Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Boa noite pessoal,
gostaria de uma ajuda tenho um notebook que o windows defender não consegue limpar hacktool:win32 autokms fica so dando alerta de que nenhuma ação é necessaria todo tempo mais não limpa.
/!\ Boa Noite! prrsilva /!\
Desinstale: C:\Program Files (x86)\IObit\Advanced SystemCare 8 ou 9 <<
Desinstale: Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit)
Desinstale: IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.37 - IObit)
Desinstale: KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Copie estas informações que estão em vermelho,para o Bloco de Notas.
Salve-as com o nome fixlist. << Texto!
Salve-as no desktop! (** Área de trabalho ... ) -/- C:\Users\Lindalva\*Desktop*** <<
start
CloseProcesses:
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\Run: [Facebook Update] => C:\Users\Lindalva\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-28] (Facebook Inc.)
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {0d49e6a3-b3d4-11e3-8253-50b7c3be6ce6} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {0d49ef6d-b3d4-11e3-8253-50b7c3be6ce6} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {20fa1ef4-9049-11e5-82fc-50b7c33f080e} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {21c53b2d-b2e9-11e3-824d-50b7c3be6ce6} - "G:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {21c53ba3-b2e9-11e3-824d-50b7c3be6ce6} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {26034a16-a051-11e5-82ff-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {5afccbc7-b8d8-11e3-8255-50b7c3be6ce6} - "H:\LGAutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {b41bb627-d1f9-11e3-825f-50b7c3be6ce6} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {ca7cfd6a-f317-11e4-82c9-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {d0a6ee2f-ea8a-11e4-82c7-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {de3ac067-f76a-11e4-82cd-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\...\MountPoints2: {f45ca27f-ada7-11e5-8301-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Lindalva\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-28] (Facebook Inc.)
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0d49e6a3-b3d4-11e3-8253-50b7c3be6ce6} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0d49ef6d-b3d4-11e3-8253-50b7c3be6ce6} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {20fa1ef4-9049-11e5-82fc-50b7c33f080e} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {21c53b2d-b2e9-11e3-824d-50b7c3be6ce6} - "G:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {21c53ba3-b2e9-11e3-824d-50b7c3be6ce6} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {26034a16-a051-11e5-82ff-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5afccbc7-b8d8-11e3-8255-50b7c3be6ce6} - "H:\LGAutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b41bb627-d1f9-11e3-825f-50b7c3be6ce6} - "E:\LGAutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ca7cfd6a-f317-11e4-82c9-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d0a6ee2f-ea8a-11e4-82c7-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {de3ac067-f76a-11e4-82cd-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f45ca27f-ada7-11e5-8301-50b7c33f080e} - "E:\AutoRun.exe"
HKU\S-1-5-18\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
GroupPolicyScripts: Restrição <======= ATENÇÃO
HKU\S-1-5-21-3346231069-2863826343-95346800-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.live.com/1rewlive4startup/home
HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.live.com/1rewlive4startup/home
URLSearchHook: HKU\S-1-5-21-3346231069-2863826343-95346800-1001 - (Sem Nome) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Nenhum Arquivo
URLSearchHook: HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Sem Nome) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Nenhum Arquivo
SearchScopes: HKU\S-1-5-21-3346231069-2863826343-95346800-1001 -> {C331E867-FD18-4494-9CDD-05B75F2AA8F4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=VDJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=7C3671B4-287A-4350-AB52-F11D243A61A3&apn_sauid=B98D9FB2-205D-4DF2-B094-07064314D6CB&
SearchScopes: HKU\S-1-5-21-3346231069-2863826343-95346800-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C331E867-FD18-4494-9CDD-05B75F2AA8F4} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=VDJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=7C3671B4-287A-4350-AB52-F11D243A61A3&apn_sauid=B98D9FB2-205D-4DF2-B094-07064314D6CB&
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-09-21] (IObit)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
Toolbar: HKLM-x32 - Sem Nome - {D4027C7F-154A-4066-A1AD-4243D8127440} - Nenhum Arquivo
