srvsp1\us;Win32.Sector.5;Desinfectado.;

KB901105.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2k3\jpn;Win32.Sector.5;Desinfectado.;

kb901105.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2k3\us;Win32.Sector.5;Desinfectado.;

kb888111w2ksp4.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2ksp4\us;Win32.Sector.5;Desinfectado.;

kb835221.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\win2k_xp\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp1.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\xpsp1\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp2.exe;D:\Documents and Settings\Administrador\Desktop\audio\v095_D5902.1_G2.0XP_D6052.2_G2.0V_RC_W_SDC\DISK1\HDAQFE\xpsp2\us;Win32.Sector.5;Desinfectado.;

kb888111srvrtm.exe;D:\Documents and Settings\Administrador\Desktop\audio\WDM_R189\MSHDQFE\Win2K3\us;Win32.Sector.5;Desinfectado.;

kb888111w2ksp4.exe;D:\Documents and Settings\Administrador\Desktop\audio\WDM_R189\MSHDQFE\Win2K_XP\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp1.exe;D:\Documents and Settings\Administrador\Desktop\audio\WDM_R189\MSHDQFE\Win2K_XP\us;Win32.Sector.5;Desinfectado.;

kb888111xpsp2.exe;D:\Documents and Settings\Administrador\Desktop\audio\WDM_R189\MSHDQFE\Win2K_XP\us;Win32.Sector.5;Desinfectado.;

A0000070.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000072.EXE;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000074.EXE;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000075.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000076.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000086.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000087.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000088.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

A0000089.exe;D:\System Volume Information\_restore{628002F7-96E6-470E-882A-2C8AF4015B52}\RP1;Win32.Sector.5;Desinfectado.;

Demorou muito para terminar e o computador ficou em um tipo de modo seguro.... olha foi esse o relatorio porém... tem muito mais coisaas desinfectado mas nao coube colei somente os que um nome um pouco diferente !!

wings · Agosto 11, 2010

OK

1.

*Delete o arquivo launch.exe, localizado no desktop, e o relatório.

2.

*Faça um scan online com o NOD32

*Ao término cole o relatório criado em C:\Arquivos de programas\EsetOnlineScanner\log

crynofhell · Agosto 11, 2010

nao consigo acessar esse link do download online

wings · Agosto 11, 2010

nao consigo acessar esse link do download online

Isso deve-se ao vírus. Ele ainda está ativo no PC.

Bom, não iremos continuar. Será perda de tempo.

Salve seus arquivos pessoais tipo: mp3, .doc, fotos, etc...

Não salve nenhum aplicativo (.exe)!!

Não salve nenhum programa!!

A fonte da contaminação pode estar em um programa na partição D.

Sugiro que siga o procedimento abaixo:

Formate ambas as partições.
Instale o Windows e o Office.

Com o PC limpo, baixe e instale um antivírus: Avast ou Avira.

Não adianta baixar agora o antivírus. Formate primeiro todo o PC!

Antes de instalar algum programa ou executar algum aplicativo (.exe), faça um scan do mesmo com o antivírus. Só assim você saberá quem foi fonte da contaminação. Geralmente deve-se ao uso de cracks e keygens. Evite o uso destes programas!!

Um abraço.

crynofhell · Agosto 11, 2010

pow irmao brigadão velho parece que nao tem geito msm Vlw!!

SO ME RESPONDE MAIS UMA COISA COMO EU FORMATO AS 2 PARTIÇOES? SEM FORMATAR 1 DE CADA VEIZ

wings · Agosto 11, 2010

Simples...

Após inserir o CD do XP, ele fornecerá a opção de deletar partições. Delete cada uma.

Depois, ele fornecerá opção de criar partição. Crie uma partição com o tamanho desejado e depois crie uma segunda.

Tudo isso está escrito no menu do CD após dar boot no PC com ele. Vá lendo com calma e seguindo os passos.

crynofhell · Agosto 11, 2010

e tbm tipo eu preciso dos driver de video e audio que estao na partição C: posso salvalos?

wings · Agosto 11, 2010

Quando você formatou o PC, o Windows identificou (ajustou) o vídeo?

Ele identificou o som do PC?

Arquivado

[Resolvido!] Não consigo instalar antivirus

Recommended Posts

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

crynofhell 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22