Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

MATSUMOTO

[Arquivado] &nbspNão Consigo instalar nenhum anti-virus

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

MATSUMOTO    0

MATSUMOTO
Postado

Não estou conseguindo instalar nenhum anti-virus, e ja peguei um topico aqui como ajuda para tentar me ajudar, e sempre que tento baixar o f-security blacklight ou o killbox meu computador reinicia sozinho, o killbox só de eu digitar no google "download killbox" meu pc ja reinicia, desde ja agradeço.

 

MEU LOGO HIHACKTHIS

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:43:42, on 14/1/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\winlogon.exe

C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\services.exe

C:\Arquivos de programas\IObit\Advanced SystemCare 4\ASCService.exe

C:\WINDOWS\system32\IProsetMonitor.exe

C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\lsass.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\DOCUME~1\Rafael\CONFIG~1\Temp\winysfw.exe

C:\Documents and Settings\Rafael\Meus documentos\Downloads\HijackThis (1).exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx

F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"

O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

O1 - Hosts: <html lang='en'>

O1 - Hosts: <head>

O1 - Hosts: <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">

O1 - Hosts: <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>

O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css">

O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/lib/smbiz/css/geocities_84954.css">

O1 - Hosts: <style>

O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}

O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}

O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}

O1 - Hosts: .services { font-size:116%; padding-bottom:20px }

O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}

O1 - Hosts: .image_web {float:right; margin:15px 0 0 15px}

O1 - Hosts: p {margin:20px;font-size:1em;}

O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}

O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}

O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}

O1 - Hosts: </style>

O1 - Hosts: </head>

O1 - Hosts: <body>

O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->

O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->

O1 - Hosts: <div class="ez-mw" style ="height:900px;width:905px">

O1 - Hosts: <div class="ez-wri ez-oh" style="width:900px">

O1 - Hosts: <div class="ez-box">

O1 - Hosts: <link type="text/css" rel="stylesheet" href="http://l.yimg.com/a/lib/uh/15/css/uh-1.0.28.css">

O1 - Hosts: <style type="text/css">

O1 - Hosts: div#headerblock div{font-family:arial;}

O1 - Hosts: </style>

O1 - Hosts: <div id="ygma"><div id="ygmaheader"><div class="bd sp"><div id="ymenu" class="ygmaclr"><div id="mepanel"><ul id="mepanel-nav"><li class="me1"><em>New User? <a class="ygmasignup" title="Sign Up" href="http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=2/SIG=13j8rdsqp/*https://edit.yahoo.com/config/eval_register?.done=http://smallbusiness.yahoo.com%2findex.html&.src=smbiz&.intl=us">Sign Up</a></em></li><li class="me2"><a title="Sign In" href="http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=3/SIG=13cm6p12o/*https://login.yahoo.com/config/login?.done=http://geocities.yahoo.com&.src=smbiz&.intl=us">Sign In</a></li>

O1 - Hosts: <li class="me3"><a href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*http://help.yahoo.com/l/us/yahoo/geocities/"'>http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*http://help.yahoo.com/l/us/yahoo/geocities/" target="_top" title="Yahoo! Help Central">Help</a></li>

O1 - Hosts: </ul></div><div id="ygmapromo"><a style="font-weight:bold;" id="ygmaie8" href="http://us.ard.yahoo.com/SIG=15vud5jbf/M=650008.13445975.13532322.12832737/D=smallbiz/S=2023010636:HPRM2/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=0Qw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5706923/R=0/SIG=117bakia1/*http://toolbar.yahoo.com/?.cpdl=ushdl" target="_top">Get Yahoo! Toolbar<abbr title="Yahoo! Toolbar"></abbr></a>

O1 - Hosts: <script language=javascript>

O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();

O1 - Hosts: window.yzq_d['0Qw4Atj8a20-']='&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1';

O1 - Hosts: </script>

O1 - Hosts: <noscript><img width=1 height=1 alt="" src="http://us.bc.yahoo.com/b?P=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48&T=144j596l3%2fX%3d1252090825%2fE%3d2023010636%2fR%3dsmallbiz%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d1861688409%2fQ%3d-1%2fS%3d1%2fJ%3d8B68FCD8&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1"></noscript></div>