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => não encontrado (a)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
S3 cpuz137; \??\C:\Users\Lindalva\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
2015-02-27 13:17 - 2014-10-16 11:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-11-25 19:37 - 2015-09-21 10:49 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-25 19:37 - 2015-09-21 10:49 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-25 19:37 - 2015-09-21 10:49 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-01-12 21:52 - 2016-01-12 21:52 - 02870984 _____ (ESET) C:\Users\Lindalva\Downloads\esetsmartinstaller_ptg.exe
2016-01-12 21:52 - 2016-01-12 21:52 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-12 21:12 - 2016-01-12 21:12 - 00002406 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Lindalva
2016-01-12 21:12 - 2016-01-12 21:12 - 00000300 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Lindalva.job
2016-01-12 21:12 - 2016-01-12 21:12 - 00000000 ____D C:\Windows\system32\appmgmt
2016-01-12 21:12 - 2016-01-12 21:12 - 00000000 ____D C:\Users\Lindalva\AppData\LocalLow\AskToolbar
2015-11-25 19:38 - 2015-11-25 19:38 - 00001082 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-11-25 19:38 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-11-25 19:37 - 2015-11-25 19:37 - 00001280 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-11-25 19:37 - 2015-11-25 19:37 - 00001268 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-11-25 19:37 - 2015-11-25 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-11-25 19:36 - 2015-11-25 19:54 - 00002064 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2015-11-25 19:36 - 2015-11-25 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2015-11-04 12:42 - 2015-11-04 12:42 - 00000000 ____D C:\ProgramDataIObit
2016-01-12 22:09 - 2015-06-07 23:09 - 00000290 _____ C:\Windows\Tasks\AutoKMS.job
2016-01-12 21:07 - 2015-02-27 13:17 - 00000000 ____D C:\Program Files (x86)\IObit
2015-01-22 10:46 - 2015-06-18 11:02 - 0005120 _____ () C:\Users\Lindalva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-25 19:54 - 2015-11-25 19:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Task: {070F17D2-ADF4-43E4-BADB-02FAA5C4DBB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {41B781BF-29F2-4CDD-8D93-3E80638D5EE5} - System32\Tasks\Uninstaller_SkipUac_Lindalva => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit)
Task: {44FAB57D-4EF3-433E-889E-DDDD33947E86} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3346231069-2863826343-95346800-1001Core => C:\Users\Lindalva\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-28] (Facebook Inc.)
Task: {788CBB64-C3EE-4433-A54A-E3E6F283447A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3346231069-2863826343-95346800-1001UA => C:\Users\Lindalva\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-28] (Facebook Inc.)
Task: {A903355F-B493-4DB2-AEA1-F444E404BEA6} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C5E58D57-13AC-483B-86B6-54F693E5B309} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
Task: {C6C7DE8A-44AC-48E1-ACC1-F99F1038BBD1} - System32\Tasks\Driver Booster SkipUAC (Lindalva) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-11-24] (IObit)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3346231069-2863826343-95346800-1001Core.job => C:\Users\Lindalva\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3346231069-2863826343-95346800-1001UA.job => C:\Users\Lindalva\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Lindalva.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
FirewallRules: [{8D3C04EE-FBE8-4BCE-9F4F-A4EC9913EB88}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{BC42FB9C-9175-4DD4-BC51-CF2452C3E02D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{8B17F7E2-9F41-486A-815B-21955B9E667A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{CD9EBB85-1C35-4EDF-AF3A-659656B9B782}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{A297145B-9F68-4B92-BE03-C3BBCF366E78}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{D357B399-6E47-4083-81E7-594869D643D0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{C9B7B552-1BB9-4C96-97E1-C19C9C67C95C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5C4D64DB-E947-44AB-9E51-143B8EB876B7}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{19F7D712-F654-47AD-AC81-E301202D4D16}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{10DBFFD7-BDFC-4D0A-8767-FAA718DADDF2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{ABC607A3-7535-44AB-B550-150EF40B9314}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9BDB3891-E0FE-4EF7-B8F2-E29B04A30232}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exeCMD: sfc /scannow
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
Na mensagem,clique Executar.
Poste o relatório! (Fixlog.txt)
/applications/core/interface/imageproxy/imageproxy.php?img=http://r17.imgfast.net/users/1712/29/07/67/smiles/434264.gif&key=8b580fd8c41338fe0925cd84ba4dbbb4293b15fe6a04cbd03d242b4e86624720" alt="434264.gif" />
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
A+
/!\ Boa Noite! prrsilva /!\
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Logo2_zps580bcd78.jpg&key=71530441ef1621c6398a69f0f5fae6f7f5c87897579baf8487ec306c4e109626" alt="AdwCleaner_Logo2_zps580bcd78.jpg" /> > ( ... par Xplode )
Ou daqui: < AdwCleaner >
Ao acessar,clique em "Download Now".
Salve-o no desktop!
< /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" /> >
Desabilite seu antivírus!
Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/BdWSVs5.jpg&key=323c1febecd1acd38ea21637751ba1ae0ef085ccf4cc4ed43008ee45ae374fff" alt="BdWSVs5.jpg" />
Abra a ferramenta e na guia "Opções",assinale todas as Restaurações.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/AdwCleaner_Examinar_zps828ed634.jpg&key=ab3daa6c25adcfd393aa42949dcd0177a1c4f1dba193cc7c9704843f6ef97402" alt="AdwCleaner_Examinar_zps828ed634.jpg" />
Ps: Dê início ao scan,clicando em "Verificar" ou "Examinar".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Limpar_zps06005ae9.jpg&key=e03b122437ba41a51aeb80130d87464e234beda92d71d6cab1205ee84e50d78e" alt="AdwCleaner_Limpar_zps06005ae9.jpg" />
Ao concluir,clique "Limpar" ou "Cleaning" >> Ok >> Ok >> Ok.
Copie o log ou clique "Relatorio".
Poste: < C:\AdwCleaner\AdwCleaner[C1].txt >
Abs!
Boa Noite, Digram
segue relatório.
*** [ Serviços ] ***
*** [ Pastas ] ***
[-] Pasta Excluído : C:\Program Files\kmspico
[-] Pasta Excluído : C:\ProgramData\apn
*** [ Arquivos ] ***
*** [ DLLs ] ***
*** [ Atalhos ] ***
*** [ Tarefas agendadas ] ***
*** [ Registro ] ***
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Chave Excluída : HKCU\Software\APN
[-] Chave Excluída : HKCU\Software\AppDataLow\Software\AskToolbar
*** [ Navegadores ] ***
*************************
:: Chaves "Tracing" excluídas
:: Configurações Proxy restauradas
:: Configurações Winsock restauradas
:: Configurações TCP/IP restauradas
:: Configurações do Firewall restauradas
:: Configurações IPSec restauradas
:: Políticas do Chrome excluídas
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1481 bytes] ##########
/!\ Bom Dia! prrsilva /!\
Baixe: /applications/core/interface/imageproxy/imageproxy.php?img=http://www.en.usbfix.net/wp-content/plugins/wpdm-download-button/images/53442913675ab.png&key=23e89e44ec93bb0919c57246d43d86c3a30782905d11493408697ed05cdcc5e8" alt="53442913675ab.png" />
Salve-a no desktop!
Abra a ferramenta UsbFix >> Clique: Opções
Marque a caixa "Desativar Autorun/AutoPlay". ( Windows XP )
Clique "Aplicar".
Insira,agora,seu pendrive ou unidade externa,infectada ou não-infectada,e na tela principal da ferramenta,clique "Limpar".
Poste o relatório!
A+
Bom Dia, Digram
não estou conseguindo baixar usbfix
/!\ Bom Dia! prrsilva /!\
http://www.fosshub.com/UsbFix.html/UsbFix_2016_8.181.exe
Tente por este link.
A+
/!\ Boa Noite! prrsilva /!\
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/3EI3Yj3.jpg&key=8494962e15a3290f4e8b5a4b1ba3552fa5e86b6c944901a1e5d3c5d626fee6ae" alt="3EI3Yj3.jpg" />Emsisoft Emergency Kit >
Salve-o ao desktop!
Ao concluir o download,execute o setup que baixou.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/Vb8xWJQ.jpg&key=be2571721d7fafc73f169c1e6e1d65d74b31ce56511e4afad426ffdd76d904ab" alt="Vb8xWJQ.jpg" />
Clique em Accept & Extract.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/bGAuITO.jpg&key=6628ecfbcbbb8bcfe2eff92934d0264d786cb5a8fb45e6204b132b30fb8d2ee1" alt="bGAuITO.jpg" />
Será estabelecido o atalho Start Emsisoft Emergency Kit em sua área de trabalho.
Abra-o e clique em (1. Update).
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/7TmcgYi.jpg&key=9f5aa6f8e6f28696fc2a24540005339361ad1459c259e7133ca79f176ff71f07" alt="7TmcgYi.jpg" />
Ao concluir a atualização,clique em (2. Scan).
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/b2zcOlg.jpg&key=e816f1745dac98b966fd7e499d207e0f351f7aa0feb83b01d5f35dbc9eb2f2c2" alt="b2zcOlg.jpg" />
Clique em Custom Scan.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/sOL2kEN.jpg&key=5a9fa9c3100a17b589fa66891b083e08fae5d35fe009ae23d552edefdf17f09a" alt="sOL2kEN.jpg" />
Assinale ou marque estas caixinhas.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/VlsNASY.jpg&key=a2b16642ac64e56a3cc5b5a0b9932f8ae591fabe628d98421007813785e05afc" alt="VlsNASY.jpg" />
Salve esta escolha clicando em Salvar configuração >> Salvar >> Seguinte
Ou clique em Malware Scan,que corresponde à Seguinte.
Configuração do exame:
Tipo de exame: Exame Personalizado
arquivos: Rootkits, Memória, Rastros, C:\
Detect PUPs: Ligado
Análise de arquivos: Ligado
Análise de ADS: Ligado
Extensão de arquivo: Desligado
Caching avançado: Ligado
Acesso direto ao disco: Desligado
Vemos então que foi configurado o Exame Personalizado.
Ps: Em futuros escaneamentos,basta clicar em Abrir configuração >> Abrir.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/uSrVBgs.jpg&key=7641a1780c8d47d517c59930c3ad8fb8a70f806c7bb18a1085e2536868667b90" alt="uSrVBgs.jpg" />
Clique: Enviar marcados à Quarentena >> OK
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/LVbL4cv.jpg&key=f54176caa2f4e2ddcfa36cafd8a758aa67db99b6288aed00912a2b6a2801d0fb" alt="LVbL4cv.jpg" />
Abrir o relatório. (a2scan_<data>-<hora>.txt)
A+
Olá, Dijram
segue relatório do scaneamento
Emsisoft Anti-Malware Free - Versão 10.0
Última atualização 14/01/2016 23:22:13
User account: Windows\Lindalva
Configuração do exame:
Tipo de exame: Exame Personalizado
arquivos: Rootkits, Memória, Rastros, C:\, D:\
Detect PUPs: Ligado
Análise de arquivos: Ligado
Análise de ADS: Ligado
Extensão de arquivo: Desligado
Caching avançado: Ligado
Acesso direto ao disco: Desligado
Início do exame: 14/01/2016 23:29:26
Analisados: 272914
Achado 0
Fim do exame: 15/01/2016 00:30:50
Duração do exame: 1:01:24
/!\ Boa Noite! prrsilva /!\
Veio limpo o relatório! ^_^
Tudo OK?
Abs!
Olá, Dijram
obrigado pela ajuda, posso atualizar para windows 10 e os programas driver booster, advanced system care e iobit unistakker são nocivos.
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
/!\ Boa Tarde! prrsilva /!\
< Farbar Recovery Scan Tool 64-Bit >
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/gVW2tHN.jpg&key=8a4d8a4134e07ee10ae8ae0806be72d8705c19e1c848b05588fb8569bedc9cf4" alt="gVW2tHN.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/EUE4tdb.jpg&key=a1493902e025170e24c1db9b5cbad8c87dbfb6dcd8089f17bcd66f77da7e54c1" alt="EUE4tdb.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acrVh6GY.jpg&key=a98031df11d71116e6fc6fe6586a03c4ab49a7be484751ed5881cb409d37ce42" alt="acrVh6GY.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Copierlelien_zpsd51f499f.jpg&key=660428e74964025a431cba1b51ee2132f7bbee4aaf74172bd3f0a3be25c5b2b1" alt="Copierlelien_zpsd51f499f.jpg" />
A+