Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Creio que meu computodor esteja com virus...
Todo dispositivo de armazenamento q eu coloco nele ele diz que está protegido, seja ele pendrive ou micro SD...
Ja passei anti-virus detectou e excluiu os virus... mas o problema continua...
nao sei oq fazer...
HIJACKTHIS:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:46:32, on 29/11/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Yhasmani B. Cabral\Downloads\free_usb_guard\Free_USB_Guard.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TrayHabil] C:\Program Files (x86)\Koinonia Software\Habil for Windows\TrayHabil.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Free USB Guard] C:\Users\Yhasmani B. Cabral\Downloads\free_usb_guard\Free_USB_Guard.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
O4 - Startup: Samsung Auto Backup Guage.lnk = ?
O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?
O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&nviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: E&nviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\Windows\system32\UTSCSI.EXE
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16343 bytes
Olá Yhasmani
*Baixe o USBFix e salve-o no desktop
*Conecte o pen drive no PC
*Execute o USBFix (Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador)
*Clique [Pesquisa]
*****Cole o relatório apresentado
>
Olá Yhasmani
*Baixe o USBFix e salve-o no desktop
*Conecte o pen drive no PC
*Execute o USBFix (Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador)
*Clique [Pesquisa]
*****Cole o relatório apresentado
Aí está...
Usei o meu cartao de memória pra fazer isso...
############################## | UsbFix V 7.071 | [Pesquisa]
Usuário: Yhasmani B. Cabral (Administrador) # YHASMANI
Atualizado em 30/11/2011 por El Desaparecido
Começou em 14:26:30 | 02/12/2011
Site: http://eldesaparecido.com
Arquivo suspeito ? : http://eldesaparecido.com/support.php
Contato: contact@eldesaparecido.com
PC: Acer (Aspire 5741) (x64-based PC) # Notebook
CPU: Intel® Core i3 CPU M 350 @ 2.27GHz (2266)
RAM -> [ Total : 2807 | Free : 1519 ]
BIOS: InsydeH2O Version V1.15
BOOT: Normal boot
OS: Microsoft Windows 7 Home Basic (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AS: Windows Defender [ Enabled | (!) Outdated ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Disco fixo # 286 Gb (161 Mb livre - 56%) [Acer] # NTFS
D:\ -> CD-ROM
E:\ -> Disco removível # 2 Gb (2 Mb livre - 100%) [] # FAT
################## | Processos Ativos |
C:\Windows\system32\csrss.exe (492)
C:\Windows\system32\wininit.exe (548)
C:\Windows\system32\csrss.exe (580)
C:\Windows\system32\services.exe (616)
C:\Windows\system32\lsass.exe (640)
C:\Windows\system32\lsm.exe (648)
C:\Windows\system32\svchost.exe (748)
C:\Windows\system32\svchost.exe (848)
C:\Windows\System32\svchost.exe (924)
C:\Windows\System32\svchost.exe (968)
C:\Windows\system32\svchost.exe (1000)
C:\Windows\system32\winlogon.exe (300)
C:\Windows\system32\svchost.exe (884)
C:\Windows\system32\svchost.exe (1040)
C:\Windows\system32\WLANExt.exe (1148)
C:\Windows\system32\conhost.exe (1156)
C:\Windows\System32\spoolsv.exe (1336)
C:\Windows\system32\svchost.exe (1416)
C:\Windows\system32\taskhost.exe (1452)
C:\Windows\system32\Dwm.exe (1624)
C:\Windows\Explorer.EXE (1652)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (1820)
C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1864)
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (1872)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (1968)
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (1980)
C:\Windows\System32\hkcmd.exe (2000)
C:\Windows\System32\igfxpers.exe (2040)
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (1664)
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1232)
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1172)
C:\Windows\SysWOW64\svchost.exe (1252)
C:\Windows\SysWOW64\srvany.exe (2072)
C:\Windows\kmsem\KMService.exe (2096)
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (2104)
C:\Windows\system32\conhost.exe (2112)
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (2292)
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (2320)
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (2380)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2404)
C:\Program Files (x86)\RocketDock\RocketDock.exe (2424)
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (2440)
C:\Windows\System32\spool\drivers\x64\3\E_IATIGEB.EXE (2548)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (2584)
C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (2668)
C:\Windows\System32\svchost.exe (2732)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2876)
