[Resolvido] &nbspDispositivo removivel protegido contra gravação

[Yhasmani 0]

Creio que meu computodor esteja com virus...

Todo dispositivo de armazenamento q eu coloco nele ele diz que está protegido, seja ele pendrive ou micro SD...

Ja passei anti-virus detectou e excluiu os virus... mas o problema continua...

nao sei oq fazer...

 

HIJACKTHIS:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:46:32, on 29/11/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16766)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Users\Yhasmani B. Cabral\Downloads\free_usb_guard\Free_USB_Guard.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [TrayHabil] C:\Program Files (x86)\Koinonia Software\Habil for Windows\TrayHabil.exe

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [Free USB Guard] C:\Users\Yhasmani B. Cabral\Downloads\free_usb_guard\Free_USB_Guard.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Startup: Microsoft SharePoint Workspace.lnk = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

O4 - Startup: Samsung Auto Backup Guage.lnk = ?

O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?

O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&nviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: E&nviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\Windows\system32\UTSCSI.EXE

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 16343 bytes

[Yhasmani 0]

Olá...

 

Uso o w7 e a algum tempo meu pc começou a nao aceitar nenhuma gravação em nenhum dispositivo de memória...

Testei vários, mas nenhum funcionou.

Estou achando que seja virus.

Se alguem puder me ajudar, ficarei mt agradecido...

obrigado

Yhasmani

[wings 22]

Olá Yhasmani

 

 

*Baixe o USBFix e salve-o no desktop

 

*Conecte o pen drive no PC

*Execute o USBFix (Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador)

*Clique [Pesquisa]

*Cole o relatório apresentado

[Yhasmani 0]

Olá Yhasmani

 

 

*Baixe o USBFix e salve-o no desktop

 

*Conecte o pen drive no PC

*Execute o USBFix (Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador)

*Clique [Pesquisa]

*Cole o relatório apresentado

 

Aí está...

Usei o meu cartao de memória pra fazer isso...

 

############################## | UsbFix V 7.071 | [Pesquisa]

 

Usuário: Yhasmani B. Cabral (Administrador) # YHASMANI

Atualizado em 30/11/2011 por El Desaparecido

Começou em 14:26:30 | 02/12/2011

 

Site: http://eldesaparecido.com

Arquivo suspeito ? : http://eldesaparecido.com/support.php

Contato: contact@eldesaparecido.com

 

PC: Acer (Aspire 5741) (x64-based PC) # Notebook

CPU: Intel® Core i3 CPU M 350 @ 2.27GHz (2266)

RAM -> [ Total : 2807 | Free : 1519 ]

BIOS: InsydeH2O Version V1.15

BOOT: Normal boot

 

OS: Microsoft Windows 7 Home Basic (6.1.7600 64-Bit) #

WB: Windows Internet Explorer 8.0.7600.16385

 

SC: Security Center Service [ Enabled ]

WU: Windows Update Service [ Enabled ]

AS: Windows Defender [ Enabled | (!) Outdated ]

FW: Windows FireWall Service [ Enabled ]

 

C:\ (%systemdrive%) -> Disco fixo # 286 Gb (161 Mb livre - 56%) [Acer] # NTFS

D:\ -> CD-ROM

E:\ -> Disco removível # 2 Gb (2 Mb livre - 100%) [] # FAT

 

################## | Processos Ativos |

 

C:\Windows\system32\csrss.exe (492)

C:\Windows\system32\wininit.exe (548)

C:\Windows\system32\csrss.exe (580)

C:\Windows\system32\services.exe (616)

C:\Windows\system32\lsass.exe (640)

C:\Windows\system32\lsm.exe (648)

C:\Windows\system32\svchost.exe (748)

C:\Windows\system32\svchost.exe (848)

C:\Windows\System32\svchost.exe (924)

C:\Windows\System32\svchost.exe (968)

C:\Windows\system32\svchost.exe (1000)

C:\Windows\system32\winlogon.exe (300)

C:\Windows\system32\svchost.exe (884)

C:\Windows\system32\svchost.exe (1040)

C:\Windows\system32\WLANExt.exe (1148)

C:\Windows\system32\conhost.exe (1156)

C:\Windows\System32\spoolsv.exe (1336)

C:\Windows\system32\svchost.exe (1416)

C:\Windows\system32\taskhost.exe (1452)

C:\Windows\system32\Dwm.exe (1624)

C:\Windows\Explorer.EXE (1652)

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (1820)

C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1864)

C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (1872)

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (1968)

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (1980)

C:\Windows\System32\hkcmd.exe (2000)

C:\Windows\System32\igfxpers.exe (2040)

C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (1664)

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1232)

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1172)

C:\Windows\SysWOW64\svchost.exe (1252)

C:\Windows\SysWOW64\srvany.exe (2072)

C:\Windows\kmsem\KMService.exe (2096)

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (2104)

C:\Windows\system32\conhost.exe (2112)

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (2292)

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (2320)

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (2380)

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2404)

C:\Program Files (x86)\RocketDock\RocketDock.exe (2424)

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (2440)

C:\Windows\System32\spool\drivers\x64\3\E_IATIGEB.EXE (2548)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (2584)

C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (2668)

C:\Windows\System32\svchost.exe (2732)

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2876)

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (2900)

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (2236)

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (1392)

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (2248)

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (1920)

C:\Windows\System32\svchost.exe (1124)

C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (2752)

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (1484)

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (3016)

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2092)

C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (1696)

C:\Windows\system32\svchost.exe (2836)

C:\Program Files\Acer\Acer Updater\UpdaterService.exe (3204)

C:\Windows\SysWOW64\UTSCSI.EXE (3232)

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3260)

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3440)

C:\Program Files (x86)\Launch Manager\LManager.exe (3488)

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (3652)

C:\Windows\system32\igfxext.exe (3712)

C:\Windows\system32\igfxsrvc.exe (3744)

C:\Windows\system32\wbem\unsecapp.exe (3792)

C:\Windows\system32\wbem\wmiprvse.exe (3856)

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (3924)

C:\Program Files (x86)\Launch Manager\LMworker.exe (4000)

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4028)

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (4036)

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4068)

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (4092)

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (3968)

C:\Windows\system32\SearchIndexer.exe (4144)

C:\Windows\system32\svchost.exe (4256)

C:\Windows\system32\svchost.exe (4336)

C:\Windows\system32\WUDFHost.exe (4488)

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4680)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (4892)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (5008)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (5052)

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (840)

C:\Program Files (x86)\Mozilla Firefox\firefox.exe (4832)

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (116)

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (4652)

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4208)

C:\Windows\System32\svchost.exe (2648)

C:\Windows\system32\wuauclt.exe (3864)

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (3952)

C:\Windows\system32\wbem\wmiprvse.exe (5080)

C:\Windows\system32\SearchProtocolHost.exe (3476)

C:\Windows\system32\SearchFilterHost.exe (4932)

C:\UsbFix\UsbFix.exe (1424)

 

################## | Ficheiros # pastas infeciosos |

 

Presente ! C:\Users\YHASMA~1.CAB\AppData\Local\Temp\AutoRun.exe

Presente ! D:\SETUP.EXE

Presente ! D:\Autorun.inf

 

################## | Registro |

 

 

################## | Mountpoints2 |

 

HKCU\.\.\.\.\Explorer\MountPoints2\F

Shell\AutoRun\Command = F:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{03878bde-b894-11e0-9dfe-4c0f6e1bd13e}

Shell\AutoRun\Command = F:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{03878be1-b894-11e0-9dfe-4c0f6e1bd13e}

Shell\AutoRun\Command = F:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{17667ecd-4be2-11e0-acbe-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{30e879a5-540e-11e0-ae8a-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{46b292f1-9dee-11e0-a734-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{46b292f7-9dee-11e0-a734-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{46b292fb-9dee-11e0-a734-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{4dec73fa-1ae5-11e1-bfaa-4c0f6e1bd13e}

Shell\AutoRun\Command = F:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{5f98558e-5171-11e0-9261-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{65b57c71-1568-11e1-8788-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{65b57c80-1568-11e1-8788-4c0f6e1bd13e}

Shell\AutoRun\Command = F:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{6f0cf8b9-4e64-11e0-85d4-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{6f0cf8be-4e64-11e0-85d4-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{b816425f-9ecf-11e0-80c4-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{e444fef7-b6d9-11e0-ad4a-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{e444fefb-b6d9-11e0-ad4a-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{e5c4e775-b645-11e0-9e2f-4c0f6e1bd13e}

Shell\AutoRun\Command = E:\AutoRun.exe

 

HKCU\.\.\.\.\Explorer\MountPoints2\{fd8025e7-9d90-11e0-850d-4c0f6e1bd13e}

Shell\AutoRun\Command = F:\setup.exe AUTORUN=1

 

HKCU\.\.\.\.\Explorer\MountPoints2\{fdc45e91-f7be-11df-8e53-806e6f6e6963}

Shell\AutoRun\Command = D:\SETUP.EXE

 

 

 

################## | Vaccin |

 

(!) Este computador não é vacinada!

 

################## | E.O.F |

[wings 22]

*Mantenha conectado o cartão, execute o UsbFix e clique [supressão]

*Ao finalizar, desconecte o cartão e cole o relatório apresentado

[Yhasmani 0]

*Mantenha conectado o cartão, execute o UsbFix e clique [supressão]

*Ao finalizar, desconecte o cartão e cole o relatório apresentado

 

Ai está.

vlw

############################## | UsbFix V 7.071 | [supressão]

 

Usuário: Yhasmani B. Cabral (Administrador) # YHASMANI

Atualizado em 30/11/2011 por El Desaparecido

Começou em 15:45:17 | 02/12/2011

 

Site: http://eldesaparecido.com

Arquivo suspeito ? : http://eldesaparecido.com/support.php

Contato: contact@eldesaparecido.com

 

PC: Acer (Aspire 5741) (x64-based PC) # Notebook

CPU: Intel® Core i3 CPU M 350 @ 2.27GHz (2266)

RAM -> [ Total : 2807 | Free : 1648 ]

BIOS: InsydeH2O Version V1.15

BOOT: Normal boot

 

OS: Microsoft Windows 7 Home Basic (6.1.7600 64-Bit) #

WB: Windows Internet Explorer 8.0.7600.16385

 

SC: Security Center Service [ Enabled ]

WU: Windows Update Service [ Enabled ]

AS: Windows Defender [ Enabled | (!) Outdated ]

FW: Windows FireWall Service [ Enabled ]

 

C:\ (%systemdrive%) -> Disco fixo # 286 Gb (160 Mb livre - 56%) [Acer] # NTFS

D:\ -> CD-ROM

E:\ -> Disco removível # 2 Gb (2 Mb livre - 100%) [] # FAT

 

################## | Processos Ativos |

 

C:\Windows\system32\csrss.exe (484)

C:\Windows\system32\wininit.exe (540)

C:\Windows\system32\csrss.exe (572)

C:\Windows\system32\services.exe (608)

C:\Windows\system32\lsass.exe (636)

C:\Windows\system32\lsm.exe (644)

C:\Windows\system32\svchost.exe (744)

C:\Windows\system32\svchost.exe (828)

C:\Windows\System32\svchost.exe (892)

C:\Windows\System32\svchost.exe (928)

C:\Windows\system32\svchost.exe (964)

C:\Windows\system32\winlogon.exe (128)

C:\Windows\system32\svchost.exe (764)

C:\Windows\system32\svchost.exe (384)

C:\Windows\system32\WLANExt.exe (1120)

C:\Windows\system32\conhost.exe (1128)

C:\Windows\System32\spoolsv.exe (1308)

C:\Windows\system32\svchost.exe (1376)

C:\Windows\system32\taskhost.exe (1436)

C:\Windows\system32\Dwm.exe (1612)

C:\Windows\Explorer.EXE (1644)

C:\Windows\system32\taskeng.exe (1736)

C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1744)

C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1868)

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1896)

C:\Windows\SysWOW64\svchost.exe (1920)

C:\Windows\SysWOW64\srvany.exe (1944)

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1968)

C:\Windows\kmsem\KMService.exe (1976)

C:\Windows\system32\conhost.exe (1988)

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (2036)

C:\Windows\System32\svchost.exe (1572)

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2016)

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (1356)

C:\Windows\System32\svchost.exe (1552)

C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (1700)

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2088)

C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (2100)

C:\Windows\system32\svchost.exe (2144)

C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2212)

C:\Windows\SysWOW64\UTSCSI.EXE (2268)

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2296)

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2408)

C:\Windows\system32\svchost.exe (2840)

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3036)

C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (3044)

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3060)

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (2056)

C:\Windows\System32\hkcmd.exe (1664)

C:\Windows\system32\igfxsrvc.exe (2808)

C:\Windows\System32\igfxpers.exe (2904)

C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (3188)

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (3224)

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (3260)

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (3272)

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3292)

C:\Program Files (x86)\RocketDock\RocketDock.exe (3352)

C:\Windows\system32\igfxext.exe (3388)

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (3440)

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (3492)

C:\Windows\system32\SearchIndexer.exe (3536)

C:\Windows\System32\spool\drivers\x64\3\E_IATIGEB.EXE (3600)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (3816)

C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (3828)

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (3840)

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (3876)

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (3884)

C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (3944)

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (4064)

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe (4076)

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (3144)

C:\Program Files (x86)\Launch Manager\LManager.exe (3256)

C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (3636)

C:\Program Files (x86)\Launch Manager\LMworker.exe (3976)

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3100)

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (1092)

C:\Windows\system32\svchost.exe (4148)

C:\Windows\system32\wbem\unsecapp.exe (4232)

C:\Windows\system32\wbem\wmiprvse.exe (4388)

C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4504)

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (4772)

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4840)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (5084)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (4492)

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (2924)

C:\Windows\system32\wbem\wmiprvse.exe (1264)

C:\Windows\system32\WUDFHost.exe (4708)

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (3344)

C:\Windows\system32\sppsvc.exe (2616)

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4728)

C:\Windows\System32\svchost.exe (1044)

C:\UsbFix\UsbFix.exe (4928)

 

################## | Processos parados |

 

Parado! C:\Windows\system32\WLANExt.exe (1120)

Parado! C:\Windows\System32\spoolsv.exe (1308)

Parado! C:\Windows\system32\taskhost.exe (1436)

Parado! C:\Windows\system32\taskeng.exe (1736)

Parado! C:\Program Files (x86)\Launch Manager\dsiwmis.exe (1744)

Parado! C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (1868)

Parado! C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (1896)

Parado! C:\Windows\SysWOW64\srvany.exe (1944)

Parado! C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1968)

Parado! C:\Windows\kmsem\KMService.exe (1976)

Parado! C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (2036)

Parado! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (2016)

Parado! C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (1356)

Parado! C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (1700)

Parado! C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2088)

Parado! C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (2100)

Parado! C:\Program Files\Acer\Acer Updater\UpdaterService.exe (2212)

Parado! C:\Windows\SysWOW64\UTSCSI.EXE (2268)

Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2296)

Parado! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3036)

Parado! C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (3044)

Parado! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3060)

Parado! C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (2056)

Parado! C:\Windows\System32\hkcmd.exe (1664)

Parado! C:\Windows\system32\igfxsrvc.exe (2808)

Parado! C:\Windows\System32\igfxpers.exe (2904)

Parado! C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (3188)

Parado! C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (3224)

Parado! C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (3260)

Parado! C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (3272)

Parado! C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (3292)

Parado! C:\Program Files (x86)\RocketDock\RocketDock.exe (3352)

Parado! C:\Windows\system32\igfxext.exe (3388)

Parado! C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (3440)

Parado! C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (3492)

Parado! C:\Windows\system32\SearchIndexer.exe (3536)

Parado! C:\Windows\System32\spool\drivers\x64\3\E_IATIGEB.EXE (3600)

Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (3816)

Parado! C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (3828)

Parado! C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (3840)

Parado! C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (3876)

Parado! C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (3884)

Parado! C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (3944)

Parado! C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (4064)

Parado! C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe (4076)

Parado! C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (3144)

Parado! C:\Program Files (x86)\Launch Manager\LManager.exe (3256)

Parado! C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (3636)

Parado! C:\Program Files (x86)\Launch Manager\LMworker.exe (3976)

Parado! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3100)

Parado! C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (1092)

Parado! C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (4504)

Parado! C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (4772)

Parado! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4840)

Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (5084)

Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (4492)

Parado! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (2924)

Parado! C:\Windows\system32\WUDFHost.exe (4708)

Parado! C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (3344)

Parado! C:\Windows\system32\sppsvc.exe (2616)

Parado! C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (4728)

 

################## | Ficheiros # pastas infeciosos |

 

Supprimido ! C:\Users\YHASMA~1.CAB\AppData\Local\Temp\AutoRun.exe

Não supprimido ! D:\SETUP.EXE

Supprimido ! C:\$RECYCLE.BIN\S-1-5-21-1281968239-2957193764-4082081314-500

Supprimido ! C:\$RECYCLE.BIN\S-1-5-21-4053060368-4000511306-1264876465-1000

Supprimido ! C:\$RECYCLE.BIN\S-1-5-21-4053060368-4000511306-1264876465-500

Não supprimido ! D:\Autorun.inf

 

(!) Ficheiros temporários suprimido.

 

################## | Registro |

 

 

################## | Mountpoints2 |

 

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\F

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{03878bde-b894-11e0-9dfe-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{17667ecd-4be2-11e0-acbe-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{30e879a5-540e-11e0-ae8a-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{46b292f1-9dee-11e0-a734-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{46b292fb-9dee-11e0-a734-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{5f98558e-5171-11e0-9261-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{65b57c80-1568-11e1-8788-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{6f0cf8b9-4e64-11e0-85d4-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{b816425f-9ecf-11e0-80c4-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{e444fef7-b6d9-11e0-ad4a-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{e5c4e775-b645-11e0-9e2f-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{fd8025e7-9d90-11e0-850d-4c0f6e1bd13e}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{fdc45e91-f7be-11df-8e53-806e6f6e6963}

 

################## | Listing |

 

[02/12/2011 - 15:52:28 | SHD ] C:\$Recycle.Bin

[13/04/2011 - 18:56:25 | D ] C:\620aa57fa324c7765c98e4

[09/03/2011 - 20:55:29 | D ] C:\Arquivos de Programas

[01/04/2011 - 08:49:37 | D ] C:\audiences

[24/11/2010 - 09:42:28 | D ] C:\book

[20/09/2010 - 01:02:10 | N | 8192] C:\BOOTSECT.BAK

[06/05/2011 - 10:44:10 | D ] C:\Ciaf-701

[06/06/2011 - 21:41:33 | D ] C:\CM60S

[01/04/2011 - 08:49:37 | D ] C:\codecs

[01/04/2011 - 08:49:37 | D ] C:\common

[02/12/2011 - 00:44:44 | D ] C:\Config.Msi

[14/07/2009 - 03:08:56 | SHD ] C:\Documents and Settings

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1028.txt

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1031.txt

[07/11/2007 - 09:00:40 | N | 10134] C:\eula.1033.txt

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1036.txt

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1040.txt

[07/11/2007 - 09:00:40 | N | 118] C:\eula.1041.txt

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.1042.txt

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.2052.txt

[07/11/2007 - 09:00:40 | N | 17734] C:\eula.3082.txt

[07/11/2007 - 09:00:40 | N | 1110] C:\globdata.ini

[06/04/2004 - 01:02:00 | N | 188482] C:\helixprodctrl.dll

[02/12/2011 - 15:42:36 | ASH | 2207285248] C:\hiberfil.sys

[29/11/2011 - 14:40:31 | N | 388608] C:\HiJackThis.exe

[29/11/2011 - 14:46:32 | N | 16345] C:\hijackthis.log

[17/09/2011 - 14:55:57 | D ] C:\Install

[07/11/2007 - 09:44:20 | N | 855040] C:\install.exe

[07/11/2007 - 09:00:40 | N | 843] C:\install.ini

[07/11/2007 - 09:44:20 | N | 75280] C:\install.res.1028.dll

[07/11/2007 - 09:44:20 | N | 95248] C:\install.res.1031.dll

[07/11/2007 - 09:44:20 | N | 90128] C:\install.res.1033.dll

[07/11/2007 - 09:44:20 | N | 96272] C:\install.res.1036.dll

[07/11/2007 - 09:44:20 | N | 94224] C:\install.res.1040.dll

[07/11/2007 - 09:44:20 | N | 80400] C:\install.res.1041.dll

[07/11/2007 - 09:44:20 | N | 78864] C:\install.res.1042.dll

[07/11/2007 - 09:44:20 | N | 74768] C:\install.res.2052.dll

[07/11/2007 - 09:44:20 | N | 95248] C:\install.res.3082.dll

[24/11/2010 - 09:38:08 | D ] C:\Intel

[28/03/2011 - 14:23:47 | RHD ] C:\MSOCache

[09/03/2011 - 20:57:00 | D ] C:\OEM

[16/07/2011 - 19:27:44 | D ] C:\OtsLabs

[02/12/2011 - 15:42:51 | ASH | 2943049728] C:\pagefile.sys

[14/07/2009 - 01:20:08 | D ] C:\PerfLogs

[01/04/2011 - 08:49:37 | D ] C:\plugins

[06/12/2002 - 15:02:00 | N | 272896] C:\pncrt.dll

[02/12/2011 - 00:42:56 | D ] C:\Program Files

[02/12/2011 - 00:43:18 | D ] C:\Program Files (x86)

[02/12/2011 - 00:44:06 | HD ] C:\ProgramData

[09/03/2011 - 20:55:30 | SHD ] C:\Recovery

[20/09/2010 - 00:28:16 | N | 3352] C:\RHDSetup.log

[02/12/2011 - 00:44:56 | SHD ] C:\System Volume Information

[01/04/2011 - 08:49:37 | D ] C:\tools

[01/04/2011 - 08:49:37 | N | 4760] C:\unins000.dat

[28/11/2003 - 05:00:00 | N | 75922] C:\unins000.exe

[12/08/2011 - 15:27:21 | D ] C:\UniScan

[02/12/2011 - 15:52:28 | D ] C:\UsbFix

[02/12/2011 - 15:45:42 | A | 15245] C:\UsbFix.txt

[16/04/2011 - 13:06:21 | D ] C:\Users

[07/11/2007 - 09:00:40 | N | 5686] C:\vcredist.bmp

[07/11/2007 - 09:50:40 | N | 1927956] C:\VC_RED.cab

[07/11/2007 - 09:53:12 | N | 242176] C:\VC_RED.MSI

[14/09/2011 - 15:48:52 | D ] C:\W7P_Backups

[02/12/2011 - 00:42:33 | D ] C:\Windows

[17/01/2009 - 16:58:36 | RH | 41] D:\Autorun.inf

[04/01/2009 - 04:49:28 | RH | 295606] D:\CDROM.ICO

[25/01/2010 - 00:47:38 | D ] D:\Common

[11/03/2009 - 04:01:32 | RH | 99840] D:\EPDEVLST.EXE

[19/01/2010 - 07:36:02 | RH | 66] D:\EPDEVLST.INI

[25/01/2010 - 08:22:04 | RH | 6730124] D:\Epson.exe

[25/01/2010 - 00:47:42 | D ] D:\Espanol

[21/01/2010 - 07:49:50 | RH | 1197] D:\lingo.ini

[25/01/2010 - 00:47:42 | D ] D:\Portugues

[04/01/2009 - 02:17:24 | R | 377648] D:\Setup.exe

[25/01/2010 - 00:47:46 | HD ] D:\xtras

 

################## | Vaccin |

 

C:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)

 

################## | Upload |

 

Favor enviar o arquivo: C:\UsbFix_Upload_Me_YHASMANI.zip

http://eldesaparecido.com/upload.htmlp

Obrigado pela sua contribuição.

 

################## | Reboot |

 

(!) O computador não foi reiniciado!

 

################## | E.O.F |

[wings 22]

1.

*Reinicie o PC

 

2.

*Execute o UsbFix e clique [uninstall]

 

3.

*Baixe o MKV e salve-o no desktop

 

Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar:

 

*Conecte o cartão no PC e execute o MKV

 

*Clique [supprimer la vaccination]

*Reinicie o PC

 

4.O procedimento abaixo deve ser feito primeiramente sem o cartão conectado!

*Baixe o USB WriteProtector e salve-o no desktop

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

*Selecione a linguagem para Portuguese

*Selecione a opção Proteção de escrita USB - Inactiva

 

 

*Conecte o cartão e informe.

[Yhasmani 0]

1.

*Reinicie o PC

 

2.

*Execute o UsbFix e clique [uninstall]

 

3.

*Baixe o MKV e salve-o no desktop

 

Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar:

 

*Conecte o cartão no PC e execute o MKV

 

*Clique [supprimer la vaccination]

*Reinicie o PC

 

4.O procedimento abaixo deve ser feito primeiramente sem o cartão conectado!

*Baixe o USB WriteProtector e salve-o no desktop

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

*Selecione a linguagem para Portuguese

*Selecione a opção Proteção de escrita USB - Inactiva

 

 

*Conecte o cartão e informe.

 

Fiz oq foi pedido e nada aconteceu...

 

Meu pc continua com esse bloqueio...

 

:/

[wings 22]

Há um tópico aqui no fórum. Veja se resolve. Este problema não tem relação com malwares.

 

http://forum.imasters.com.br/topic/323340-pen-drive-protegido-contra-gravacao/

 

Ou dê uma olhada neste link:

http://www.hardware.com.br/comunidade/usb-dica/1194743/

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.