[Resolvido] &nbspNão consigo instalar nenhum anti-virus

[ZeroOfTheRebellion 0]

Log do Avenger:

 

 

Logfile of The Avenger Version 2.0, © by Swandog46

http://swandog46.geekstogo.com

 

Platform: Windows XP

 

*******************

 

Script file opened successfully.

Script file read successfully.

 

Backups directory opened successfully at C:\Avenger

 

*******************

 

Beginning to process script file:

 

Rootkit scan active.

No rootkits found!

 

 

Error: folder "C:\Arquivos de programas\uTorrentBar_PT" not found!

Deletion of folder "C:\Arquivos de programas\uTorrentBar_PT" failed!

Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)

--> the object does not exist

 

Folder "C:\Arquivos de programas\Expat Shield" deleted successfully.

Driver "ExpatShieldService" disabled successfully.

Driver "ExpatSrv" disabled successfully.

Driver "ExpatTrayService" disabled successfully.

Driver "ExpatWd" disabled successfully.

Driver "ExpatShieldService" deleted successfully.

Driver "ExpatSrv" deleted successfully.

Driver "ExpatTrayService" deleted successfully.

Driver "ExpatWd" deleted successfully.

 

Completed script processing.

 

*******************

 

Finished! Terminate.

 

Log do UsbFix:

 

############################## | UsbFix 7.042 | [supressão]

 

Usuário: familia (Administrador) # FAMILIA-208024A [ ]

Atualizado em 14/03/2011 por TeamXscript

Começou em 20:04:48 | 14/03/2011

Site: http://www.teamxscript.org

Submit your sample: http://www.teamxscript.org/Upload.php

Contato: TeamXscript.ElDesaparecido@gmail.com

 

CPU: Intel® Celeron® CPU 2.53GHz

Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3

Internet Explorer 6.0.2900.5512

 

Antivirus: AntiVir Desktop 10.0.1.56 [(!) Disabled | Updated]

RAM -> 503 Mb

C:\ (%systemdrive%) -> Disco fixo # 37 Gb (12 Mb livre - 31%) [] # NTFS

D:\ -> CD-ROM

E:\ -> Disco removível # 972 Mb (869 Mb livre - 89%) [] # FAT32

 

################## | Ficheiros # pastas infeciosos |

 

 

Supprimido ! C:\DOCUME~1\familia\CONFIG~1\Temp\_ir_tmpfnt_1

Supprimido ! C:\Recycler\S-1-5-21-2052111302-1801674531-1177238915-1003

 

################## | Registro |

 

Supprimido ! HKLM\software\microsoft\shared tools\msconfig\startupreg\

Supprimido ! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman

 

################## | Mountpoints2 |

 

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{dc7b353c-4a86-11e0-9bff-000fead80705}

 

################## | Listing |

 

[02/03/2011 - 17:39:53 | D ] C:\0a76e01f7341672f0af7cf

[13/03/2011 - 23:20:55 | N | 5721] C:\Ad-Report-CLEAN[1].txt

[14/03/2011 - 19:57:50 | D ] C:\Arquivos de programas

[21/02/2011 - 12:14:06 | N | 0] C:\AUTOEXEC.BAT

[14/03/2011 - 19:58:27 | D ] C:\Avenger

[14/03/2011 - 19:57:50 | N | 2212] C:\avenger.txt

[21/02/2011 - 12:06:38 | N | 211] C:\boot.ini

[14/04/2008 - 09:00:00 | N | 4952] C:\Bootfont.bin

[21/02/2011 - 12:14:06 | N | 0] C:\CONFIG.SYS

[21/02/2011 - 12:19:22 | D ] C:\Documents and Settings

[17/05/2010 - 15:15:04 | N | 2258] C:\eula.txt

[06/03/2011 - 04:35:04 | D ] C:\Expat Shield

[21/02/2011 - 12:14:06 | N | 0] C:\IO.SYS

[21/02/2011 - 12:14:06 | N | 0] C:\MSDOS.SYS

[14/04/2008 - 09:00:00 | N | 47564] C:\NTDETECT.COM

[14/04/2008 - 09:00:00 | N | 251696] C:\ntldr

[14/03/2011 - 19:58:04 | ASH | 792723456] C:\pagefile.sys

[07/03/2011 - 15:19:38 | D ] C:\Perl

[01/03/2011 - 14:59:04 | D ] C:\Program Files

[14/03/2011 - 20:05:31 | SHD ] C:\RECYCLER

[13/03/2011 - 16:50:27 | N | 44550380] C:\sality.txt

[12/11/2010 - 10:13:26 | N | 171344] C:\SalityKiller.exe

[26/08/2008 - 11:50:20 | N | 249856] C:\Sality_off.exe

[13/03/2011 - 20:23:46 | SHD ] C:\System Volume Information

[13/03/2011 - 23:42:09 | N | 1882] C:\TB.txt

[13/03/2011 - 23:42:09 | D ] C:\ToolBar SD

[12/03/2011 - 11:13:05 | D ] C:\Torrents

[14/03/2011 - 20:05:31 | D ] C:\UsbFix

[14/03/2011 - 20:05:41 | A | 1097] C:\UsbFix.txt

[14/03/2011 - 18:59:14 | D ] C:\WINDOWS

[11/03/2011 - 16:08:22 | N | 4321292] E:\01 Poison.mp3

[11/03/2011 - 16:46:50 | N | 5484544] E:\03 House of Fire.mp3

[11/03/2011 - 16:46:50 | N | 3731456] E:\02 Spark In The Dark.mp3

[11/03/2011 - 15:52:50 | N | 5210112] E:\06 Bed of Nails.mp3

[11/03/2011 - 20:57:24 | N | 5142528] E:\01 Welcome To My Nightmare.mp3

[11/03/2011 - 15:32:50 | N | 6782976] E:\05 Dangerous Tonight.mp3

[11/03/2011 - 18:16:56 | N | 6602752] E:\01 Hey Stoopid.mp3

[11/03/2011 - 17:09:38 | N | 4392906] E:\01 - Guns 'n Roses - Welcome to the Jungle.mp3

