Vírus desabilita firewall, conexão com a internet e antivírus

Question

Bom dia!
Algu&eacute;m pode me ajudar a remover esse v&iacute;rus?

Answer

Bom dia leo5city,

Baixe:  (...by Xplode)

Ou aqui

Salve-o na sua &aacute;rea de trabalho.

https://www.hardware.com.br/static/c/m/715687bce3607a295707796273fb2e69

Usu&aacute;rios do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo AdwCleaner.exe,depois clique em:

https://www.hardware.com.br/static/c/m/43c99d23e544ec749d16171b30fe4b3c

Clique em Examinar, para iniciar o escaneamento!

https://www.hardware.com.br/static/c/m/c16bf206c6be4697bd007bbcc0ea8fc9

Ao t&eacute;rmino, clique em limpar!

Copie o log ou clique Relat&oacute;rio.

Poste:

Answer

Aqui est&aacute;!

Answer

Boa tarde leo5city,

Baixe:  ( ...Nicolas Coolman )
Salve-o no Disco local (C ou D).
Desabilite seu antiv&iacute;rus, e execute ZHPDiag.exe para instalar.
https://www.hardware.com.br/static/c/m/e0baac1fc96e2b6998362b4e757228c9

Execute o &iacute;cone do pergaminho!
https://www.hardware.com.br/static/c/m/74bd92827a56ccef3293e039379d6b90
Clique na op&ccedil;&atilde;o COMPLETA e aguarde a conclus&atilde;o.
Clique OK e,ao concluir, poste o relat&oacute;rio! ( [color=green]ZHPDiag.txt[/color] )
Obs: O relat&oacute;rio por ser extenso deve ser postado neste site:
Acesse: 
Pour quelle dur&eacute;e ? Marque  4 jours!

Answer

Postei l&aacute;!

Answer

Boa tarde leo5city,

Execute este script na ferramenta ZHPFix.
Copie estas informa&ccedil;&otilde;es que est&atilde;o em vermelho para o Bloco de notas.
Com o Bloco de notas aberto, fa&ccedil;a: [color=green] ctrl+a  ctrl+c[/color].
&Agrave; seguir, minimize o Bloco de notas.

[color=red]Script ZHPFix
SysRestore
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
M3 - MFPP: Plugins - [sara] -- C:\Users\sara\AppData\Roaming\Mozilla\Firefox\Profiles\9ccuw80r.default\searchplugins\Baidu.xml    
O4 - HKLM\..\Run: [NPSStartup] Chave orf&atilde; 
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000Core] (.Facebook Inc..) -- C:\Users\sara\AppData\Local\Facebook\Update\FacebookUpdate.exe   [138096] 
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000UA] (.Facebook Inc..) -- C:\Users\sara\AppData\Local\Facebook\Update\FacebookUpdate.exe   [138096] 
[MD5.00000000000000000000000000000000] [APT] [{438E1EF6-1718-4414-B805-24CDC94FCC27}] (...) -- C:\Program Files\Desk 365\eUninstall.exe (.not file.)   [0]   =>Hijacker.22Find 
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000Core.job   [922] 
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000Core   [922] 
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000UA.job   [944] 
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2314391645-1394786069-3152463150-1000UA   [944] 
O42 - Logiciel: Google Update Helper - (.SaveSense.) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}   =>PUP.SaveSense 
O42 - Logiciel: Rich Media Player - (.Radiocom.) [HKLM] -- Rich Media Player   =>PUP.RichMediaPlayer 
[HKCU\Software\Baidu Security]    
[HKCU\Software\Baidu]    
[HKCU\Software\BearShare]   =>PUP.BearShare 
[HKCU\Software\Rich Media Player]   =>PUP.RichMediaPlayer 
[HKLM\Software\Baidu Security]    
[HKLM\Software\Baidu]    
[HKLM\Software\Baidu_Drp_pos]    
[HKLM\Software\BearShareSRTB]   =>PUP.BearShare 
O43 - CFD: 06/02/2014 - 10:14:56 - [] ----D C:\Program Files\Baidu Security    
O43 - CFD: 25/06/2014 - 20:45:42 - [] ----D C:\Program Files\Baidu-Security-2014-4.4.4.73687 
O43 - CFD: 06/02/2014 - 10:33:55 - [] ----D C:\Program Files\Cartoon Maker   =>PUP.Babylon 
O43 - CFD: 09/07/2014 - 15:14:46 - [] ----D C:\ProgramData\Baidu Security    
O43 - CFD: 09/10/2014 - 22:34:49 - [] ----D C:\ProgramData\InstallMate   =>PUP.Tarma 
O43 - CFD: 06/02/2014 - 14:19:03 - [] ----D C:\ProgramData\Log    
O43 - CFD: 18/06/2013 - 17:42:49 - [] ----D C:\ProgramData\PSafe    
O43 - CFD: 11/11/2013 - 09:32:04 - [] ----D C:\Users\sara\AppData\Roaming\Baidu Security    
O43 - CFD: 15/03/2013 - 10:34:11 - [] ----D C:\Users\sara\AppData\Roaming\PSafe    
O43 - CFD: 14/05/2013 - 16:28:32 - [] ----D C:\Users\sara\AppData\Local\PSafe    
O43 - CFD: 06/06/2014 - 09:13:58 - [] ----D C:\Users\sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cartoon Maker   =>PUP.Babylon 
O45 - LFCP:[MD5.0BFCEE933ED7FAD68D72CE3169DE79E8] - 09/10/2014 - 19:03:40 ---A- - C:\Windows\Prefetch\SAVESENSELIVE.EXE-DC649E93.pf   =>PUP.SaveSense 
O45 - LFCP:[MD5.8EA7DA76155370206C1EE6CFE3BA8462] - 09/10/2014 - 10:04:22 ---A- - C:\Windows\Prefetch\SAVESENSELIVEHANDLER.EXE-F8DD43C4.pf   =>PUP.SaveSense 
O45 - LFCP:[MD5.8872D0C944A63A03BF69905BD3FE2D4F] - 25/06/2014 - 21:04:01 ---A- - C:\Windows\Prefetch\SAVESENSEUPDATEVER.EXE-E93305AD.pf   =>PUP.SaveSense 
O51 - MPSK:{eee28533-1e47-11e4-b1c1-4487fcb18a60}\AutoRun\command. (...) -- E:\Windows\AutoRun.exe (.not file.)    
O51 - MPSK:{f5ebf1a0-2179-11e4-b1c6-4487fcb18a60}\AutoRun\command. (...) -- E:\Windows\AutoRun.exe (.not file.)    
O68 - StartMenuInternet:  [HKLM\..\Shell\open\Command] (...) --  C:\Program Files\baidu\Spark\Spark.exe http://istart.webssearches.com   =>Hijacker.WebsSearches 
[MD5.A43D98F5A2B54F22C2B8191CBF27B438] [WIS][06/02/2014] (.SaveSense - Google Update Helper.) -- C:\Windows\Installer\837777.msi   [40960]   =>PUP.SaveSense 
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]   =>PUP.SaveSense^ 
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Rich Media Player]   =>PUP.RichMediaPlayer^ 
[HKLM\Software\360Safe]   =>Trojan.Lozavita 
C:\Program Files\Cartoon Maker   =>PUP.Babylon^ 
C:\ProgramData\InstallMate   =>PUP.Tarma^ 
C:\Users\sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cartoon Maker   =>PUP.Babylon^ 
C:\Users\sara\AppData\LocalLow\SearchNewTab   =>Adware.FastSaveApp 
C:\Users\sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog   =>Adware.SmileyBar 
[HKCU\Software\BearShare]   =>PUP.BearShare^ 
[HKCU\Software\Rich Media Player]   =>PUP.RichMediaPlayer^ 
[HKLM\Software\BearShareSRTB]   =>PUP.BearShare^ 
C:\Windows\Installer\837777.msi   =>PUP.SaveSense^[/color]
Abra a ferramenta ZHPFix. 
Clique em IMPORTA&Ccedil;&Atilde;O > OK
Clique GO.
Poste o Relat&oacute;rio!