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (2900)
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (2236)
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (1392)
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (2248)
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (1920)
C:\Windows\System32\svchost.exe (1124)
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (2752)
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (1484)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (3016)
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2092)
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (1696)
C:\Windows\system32\svchost.exe (2836)
C:\Program Files\Acer\Acer Updater\UpdaterService.exe (3204)
C:\Windows\SysWOW64\UTSCSI.EXE (3232)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3260)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3440)
C:\Program Files (x86)\Launch Manager\LManager.exe (3488)
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (3652)
C:\Windows\system32\igfxext.exe (3712)
C:\Windows\system32\igfxsrvc.exe (3744)
C:\Windows\system32\wbem\unsecapp.exe (3792)
C:\Windows\system32\wbem\wmiprvse.exe (3856)
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (3924)
C:\Program Files (x86)\Launch Manager\LMworker.exe (4000)
**C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4028)**
**C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (4036)**C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4068)
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (4092)
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (3968)
C:\Windows\system32\SearchIndexer.exe (4144)
C:\Windows\system32\svchost.exe (4256)
C:\Windows\system32\svchost.exe (4336)
C:\Windows\system32\WUDFHost.exe (4488)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4680)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (4892)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (5008)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (5052)
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (840)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4832)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (116)
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (4652)
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4208)
C:\Windows\System32\svchost.exe (2648)
C:\Windows\system32\wuauclt.exe (3864)
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (3952)
C:\Windows\system32\wbem\wmiprvse.exe (5080)
C:\Windows\system32\SearchProtocolHost.exe (3476)
C:\Windows\system32\SearchFilterHost.exe (4932)
C:\UsbFix\UsbFix.exe (1424)
################## | Ficheiros # pastas infeciosos |
Presente ! C:\Users\YHASMA~1.CAB\AppData\Local\Temp\AutoRun.exe
Presente ! D:\SETUP.EXE
Presente ! D:\Autorun.inf
################## | Registro |
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\F
Shell\AutoRun\Command = F:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{03878bde-b894-11e0-9dfe-4c0f6e1bd13e}
Shell\AutoRun\Command = F:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{03878be1-b894-11e0-9dfe-4c0f6e1bd13e}
Shell\AutoRun\Command = F:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{17667ecd-4be2-11e0-acbe-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{30e879a5-540e-11e0-ae8a-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{46b292f1-9dee-11e0-a734-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{46b292f7-9dee-11e0-a734-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{46b292fb-9dee-11e0-a734-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{4dec73fa-1ae5-11e1-bfaa-4c0f6e1bd13e}
Shell\AutoRun\Command = F:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{5f98558e-5171-11e0-9261-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{65b57c71-1568-11e1-8788-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{65b57c80-1568-11e1-8788-4c0f6e1bd13e}
Shell\AutoRun\Command = F:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{6f0cf8b9-4e64-11e0-85d4-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{6f0cf8be-4e64-11e0-85d4-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{b816425f-9ecf-11e0-80c4-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{e444fef7-b6d9-11e0-ad4a-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{e444fefb-b6d9-11e0-ad4a-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{e5c4e775-b645-11e0-9e2f-4c0f6e1bd13e}
Shell\AutoRun\Command = E:\AutoRun.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{fd8025e7-9d90-11e0-850d-4c0f6e1bd13e}
Shell\AutoRun\Command = F:\setup.exe AUTORUN=1
HKCU\.\.\.\.\Explorer\MountPoints2\{fdc45e91-f7be-11df-8e53-806e6f6e6963}
Shell\AutoRun\Command = D:\SETUP.EXE
################## | Vaccin |
(!) Este computador não é vacinada!