[11/03/2011 - 17:14:32 | N | 6502330] E:\06 - Guns 'n Roses - Paradise City.mp3

[11/03/2011 - 17:21:48 | N | 2587751] E:\12 - Guns n' Roses - Garden of eden.mp3

[13/03/2011 - 12:24:48 | N | 4028154] E:\101-joan_jett_and_the_blackhearts-cherry_bomb.mp3

[11/03/2011 - 14:45:02 | N | 5154856] E:\110-joan_jett_and_the_blackhearts-crimson_and_clover.mp3

[11/03/2011 - 14:45:44 | N | 4587318] E:\108-joan_jett_and_the_blackhearts-i_love_rock_n_roll.mp3

[13/03/2011 - 20:06:56 | N | 3846468] E:\109-joan_jett_and_the_blackhearts-(im_gonna)_run_away.mp3

[11/03/2011 - 14:39:58 | N | 4463455] E:\203-joan_jett_and_the_blackhearts-everyday_people.mp3

[12/03/2011 - 15:52:48 | N | 5822449] E:\03 - Motörhead - In The Name Of Tragedy.mp3

[12/03/2011 - 15:54:12 | N | 8007626] E:\09-motorhead-in_the_year_of_the_wolf-rns.mp3

[12/03/2011 - 15:34:20 | N | 6685739] E:\12-motorhead-whorehouse_blues-rns.mp3

[14/03/2011 - 19:21:02 | N | 3299787] E:\frank sinatra - ney york new york.mp3

[14/03/2011 - 19:26:24 | N | 4083792] E:\frank sinatra - singing in the rain.mp3

[14/03/2011 - 19:22:02 | N | 2744865] E:\frank sinatra - blue moon.mp3

[14/03/2011 - 19:24:48 | N | 4127086] E:\come fly with me.mp3

 

################## | Vaccin |

 

C:\Autorun.inf -> Vacina criada por UsbFix (TeamXscript)

E:\Autorun.inf -> Vacina criada por UsbFix (TeamXscript)

 

################## | Upload |

 

Favor enviar o arquivo: C:\UsbFix_Upload_Me_FAMILIA-208024A.zip

http://www.teamxscript.org/Upload.php

Obrigado pela sua contribuição.

 

################## | E.O.F |

 

Log do HijackThis:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:09:08, on 14/3/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avshadow.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\familia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\familia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\familia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\familia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\familia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\familia\Meus documentos\Downloads\Nova pasta\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Avira AntiVir Agendamento (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

 

--

End of file - 4486 bytes

[Power Max 54]

:seta: Favor enviar o arquivo: C:\UsbFix_Upload_Me_FAMILIA-208024A.zip para este site abaixo para que o Usbfix possa ser aperfeiçoado:

http://www.teamxscript.org/Upload.php

Obrigado pela sua contribuição.

________________________

 

Vários problemas foram removidos, como está seu PC atualmente?

[ZeroOfTheRebellion 0]

Agora está tudo funcionando normal :joia:

Muito obrigado cara, sem sua ajuda não sei o que seria do meu pc :lol: :lol: :lol:

[Power Max 54]

Agora está tudo funcionando normal :joia:

Muito obrigado cara, sem sua ajuda não sei o que seria do meu pc :lol: :lol: :lol:

:) Fico feliz que o problema tenha sido resolvido.

________________________

 

:seta: Pode desinstalar estes programas que foram usados: Norman, Dr. Web Cureit, Sality Off, Sality Killer, Kaspersky Virus Removal Tool, Ad-remover, Toolbar S&D, Usbfix e Avenger.

_________________________

 

:seta: Faça uma nova limpeza com o Ccleaner e instale estes programas e use-os agora e semanalmente para fazer uma limpeza do seu PC e para deixá-lo mais eficiente e otimizado:

 

Auslogics Disk Defrag

 

SpywareBlaster

 

Siga também as dicas deste tutorial:

 

Dicas para deixar seu computador mais rápido e eficiente

________________________

 

:seta: Depois disso, volte no mesmo local: Iniciar - Painel de Controle - Sistema - Clique na aba: Restauração do Sistema - Desmarque a caixinha: Desativar restauração do sistema - Clique no botão: Aplicar e no botão: Ok.

__________________________

 

MSIE: Internet Explorer v6.00

:!: Seu Internet Explorer está muito desatualizado. Baixe e instale o Internet Explorer 8:

http://www.baixaki.com.br/download/internet-explorer.htm

___________________________

 

:thumbsup: Foi um prazer ajudar, conte sempre conosco!

[Power Max 54]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.