Re: Remover virus Getusaaall.info

Non-English Boards Português
1

Segue os anexos

2

Deixe-me saber como o computador é depois disto

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eYEvkO0IXpPtdP6m8ZUBjvfhq2oaGBVBNoN4SnRhF_ZJzCvgugk9iH-idCiRjvM58zBPQcOQB958IZw7kP0fB9X95rdbk1AbFfddZp_db5zplbkvz4rpsI-dmSYdZDBWfNt7fYF2qLJ0NA,,&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eYEvkO0IXpPtdP6m8ZUBjvfhq2oaGBVBNoN4SnRhF_ZJzCvgugk9iH-idCiRjvM58zBPQcOQB958IZw7kP0fB9X95rdbk1AbFfddZp_db5zplbkvz4rpsI-dmSYdZDBWfNt7fYF2qLJ0NA,,&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1398763539&from=cor&uid=ST1000LM024XHN-M101MBB_S2YYJ5CDC00024&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1398763539&from=cor&uid=ST1000LM024XHN-M101MBB_S2YYJ5CDC00024&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1398763539&from=cor&uid=ST1000LM024XHN-M101MBB_S2YYJ5CDC00024&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1398763539&from=cor&uid=ST1000LM024XHN-M101MBB_S2YYJ5CDC00024&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZY8r_u5bnbAuCNEYVt1TJh3midcg3w_2bA0PVCqUymz9fGE9dfTjWTulYkkEqT18yDNGumLzxaWqEro06wpd1ORocibHVTHU4muaFR9jTRerBxTkm6bNn3_vmjeFpwNpc4128lg9WrHDg,,&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eYEvkO0IXpPtdP6m8ZUBjvfhq2oaGBVBNoN4SnRhF_ZJzCvgugk9iH-idCiRjvM58zBPQcOQB958IZw7kP0fB9X95rdbk1AbFfddZp_db5zplbkvz4rpsI-dmSYdZDBWfNt7fYF2qLJ0NA,,&q={searchTerms} Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X] CMD: bitsadmin /reset /allusers CMD: DEL %TEMP%\*.* /F /S /Q CMD: RD /S /Q %TEMP% REBOOT:

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

3

as attachment

4

Como é o computador agora, tem os alertas parou