################## | E.O.F |
*Mantenha conectado o cartão, execute o UsbFix e clique [supressão]
*Ao finalizar, desconecte o cartão e cole o relatório apresentado
>
*Mantenha conectado o cartão, execute o UsbFix e clique [supressão]
*Ao finalizar, desconecte o cartão e cole o relatório apresentado
Ai está.
vlw
############################## | UsbFix V 7.071 | [supressão]
Usuário: Yhasmani B. Cabral (Administrador) # YHASMANI
Atualizado em 30/11/2011 por El Desaparecido
Começou em 15:45:17 | 02/12/2011
Site: http://eldesaparecido.com
Arquivo suspeito ? : http://eldesaparecido.com/support.php
Contato: contact@eldesaparecido.com
PC: Acer (Aspire 5741) (x64-based PC) # Notebook
CPU: Intel® Core i3 CPU M 350 @ 2.27GHz (2266)
RAM -> [ Total : 2807 | Free : 1648 ]
BIOS: InsydeH2O Version V1.15
BOOT: Normal boot
OS: Microsoft Windows 7 Home Basic (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385
SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
AS: Windows Defender [ Enabled | (!) Outdated ]
FW: Windows FireWall Service [ Enabled ]
C:\ (%systemdrive%) -> Disco fixo # 286 Gb (160 Mb livre - 56%) [Acer] # NTFS
D:\ -> CD-ROM
E:\ -> Disco removível # 2 Gb (2 Mb livre - 100%) [] # FAT
################## | Processos Ativos |
C:\Windows\system32\csrss.exe (484)
C:\Windows\system32\wininit.exe (540)
C:\Windows\system32\csrss.exe (572)
C:\Windows\system32\services.exe (608)
C:\Windows\system32\lsass.exe (636)
C:\Windows\system32\lsm.exe (644)
C:\Windows\system32\svchost.exe (744)
C:\Windows\system32\svchost.exe (828)
C:\Windows\System32\svchost.exe (892)
C:\Windows\System32\svchost.exe (928)
C:\Windows\system32\svchost.exe (964)
C:\Windows\system32\winlogon.exe (128)
C:\Windows\system32\svchost.exe (764)
C:\Windows\system32\svchost.exe (384)
C:\Windows\system32\WLANExt.exe (1120)
C:\Windows\system32\conhost.exe (1128)
C:\Windows\System32\spoolsv.exe (1308)
C:\Windows\system32\svchost.exe (1376)
C:\Windows\system32\taskhost.exe (1436)
C:\Windows\system32\Dwm.exe (1612)
C:\Windows\Explorer.EXE (1644)
C:\Windows\system32\taskeng.exe (1736)
C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1744)
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1868)
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1896)
C:\Windows\SysWOW64\svchost.exe (1920)
C:\Windows\SysWOW64\srvany.exe (1944)
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1968)
C:\Windows\kmsem\KMService.exe (1976)
C:\Windows\system32\conhost.exe (1988)
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (2036)
C:\Windows\System32\svchost.exe (1572)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2016)
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (1356)
C:\Windows\System32\svchost.exe (1552)
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (1700)
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2088)
C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (2100)
C:\Windows\system32\svchost.exe (2144)
C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2212)
C:\Windows\SysWOW64\UTSCSI.EXE (2268)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2296)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2408)
C:\Windows\system32\svchost.exe (2840)
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3036)
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (3044)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3060)
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (2056)
C:\Windows\System32\hkcmd.exe (1664)
C:\Windows\system32\igfxsrvc.exe (2808)
C:\Windows\System32\igfxpers.exe (2904)
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (3188)
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (3224)
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (3260)
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (3272)
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3292)
C:\Program Files (x86)\RocketDock\RocketDock.exe (3352)
C:\Windows\system32\igfxext.exe (3388)
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (3440)
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (3492)
C:\Windows\system32\SearchIndexer.exe (3536)
C:\Windows\System32\spool\drivers\x64\3\E_IATIGEB.EXE (3600)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (3816)
C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (3828)
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (3840)
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (3876)
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (3884)
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (3944)
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (4064)
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe (4076)
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (3144)
C:\Program Files (x86)\Launch Manager\LManager.exe (3256)
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (3636)
C:\Program Files (x86)\Launch Manager\LMworker.exe (3976)
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3100)
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (1092)C:\Windows\system32\svchost.exe (4148)