Answer

Segue o relat&oacute;rio...

Answer

Boa noite leo5city, Vamos utilizar uma vez mais a ferramenta ZHPDiag.

https://www.hardware.com.br/static/c/m/e0baac1fc96e2b6998362b4e757228c9
Execute o &iacute;cone do pergaminho!

https://www.hardware.com.br/static/c/m/74bd92827a56ccef3293e039379d6b90
Clique na op&ccedil;&atilde;o COMPLETA e aguarde a conclus&atilde;o.
Clique OK e,ao concluir, poste o relat&oacute;rio! ( [color=green]ZHPDiag.txt[/color] )
Obs: O relat&oacute;rio por ser extenso deve ser postado em um desses sites:
Acesse: 
Ou  anexe-o aqui mesmo no f&oacute;rum!

Um grande abra&ccedil;o.

Answer

Boa noite Caedurodrigues, obrigado por me ajudar!

Segue o relat&oacute;rio em anexo

Answer

Boa noite leo5city, Vamos remover as ferramentas de remo&ccedil;&atilde;o. Nos diga como est&aacute; o seu computador.

https://www.hardware.com.br/static/c/m/44953d52d7d96de4faffcc53c5fd293a

Abra a ferramenta Adwcleaner e clique em Desinstalar.
Confirme a solicita&ccedil;&atilde;o !

Baixe:  (...[color=green]by Xplode[/color])
Salve-o na sua &aacute;rea de trabalho.
D&ecirc; dois cliques no [color=red]delfix.exe[/color] para execut&aacute;-lo. 
https://www.hardware.com.br/static/c/m/715687bce3607a295707796273fb2e69
Usu&aacute;rios do Windows Vista ou Windows 7,clique com o direito do mouse sobre o arquivo delfix.exe,depois clique em:

https://www.hardware.com.br/static/c/m/ff20d71bdad3985d752e04fc88dd44bd
Marque as caixinhas, de acordo com a imagem.
Clique no bot&atilde;o Executar.
Reinicie o computador!

Answer

Bom dia, segue relat&oacute;rio...

Answer

Como esta o PC ?

Answer

[QUOTE=caedurodrigues, post: 6984126, member: 849119]Como esta o PC ?[/QUOTE]
N&atilde;o consigo habilitar o firewall e o windows defender, a conex&atilde;o com a internet fica limitada.

Answer

Consegui resolver o problema do firewall fazendo duas altera&ccedil;&otilde;es no registro, mas a conex&atilde;o com a internet continua limitada e o win defender acusa risco a seguran&ccedil;a.

Answer

Boa noite leo5city,

Baixe: https://www.hardware.com.br/static/c/m/7618536da762c4e582db92e3cf62976b <  https://www.hardware.com.br/static/c/m/56ee9720a71c8a3a4425d8180bb8e1e3 >
Salve-o no desktop!
Desabilite seu antiv&iacute;rus e execute o arquivo esetsmartinstaller_enu.exe > Aguarde! ( Pode durar algumas horas,esse scan... )
Ao concluir,clique em List of found threats.
Clique em Export to text file e salve o relat&oacute;rio no desktop.
Clique Back >> Finish.

Ferramentas

Mover Tópico