Author Topic: Ameaça detectada - Bloqueio de site nocivo  (Read 38286 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #15 on: November 28, 2012, 12:32:02 PM »
Só o Essexboy no fórum em inglês (viruses and worms) pode ajudar... Você não quer postar lá?
The best things in life are free.

Lamec

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #16 on: November 28, 2012, 12:55:19 PM »
Você poderia fazer essa ponte pra mim, pra evitar que eu tenha que recomeçar do zero?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
The best things in life are free.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40603
  • Dragons by Sasha
    • Malware fixes
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #18 on: November 28, 2012, 03:48:54 PM »
Oi Lamec, isso parece estar relacionado a um sistema de adicionar que eu pode ser capaz de encontrar e remover com OTL

Download Baixar   OTL  to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Clique duas vezes no ícone para executá-lo. Certifique-se de todas as outras janelas estão fechadas e deixá-lo correr ininterrupto


  • Select All Users
  • Under the Custom Scan box paste this in Sob a caixa de verificação personalizada Cole isto em
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post  both logs

jefferson santiago

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #19 on: November 28, 2012, 07:26:06 PM »
recomendo usar o Emsisoft Anti-Malware antiga a-squared ,site do fabricante

http://www.emsisoft.com.br/po/software/antimalware

faça a varredura completa.esta em português do brasil



Espero que solucione o problema

« Last Edit: November 28, 2012, 07:28:43 PM by jefferson santiago »

jefferson santiago

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #20 on: November 28, 2012, 11:24:58 PM »
se esta ferramenta que indiquei não resolveu,tenho uma solução definitiva é Kaspersky Rescue Disk 10,Alguns vírus e aplicativos mal intencionados podem tornar o sistema operacional lento e até mesmo impedir sua inicialização. Para esta situação, podemos utilizar discos de recuperação, que trazem antivírus e ferramentas capazes de copiar arquivos do disco rígido para dispositivos como pendrives.
 
Kaspersky Rescue Disk nos permite acessar arquivos do computador quando o sistema operacional já está comprometido por vírus e outras pragas. Além disso, a ferramenta traz o mecanismo de verificação de vírus do conceituado Kaspersky Anti-Vírus 2013 , que pode ser atualizado durante a execução.

recomendo que baixe  do site do fabricante é mais confiavel,nada de baixar no baixaki é uma fonte de virus ja ouvi vários relatos de usuarios recentes reclamando sobre virus e problemas nos arquivo ainda mais a maioria sendo falso antivirus.

https://support.kaspersky.com/4162
 
Baixe o arquivo e grave num CD ou DVD,usando o nero como imagem de iso

trago a Você passo a passo de como utilizar a ferramenta

http://www.youtube.com/watch?v=lgASt0Pa28c






Abraços.

Lamec

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #21 on: November 30, 2012, 04:38:45 AM »
Hi essexboy,

Thank you for helping me :)

I did exactly what you told me to do, and here are the files you asked.

You can talk in english with me, dont worry about translation.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40603
  • Dragons by Sasha
    • Malware fixes
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #22 on: November 30, 2012, 02:54:48 PM »
Quote
You can talk in english with me, dont worry about translation.
Phew my Portuguese is on par with my Mandarin... 

Let me know if this stops the alerts .. It should

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:OTL
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=bf6cb260-560d-4370-bb00-3400eaf81667&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=bf6cb260-560d-4370-bb00-3400eaf81667&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=bf6cb260-560d-4370-bb00-3400eaf81667&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://hgw4y.updateseguromob.com/ye0xowrtd0j.win
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=bf6cb260-560d-4370-bb00-3400eaf81667&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=bf6cb260-560d-4370-bb00-3400eaf81667&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-523984095-2543953926-3448830638-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=BR&userid=bf6cb260-560d-4370-bb00-3400eaf81667&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.


:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Lamec

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #23 on: December 03, 2012, 11:35:19 AM »
Essexboy, I think it worked !! I LOVE YOU MAN!

Take a look at the log.

YOU ROX my friend !!

Thank you so much  ;D :D ;) 8) ::)

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40603
  • Dragons by Sasha
    • Malware fixes
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #24 on: December 03, 2012, 03:12:02 PM »
I thought so, the problem was in the BHO's/Addons  very few malware tools are adept at looking there.  Hence none of them found it

Run OTL and press the cleanup button to remove the programme, keep safe 

recm

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #25 on: December 05, 2012, 06:28:39 PM »
Boa tarde,

Estou com o mesmo problema do Lamec.

Há dias o meu Avast vem exibindo sempre a mesma notificação: "O Módulo de Rede do Avast bloqueou um site nocivo".
Meu Avast está atualizado (Avast FREE versão 7.0.1474) e as definições de vírus também (versão 121125-1).

Por favor, podem me ajudar?

Aguardo,

Re

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40603
  • Dragons by Sasha
    • Malware fixes
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #26 on: December 05, 2012, 07:05:28 PM »
@recm


Download OTL  to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.


  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post  both logs

recm

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #27 on: December 05, 2012, 09:41:00 PM »
I did as told.
But still the same problem.
The following records.
 
Sorry for the translation.
Tks.


Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40603
  • Dragons by Sasha
    • Malware fixes
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #28 on: December 05, 2012, 09:51:54 PM »
Let me know if this stops it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=BR&userid=a13261b5-48bf-4e31-9dc2-8f4923264bae&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=BR&userid=a13261b5-48bf-4e31-9dc2-8f4923264bae&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=BR&userid=a13261b5-48bf-4e31-9dc2-8f4923264bae&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=BR&userid=a13261b5-48bf-4e31-9dc2-8f4923264bae&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDY&co=BR&userid=a13261b5-48bf-4e31-9dc2-8f4923264bae&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
O2 - BHO: (no name) - {95525BD9-6136-4A26-8263-9CEE295D442D} - No CLSID value found.
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\..\Toolbar\WebBrowser: (no name) - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1770027372-839522115-1003\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

recm

  • Guest
Re: Ameaça detectada - Bloqueio de site nocivo
« Reply #29 on: December 05, 2012, 11:18:18 PM »
Essexboy,

The version of my OTL is 3.2.69.0 not have this option "include 64bit scans" what do I do?