Nod32 acusou virus help thiago\bradesco kit...???

Question

Oi Pessoal...
 
Estou com um probleminha: passei o Nod32 neste micro e apareceu uma infec&ccedil;&atilde;o estranha, escrito no config do windpow: Help Tiago/bradesco Kit e cartao... (olhem a imagem) e nunca usei nada de banco neste pc, que ali&aacute;s tem 2 dias. Esta na quarentena, mas o que significa? &Eacute; correto deixar na quarentena? N&atilde;o &eacute; um programa instalado por algu&eacute;m no micro? Ou ser&aacute; que veio no micro?
 
http://img83.imageshack.us/my.php?image=nod321hd5.jpg
 
Algu&eacute;m sabe o que &eacute; aconteceu???
 
Obrig.

Answer

Ol&aacute; Legoy!

[COLOR=darkred]1)[FONT=&quot]      [/FONT][/COLOR]Configure o Windows para ver todos os Arquivos

Windows ME/2000/XP

Iniciar &raquo; Painel de Controle &raquo; Op&ccedil;&otilde;es de pasta.

Clique na aba Modo de exibi&ccedil;&atilde;o.

Selecione o bot&atilde;o Mostrar pastas e arquivos ocultos.

Desmarque a caixa Ocultar arquivos protegidos do [COLOR=black]sistema operacional[/COLOR] (recomendado).

Clique em OK.

Windows 98

Abra Meu computador.

Clique em Exibir &raquo; Op&ccedil;&otilde;es de Pasta.

Clique na aba Modo de exibi&ccedil;&atilde;o.

Selecione o bot&atilde;o Mostrar todos os arquivos.

Clique em OK.

[COLOR=darkred][FONT=Verdana]2)[FONT=&quot]  [/FONT][/FONT][/COLOR][FONT=Verdana]Fa&ccedil;a uma Limpeza completa do Registro.[/FONT]

Fa&ccedil;a o download do programa Ccleaner no link abaixo[FONT=Verdana]:[/FONT]
   http://www.ccleaner.com/download

Instale o Ccleaner, abra o programa, clique no bot&atilde;o: Limpeza e depois clique em Executar Limpeza;

Ap&oacute;s isto, clique no bot&atilde;o: Registro > Procurar erros > Corrigir erros selecionados
  
[COLOR=red]3[/COLOR][COLOR=darkred][FONT=Verdana])[/FONT][/COLOR][FONT=Verdana] Fa&ccedil;a o download do[/FONT] Hijackthis no link abaixo:
  http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

Ap&oacute;s concluir o download, execute-o.
  Clique no bot&atilde;o: Do a system scan and save a logfile. Depois ser&aacute; aberta uma tela com o log, ent&atilde;o &eacute; s&oacute; selecionar este Log (Clique no menu: Editar &raquo; Selecionar Tudo), depois disso volte novamente no menu: Editar &raquo; e clique na op&ccedil;&atilde;o: Copiar).
   
  Depois disso &eacute; s&oacute; voltar aqui no f&oacute;rum e postar este log do Hijackthis para que ele possa ser analizado. 
   
  Ficamos no aguardo de sua resposta.

Answer

Tudo feito - embora tenha aberto outra janela antes de aparecer o log e a&iacute; cliquei ok e foi:
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:24:42, on 24/08/2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\VTTimer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\c&atilde;o de guarda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2FH660DN\HiJackThis[1].exe
C:\Windows\System32\mspaint.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix: 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://download.gamedesire.com/g_bin/eng/words_2_0_0_51.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://download.gamedesire.com/g_bin/eng/wordssingle_2_0_0_48.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://download.gamedesire.com/g_bin/eng/billard8_2_0_0_35.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C662AA99-C426-4A8C-9A46-80F9C426C871}: NameServer = 200.204.0.10 200.204.0.138
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) -   - C:\Windows\SYSTEM32\slserv.exe
--
End of file - 5436 bytes

Obrig.!!!!

Answer

O seu log est&aacute; limpo. Provavelmente esta infec&ccedil;&atilde;o que o Nod32 encontrou deve ser um banker (praga que rouba senhas de banco e informa&ccedil;&otilde;es pessoais). Mas ele j&aacute; enviou para a quarentena, ent&atilde;o est&aacute; tudo certo.

Mas para deixar o seu PC mais seguro e eficiente &eacute; muito importante seguir as dicas abaixo:

[COLOR=Blue]Dicas para complementar a seguran&ccedil;a do seu antiv&iacute;rus[/COLOR]
  
   [COLOR=Blue]Tutorial do Mcafee SiteAdvisor[/COLOR]

Answer

Oba!!! Que al&iacute;vio!!!! Vou verificar as dicas! Obrigada!!!

Ferramentas

Mover Tópico