C:\Windows\system32\wbem\unsecapp.exe (4232)
C:\Windows\system32\wbem\wmiprvse.exe (4388)
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4504)
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (4772)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4840)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (5084)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (4492)
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (2924)
C:\Windows\system32\wbem\wmiprvse.exe (1264)
C:\Windows\system32\WUDFHost.exe (4708)
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (3344)
C:\Windows\system32\sppsvc.exe (2616)
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4728)
C:\Windows\System32\svchost.exe (1044)
C:\UsbFix\UsbFix.exe (4928)
################## | Processos parados |
Parado! C:\Windows\system32\WLANExt.exe (1120)
Parado! C:\Windows\System32\spoolsv.exe (1308)
Parado! C:\Windows\system32\taskhost.exe (1436)
Parado! C:\Windows\system32\taskeng.exe (1736)
Parado! C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1744)
Parado! C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1868)
Parado! C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1896)
Parado! C:\Windows\SysWOW64\srvany.exe (1944)
Parado! C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1968)
Parado! C:\Windows\kmsem\KMService.exe (1976)
Parado! C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (2036)
Parado! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2016)
Parado! C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (1356)
Parado! C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (1700)
Parado! C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2088)
Parado! C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (2100)
Parado! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2212)
Parado! C:\Windows\SysWOW64\UTSCSI.EXE (2268)
Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2296)
Parado! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3036)
Parado! C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (3044)
Parado! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3060)
Parado! C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (2056)
Parado! C:\Windows\System32\hkcmd.exe (1664)
Parado! C:\Windows\system32\igfxsrvc.exe (2808)
Parado! C:\Windows\System32\igfxpers.exe (2904)
Parado! C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (3188)
Parado! C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (3224)
Parado! C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (3260)
Parado! C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (3272)
Parado! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3292)
Parado! C:\Program Files (x86)\RocketDock\RocketDock.exe (3352)
Parado! C:\Windows\system32\igfxext.exe (3388)
Parado! C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (3440)
Parado! C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (3492)
Parado! C:\Windows\system32\SearchIndexer.exe (3536)
Parado! C:\Windows\System32\spool\drivers\x64\3\E_IATIGEB.EXE (3600)
Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (3816)
Parado! C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (3828)
Parado! C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (3840)
Parado! C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (3876)
Parado! C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (3884)
Parado! C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (3944)
Parado! C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (4064)
Parado! C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe (4076)
Parado! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (3144)
Parado! C:\Program Files (x86)\Launch Manager\LManager.exe (3256)
Parado! C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (3636)
Parado! C:\Program Files (x86)\Launch Manager\LMworker.exe (3976)
Parado! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3100)
Parado! C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (1092)Parado! C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4504)
Parado! C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (4772)
Parado! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4840)
Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (5084)
Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (4492)
Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (2924)
Parado! C:\Windows\system32\WUDFHost.exe (4708)
Parado! C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (3344)
Parado! C:\Windows\system32\sppsvc.exe (2616)
Parado! C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4728)
################## | Ficheiros # pastas infeciosos |
Supprimido ! C:\Users\YHASMA~1.CAB\AppData\Local\Temp\AutoRun.exe
Não supprimido ! D:\SETUP.EXE
Supprimido ! C:\$RECYCLE.BIN\S-1-5-21-1281968239-2957193764-4082081314-500
Supprimido ! C:\$RECYCLE.BIN\S-1-5-21-4053060368-4000511306-1264876465-1000
Supprimido ! C:\$RECYCLE.BIN\S-1-5-21-4053060368-4000511306-1264876465-500
Não supprimido ! D:\Autorun.inf
(!) Ficheiros temporários suprimido.