O1 - Hosts: <div id="pa"><div id="pa-wrapper"><ul id="pa2-nav" class="sp"><li class="pa1 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*http://yahoo.com/"'>http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*http://yahoo.com/" title="Yahoo!" target="_top">Yahoo!</a></li><li class="pa2 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*http://mail.yahoo.com"'>http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*http://mail.yahoo.com" title="Yahoo! Mail" target="_top">Mail</a></li></ul><div id="pa-left" class="sp"></div><ul id="pa-nav" class="sp"><li class="pa3 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252

O1 - Hosts: <script language=javascript>

O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();

O1 - Hosts: window.yzq_d['zgw4Atj8a20-']='&U=13gmetml2%2fN%3dzgw4Atj8a20-%2fC%3d650008.13654021.13693393.13153902%2fD%3dHEAD%2fB%3d5836006%2fV%3d1';

O1 - Hosts: </script>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: <div class="ez-wr" style="width:898px;margin-top:1.5em">

O1 - Hosts: <Div class="ez-l2a" id="wrapper">

O1 - Hosts: <div class="ez-l2a-1 " style="width:898px">

O1 - Hosts: <div class="ez-box">

O1 - Hosts: <div class="ez-wr" >

O1 - Hosts: <div class="ez-box" style="width:898px">

O1 - Hosts: <h1>Sorry, the GeoCities web site you were trying to reach is no longer available.</h1>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: <div class="ez-wr">

O1 - Hosts: <div class="ez-box" id="boxyahoourls">

O1 - Hosts: <p> GeoCities has closed, but there's a lot more to explore on Yahoo!</p>

O1 - Hosts: <h2>Visit one of these popular Yahoo! sites:</h2>

O1 - Hosts: <ul class= "services">

O1 - Hosts: <li><a href="http://mail.yahoo.com">Yahoo! Mail</a></li>

O1 - Hosts: <li><a href="http://smallbusiness.yahoo.com/webhosting">Web Hosting</a></li>

O1 - Hosts: <li><a href="http://news.yahoo.com">News</a></li>

O1 - Hosts: <li><a href="http://games.yahoo.com">Games</a></li>

O1 - Hosts: <li><a href="http://sports.yahoo.com/">Sports</a> </li>

O1 - Hosts: <li><a href="http://movies.yahoo.com">Movies</a></li>

O1 - Hosts: <li><a href="http://finance.yahoo.com">Finance</a></li>

O1 - Hosts: <li><a href="http://maps.yahoo.com">Maps</a></li>

O1 - Hosts: </ul>

O1 - Hosts: </div>

O1 - Hosts: <li class="rule"><!----></li>

O1 - Hosts: <p>The GeoCities site you were looking for may have been preserved in the Internet Archive's Wayback Machine. To find out, <a href="http://www.archive.org/web/web.php" target="_blank">visit Archive.org</a> and enter the site's web address in the field provided.</p>

O1 - Hosts: <li class="rule"><!----></li>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: <div class="ez-wr">

O1 - Hosts: <div class="ez-box" style="text-align:center; margin-top:25px;">

O1 - Hosts: <font size="-2" face="verdana">Copyright © 2009 <a href="http://yahoo.com/">Yahoo!</a> Inc. All rights reserved.

O1 - Hosts: <ul>

O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://privacy.yahoo.com/privacy/us/geo/">Privacy Policy</a></li> -

O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://docs.yahoo.com/info/copyright/copyright.html">Copyright Policy</a></li> -

O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://docs.yahoo.com/info/guidelines/community.html">Guidelines</a

O1 - Hosts: ></li> -

O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://smallbusiness.yahoo.com/tos/tos.php">Terms of Service

O1 - Hosts: </a></li> -

O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://help.yahoo.com/help/us/geo/">Help</a></li>

O1 - Hosts: </ul>

O1 - Hosts: </font>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: </div>

O1 - Hosts: </body>

O1 - Hosts: </html>

O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>

O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1326144351&f=us-w7" ALT=1 WIDTH=1 HEIGHT=1>

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /installquiet

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKLM\..\Run: [bron-Spizaetus] "C:\WINDOWS\ShellNew\bronstab.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Documents and Settings\Rafael\Configurações locais\Dados de aplicativos\smss.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Empty.pif = ?

