julioluiz Geek Registrado 2.2K Mensagens 188 Curtidas Checagem de rotina #1 Por julioluiz 30/11/2013 - 15:00 Boa tarde, amigos! Gostaria de instruções para verificar se há infecção nesta máquina. Qual logs tenho de gerar? Obrigado pela atenção e bom fim de semana! boa verificar instrucoes feliz rotina checagem infeccao tarde nesta
Power Max Ubbergeek Registrado 4.2K Mensagens 509 Curtidas #2 Por Power Max 30/11/2013 - 16:05 Olá Julio! Faça o download do HijackThis. *Execute-o e clique no botão Main Menu. * Na próxima tela que surgirá clique em [Do a system scan and save a logfile]. *Um relatório será apresentado. *Selecione todo o conteúdo deste relatório, copie (Ctrl+c), volte ao seu tópico e poste-o para que possamos analisar. <><><><><><><><><><><><><><><><> Caixa de Dicas = Sempre com novos tutoriais e atualidades em informática e tecnologia. Super Links = Mensagens de fé e esperança ao seu coração.
julioluiz Geek Registrado 2.2K Mensagens 188 Curtidas #3 Por julioluiz 30/11/2013 - 16:38 Obrigado pela ajuda, Antonio. [code=rich]Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:38:02, on 30/11/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16520) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\SiS VGA Utilities\SiSTray.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Elantech\KTP.EXE C:\Program Files\Control Center\CCenter.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Ares\Ares.exe C:\Windows\system32\conime.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Júlio Luiz\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: uTorrentBar_PT - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files\uTorrentBar_PT\prxtbuTor.dll (file missing) O3 - Toolbar: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files\uTorrentBar_PT\prxtbuTor.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe O4 - HKLM\..\Run: [Control Center] C:\Program Files\Control Center\CCenter.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-21-3820583718-593511415-3146395857-1002\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray (User 'Júlio Luiz') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9F22C521-F648-4404-B67C-2869FD340471}: NameServer = 192.168.0.1 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: BootRacerServ - Unknown owner - C:\Program Files\BootRacer\BootRacerServ.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 5750 bytes [/code] Abraço! i5 3470 | Z77 | RX 480 STRIX | 8GB Vengeance | EVGA 600B | Z5 +
Power Max Ubbergeek Registrado 4.2K Mensagens 509 Curtidas #4 Por Power Max 30/11/2013 - 18:11 Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked: O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: uTorrentBar_PT - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files\uTorrentBar_PT\prxtbuTor.dll (file missing) O3 - Toolbar: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Program Files\uTorrentBar_PT\prxtbuTor.dll (file missing) _________________________ Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento completo com o Malwarebytes: Tutorial do Malwarebytes Anti-Malware Na sua próxima resposta poste este log do Malwarebytes juntamente com um novo log do Hijackthis e nos diga como está o seu PC após este procedimento. Ficamos no aguardo. <><><><><><><><><><><><><><><><> Caixa de Dicas = Sempre com novos tutoriais e atualidades em informática e tecnologia. Super Links = Mensagens de fé e esperança ao seu coração.