################## | Registro |
################## | Mountpoints2 |
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\F
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{03878bde-b894-11e0-9dfe-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{17667ecd-4be2-11e0-acbe-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{30e879a5-540e-11e0-ae8a-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{46b292f1-9dee-11e0-a734-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{46b292fb-9dee-11e0-a734-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{5f98558e-5171-11e0-9261-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{65b57c80-1568-11e1-8788-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{6f0cf8b9-4e64-11e0-85d4-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{b816425f-9ecf-11e0-80c4-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{e444fef7-b6d9-11e0-ad4a-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{e5c4e775-b645-11e0-9e2f-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{fd8025e7-9d90-11e0-850d-4c0f6e1bd13e}
Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{fdc45e91-f7be-11df-8e53-806e6f6e6963}
################## | Listing |
[02/12/2011 - 15:52:28 | SHD ] C:\$Recycle.Bin
[13/04/2011 - 18:56:25 | D ] C:\620aa57fa324c7765c98e4
[09/03/2011 - 20:55:29 | D ] C:\Arquivos de Programas
[01/04/2011 - 08:49:37 | D ] C:\audiences
[24/11/2010 - 09:42:28 | D ] C:\book
[20/09/2010 - 01:02:10 | N | 8192] C:\BOOTSECT.BAK
[06/05/2011 - 10:44:10 | D ] C:\Ciaf-701
[06/06/2011 - 21:41:33 | D ] C:\CM60S
[01/04/2011 - 08:49:37 | D ] C:\codecs
[01/04/2011 - 08:49:37 | D ] C:\common
[02/12/2011 - 00:44:44 | D ] C:\Config.Msi
[14/07/2009 - 03:08:56 | SHD ] C:\Documents and Settings
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 09:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 09:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 09:00:40 | N | 17734] C:\eula.3082.txt
[07/11/2007 - 09:00:40 | N | 1110] C:\globdata.ini
[06/04/2004 - 01:02:00 | N | 188482] C:\helixprodctrl.dll
[02/12/2011 - 15:42:36 | ASH | 2207285248] C:\hiberfil.sys
[29/11/2011 - 14:40:31 | N | 388608] C:\HiJackThis.exe
[29/11/2011 - 14:46:32 | N | 16345] C:\hijackthis.log
[17/09/2011 - 14:55:57 | D ] C:\Install
[07/11/2007 - 09:44:20 | N | 855040] C:\install.exe
[07/11/2007 - 09:00:40 | N | 843] C:\install.ini
[07/11/2007 - 09:44:20 | N | 75280] C:\install.res.1028.dll
[07/11/2007 - 09:44:20 | N | 95248] C:\install.res.1031.dll
[07/11/2007 - 09:44:20 | N | 90128] C:\install.res.1033.dll
[07/11/2007 - 09:44:20 | N | 96272] C:\install.res.1036.dll
[07/11/2007 - 09:44:20 | N | 94224] C:\install.res.1040.dll
[07/11/2007 - 09:44:20 | N | 80400] C:\install.res.1041.dll
[07/11/2007 - 09:44:20 | N | 78864] C:\install.res.1042.dll
[07/11/2007 - 09:44:20 | N | 74768] C:\install.res.2052.dll
[07/11/2007 - 09:44:20 | N | 95248] C:\install.res.3082.dll
[24/11/2010 - 09:38:08 | D ] C:\Intel
[28/03/2011 - 14:23:47 | RHD ] C:\MSOCache
[09/03/2011 - 20:57:00 | D ] C:\OEM
[16/07/2011 - 19:27:44 | D ] C:\OtsLabs
[02/12/2011 - 15:42:51 | ASH | 2943049728] C:\pagefile.sys
[14/07/2009 - 01:20:08 | D ] C:\PerfLogs
[01/04/2011 - 08:49:37 | D ] C:\plugins
[06/12/2002 - 15:02:00 | N | 272896] C:\pncrt.dll
[02/12/2011 - 00:42:56 | D ] C:\Program Files
[02/12/2011 - 00:43:18 | D ] C:\Program Files (x86)
[02/12/2011 - 00:44:06 | HD ] C:\ProgramData
[09/03/2011 - 20:55:30 | SHD ] C:\Recovery
[20/09/2010 - 00:28:16 | N | 3352] C:\RHDSetup.log
[02/12/2011 - 00:44:56 | SHD ] C:\System Volume Information
[01/04/2011 - 08:49:37 | D ] C:\tools
[01/04/2011 - 08:49:37 | N | 4760] C:\unins000.dat
[28/11/2003 - 05:00:00 | N | 75922] C:\unins000.exe
[12/08/2011 - 15:27:21 | D ] C:\UniScan
[02/12/2011 - 15:52:28 | D ] C:\UsbFix
[02/12/2011 - 15:45:42 | A | 15245] C:\UsbFix.txt
[16/04/2011 - 13:06:21 | D ] C:\Users
[07/11/2007 - 09:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 09:50:40 | N | 1927956] C:\VC_RED.cab
[07/11/2007 - 09:53:12 | N | 242176] C:\VC_RED.MSI
[14/09/2011 - 15:48:52 | D ] C:\W7P_Backups
[02/12/2011 - 00:42:33 | D ] C:\Windows
[17/01/2009 - 16:58:36 | RH | 41] D:\Autorun.inf
[04/01/2009 - 04:49:28 | RH | 295606] D:\CDROM.ICO
[25/01/2010 - 00:47:38 | D ] D:\Common
[11/03/2009 - 04:01:32 | RH | 99840] D:\EPDEVLST.EXE
[19/01/2010 - 07:36:02 | RH | 66] D:\EPDEVLST.INI
[25/01/2010 - 08:22:04 | RH | 6730124] D:\Epson.exe
[25/01/2010 - 00:47:42 | D ] D:\Espanol
[21/01/2010 - 07:49:50 | RH | 1197] D:\lingo.ini
[25/01/2010 - 00:47:42 | D ] D:\Portugues
[04/01/2009 - 02:17:24 | R | 377648] D:\Setup.exe
[25/01/2010 - 00:47:46 | HD ] D:\xtras
################## | Vaccin |
C:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
################## | Upload |
Favor enviar o arquivo: C:\UsbFix_Upload_Me_YHASMANI.zip
http://eldesaparecido.com/upload.htmlp
Obrigado pela sua contribuição.
################## | Reboot |
(!) O computador não foi reiniciado!
################## | E.O.F |
1.
*Reinicie o PC
2.
*Execute o UsbFix e clique [uninstall]
3.
*Baixe o MKV e salve-o no desktop
Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar: /applications/core/interface/imageproxy/imageproxy.php?img=http://img256.imageshack.us/img256/2499/adminexec.png&key=12ed210b6a57b0c741bb51c43ab53e2f642ca39d3acaa3744a90d29279b3660a" alt="adminexec.png" />
*Conecte o cartão no PC e execute o MKV
*Clique [supprimer la vaccination]
*Reinicie o PC
4.O procedimento abaixo deve ser feito primeiramente sem o cartão conectado!
*Baixe o USB WriteProtector e salve-o no desktop
*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador
*Selecione a linguagem para Portuguese
*Selecione a opção Proteção de escrita USB - Inactiva
/applications/core/interface/imageproxy/imageproxy.php?img=http://img254.imageshack.us/img254/8056/usbq.png&key=eb0854bb4f38a6c846eda37fb00b559e7799e242b0309979ffb69507cc6c12cc" alt="usbq.png" />
*Conecte o cartão e informe.
>
1.
*Reinicie o PC
2.
*Execute o UsbFix e clique [uninstall]
3.
*Baixe o MKV e salve-o no desktop
Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar: /applications/core/interface/imageproxy/imageproxy.php?img=http://img256.imageshack.us/img256/2499/adminexec.png&key=12ed210b6a57b0c741bb51c43ab53e2f642ca39d3acaa3744a90d29279b3660a" alt="adminexec.png" />
*Conecte o cartão no PC e execute o MKV
*Clique [supprimer la vaccination]
*Reinicie o PC
4.O procedimento abaixo deve ser feito primeiramente sem o cartão conectado!
*Baixe o USB WriteProtector e salve-o no desktop
*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador
*Selecione a linguagem para Portuguese
*Selecione a opção Proteção de escrita USB - Inactiva
/applications/core/interface/imageproxy/imageproxy.php?img=http://img254.imageshack.us/img254/8056/usbq.png&key=eb0854bb4f38a6c846eda37fb00b559e7799e242b0309979ffb69507cc6c12cc" alt="usbq.png" />
*Conecte o cartão e informe.
Fiz oq foi pedido e nada aconteceu...
Meu pc continua com esse bloqueio...
:/
Há um tópico aqui no fórum. Veja se resolve. Este problema não tem relação com malwares.
http://forum.imasters.com.br/topic/323340-pen-drive-protegido-contra-gravacao/
Ou dê uma olhada neste link:
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Olá...
Uso o w7 e a algum tempo meu pc começou a nao aceitar nenhuma gravação em nenhum dispositivo de memória...
Testei vários, mas nenhum funcionou.
Estou achando que seja virus.
Se alguem puder me ajudar, ficarei mt agradecido...
obrigado
Yhasmani