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Arquivos de programas\IObit\Advanced SystemCare 4\ASCService.exe

O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\WINDOWS\system32\IProsetMonitor.exe

O23 - Service: NMSAccess - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Arquivos de programas\Arquivos comuns\Steam\SteamService.exe

 

--

End of file - 16775 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Tarde! MATSUMOTO

 

|- Sua máquina apresenta infecção pelo Sality,onde a melhor opção é a formatação.

|- Caso queira tentar a desinfecção,siga na ordem em que estão dispostos,estes procedimentos.

 

|- Baixe: < FixPolicies > ( ...by Bill Castner )

|- Salve-o no Desktop!

|- Execute o arquivo FixPolicies.exe,com um duplo-clique.

|- Clique em Install.

|- Abra a pasta FixPolicies,que foi criada.

|- Duplo-clique em Fix_policies.cmd.

|- Surgirá,por breve momento,uma caixa preta.

 

/////°°°°°/////

 

|- Baixe: < SalityKiller >

|- Salve-o no Disco local C:\,e descompacte-o ai mesmo.

|- Desative a Restauração do Sistema,indo pelo caminho:

 

|- Meu Computador -> Propriedades -> Restauração do Sistema -> Desativar Restauração do Sistema -> OK -> Sim

 

|- Desabilite o antivírus.

|- Esteja desconectado da Internet,ao desabilitar seu antivírus.

 

/////°°°°°/////

 

|- Copie estas informações,em vermelho,para o Bloco de Notas.

|- Ao salvá-las,tipifique-as para "Todos os arquivos".

 

@echo off

cd C:\

CACLS * /e /t /c /g Administradores:F

CACLS * /e /t /c /g System:F

pause

 

|- Salve-as como CACLS.bat <- Nome do Arquivo!

|- Encaminhe esse arquivo batch ao desktop,e execute-o aì mesmo.

|- Aguarde a conclusão! -> Aperte qualquer tecla para continuar!

|- À seguir,copie estas informações,que estão em vermelho,para o Bloco de Notas.

 

Windows Registry Editor Version 5.00

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun]

"NoDriveTypeAutoRun"=dword:000000b1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

"NoDriveTypeAutoRun"=dword:000000b1

 

|- Salve-as como arquivo de informações de registro. ( .reg )

|- Tipifique-as para "Todos os arquivos" e dê o seguinte nome: disable_autorun.reg

|- Salve-o no desktop ou disco local.

|- Execute-o e confirme sua inserção ao registro.

|- Reinicie o computador!

|- Execute,à seguir,o "SalityKiller".

|- Ao concluir,reinicie o computador!

|- Reabilite seu antivírus!

|- Ative,novamente,a Restauração do sistema.

 

/////°°°°°/////

 

|- Baixe: < AVPTool >

 

|- < Link-2 >

 

<!> Você será conduzido a uma página da Kaspersky,solicitando um email para cadastro.

|- Ps: Será pedido seu nome e sobrenome.

|- Ps: Somente o campo "email" é obrigatório.

 

452fe62dcc1e70a4612473394b450d3f6b2ac7718d67d0f3b91993f3bd1c411d6g.jpg

|- Informe seu email e depois,clique no botão "Submit Form".

|- Ps: A página será recarregada!

|- Clique no botão "Download".

|- Salve-o em seu desktop!

|- Duplo clique no arquivo "setup".

|- Ps: Aguarde a instalação!

|- Ps: Na próxima tela,marque: "I accept the licence agreement"

|- À seguir,clique em "Start".

 

|- Clique no botão: < 76f0fc3841655bbb20073c5eafb99183ff229129be65005edaffab3e7d5270d76g.jpg >

|- Marque:

 

|- <1> Meu Computador;

|- <2> Disco local ( C: ) ou ( D: );

 

|- Ps: Normalmente,a unidade em que esteja instalado o SO!

 

88fecb3b2eff98883b66e8cdb9d80724cd68fc43575f9b35e4a44c1ee6132b786g.jpg

 

|- Clique em "Actions".

|- Ps: Deixe os dois quadrinhos marcados! <-- Importante!

|- Ps: Imprima estas orientações,para posterior consulta!

|- Clique na aba "Automatic Scan" e aguarde o término da verificação.

 

|- Clique no botão < b32fe2186e639ada1d2d057fd914121da5aca6d7cf049a1359c50213fa487d7b6g.jpg >

|- Clique em"Detected threats".

|- Clique no botão "Save".

|- Ps: Copie o conteúdo do arquivo salvo. <-- Se houver algo detectado!

|- Poste-o em sua resposta!

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito