[Resolvido!] Problema com o teclado 2

[EDSSX 0]

Boa tarde

 

 

Não tenho o cd do windows XP .

 

 

Segue :

 

 

 

ComboFix 10-07-19.01 - edsom luis 19/07/2010 17:40:54.31.1 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.244 [GMT -3:00]

Executando de: d:\documents and settings\edsom luis\Desktop\ComboFix.exe

Comandos utilizados :: d:\documents and settings\edsom luis\Desktop\CFScript.txt

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

 

FILE ::

"d:\windows\system32\DRIVERS\78013091.sys"

"d:\windows\system32\drivers\utmyoti3.sys"

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

d:\windows\system32\drivers\utmyoti3.sys

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_78013091

-------\Legacy_78013092

-------\Legacy_MCHINJDRV

-------\Legacy_UTMYOTI3

-------\Service_utmyoti3

 

 

(((((((((((((((( Arquivos/Ficheiros criados de 2010-06-19 to 2010-07-19 ))))))))))))))))))))))))))))

.

 

2010-07-19 20:18 . 2010-07-19 20:18 -------- d-----w- D:\FOUND.000

2010-07-19 18:19 . 2010-07-19 18:19 -------- d-----w- d:\arquivos de programas\Safari

2010-07-19 18:19 . 2010-07-19 18:19 -------- d-----w- d:\arquivos de programas\Apple Software Update

2010-07-19 17:57 . 2010-07-19 17:57 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\K-Meleon

2010-07-19 17:55 . 2010-07-19 17:55 -------- d-----w- d:\arquivos de programas\K-Meleon

2010-07-19 13:52 . 2010-07-19 13:52 -------- d-----w- D:\!KillBox

2010-07-18 22:12 . 2008-12-11 11:38 159600 ----a-w- d:\windows\system32\drivers\pctgntdi.sys

2010-07-18 22:12 . 2009-04-03 14:18 130936 ----a-w- d:\windows\system32\drivers\PCTCore.sys

2010-07-18 22:12 . 2008-12-18 15:16 73840 ----a-w- d:\windows\system32\drivers\PCTAppEvent.sys

2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\arquivos de programas\Arquivos comuns\PC Tools

2010-07-18 22:12 . 2008-12-10 14:36 64392 ----a-w- d:\windows\system32\drivers\pctplsg.sys

2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\PC Tools

2010-07-18 22:12 . 2010-07-18 22:12 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\PC Tools

2010-07-18 01:31 . 2003-10-03 16:21 174592 ----a-w- d:\windows\system32\framedyn.dll

2010-07-18 00:06 . 2010-07-18 00:06 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\IObit

2010-07-16 19:28 . 2010-07-16 19:28 -------- d-----w- d:\documents and settings\edsom luis\DoctorWeb

2010-07-16 15:10 . 2010-07-16 15:10 -------- d-----w- d:\arquivos de programas\Opera

2010-07-16 14:41 . 2010-07-16 14:41 -------- d-----w- d:\windows\system32\wbem\Repository

2010-07-16 14:40 . 2010-07-16 14:40 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\Avira

2010-07-16 14:40 . 2010-07-16 14:40 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Avira

2010-07-16 14:05 . 2010-07-16 14:05 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Avira(2)

2010-07-15 20:48 . 2010-07-15 20:48 -------- d-----w- d:\arquivos de programas\CursorXP

2010-07-15 19:57 . 2010-07-15 19:57 -------- d-----w- d:\arquivos de programas\Oracle

2010-07-15 17:46 . 2010-07-15 17:46 -------- d-----w- d:\arquivos de programas\CursorXP(2)

2010-07-14 15:25 . 2010-06-14 14:31 744448 ------w- d:\windows\system32\dllcache\helpsvc.exe

2010-06-30 19:07 . 2010-06-30 19:07 -------- d-----r- d:\windows\system32\config\systemprofile\Favoritos

2010-06-30 19:01 . 2008-04-13 22:20 1306624 ------w- d:\windows\system32\dllcache\msxml6.dll

2010-06-30 19:01 . 2008-04-13 21:58 86016 ------w- d:\windows\system32\dllcache\msxml6r.dll

2010-06-30 18:30 . 2010-06-30 18:30 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\SpeedBit

2010-06-30 00:27 . 2010-06-30 00:27 -------- d-----w- d:\arquivos de programas\CCleaner

2010-06-27 18:26 . 2010-06-27 18:26 -------- d-----w- d:\windows\system32\URTTEMP

2010-06-27 12:46 . 2010-06-27 12:46 -------- d-----w- d:\windows\system32\CatRoot2

2010-06-23 00:26 . 2010-06-23 00:26 -------- d-----w- d:\arquivos de programas\navilog1

2010-06-21 22:35 . 2010-06-21 22:35 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\MySQL

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-19 19:02 . 2009-08-27 01:37 664 ----a-w- d:\windows\system32\d3d9caps.dat

2010-06-21 16:43 . 2009-09-22 20:52 1 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\BrOffice.org\3\user\uno_packages\cache\stamp.sys

2010-06-14 14:31 . 2007-09-19 13:43 744448 ----a-w- d:\windows\pchealth\helpctr\binaries\HelpSvc.exe

2010-06-10 14:34 . 2001-10-28 21:07 6291456 ----a-w- d:\windows\system32\perfh016.dat

2010-06-10 14:34 . 2001-10-28 21:07 6029312 ----a-w- d:\windows\system32\perfc016.dat

2010-06-07 13:12 . 2010-06-07 13:12 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\IObit

2010-06-04 15:29 . 2010-06-04 15:29 71992 ----a-w- d:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe

2010-06-03 20:40 . 2010-06-03 20:40 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Alwil Software

2010-05-31 19:34 . 2010-05-31 18:54 702120 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll

2010-05-31 19:34 . 2010-05-31 18:54 868456 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Mozilla\Firefox\Profiles\izozpjim.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

2010-05-30 20:32 . 2010-05-30 20:32 -------- d-----w- d:\documents and settings\edsom luis\Dados de aplicativos\Panda Security

2010-05-28 18:33 . 2010-05-03 01:06 15 ----a-w- d:\documents and settings\edsom luis\settings.dat

2010-05-28 17:34 . 2010-05-28 17:34 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\Office Genuine Advantage

2010-05-27 23:10 . 2010-05-27 23:10 -------- d-----w- d:\arquivos de programas\Arquivos comuns\Wise Installation Wizard

2010-05-24 13:58 . 2010-05-24 13:58 503808 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-78abc9e4-n\msvcp71.dll

2010-05-24 13:58 . 2010-05-24 13:58 499712 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-78abc9e4-n\jmc.dll

2010-05-24 13:58 . 2010-05-24 13:58 348160 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-78abc9e4-n\msvcr71.dll

2010-05-24 13:58 . 2010-05-24 13:58 61440 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1d19f863-n\decora-sse.dll

2010-05-24 13:58 . 2010-05-24 13:58 12800 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1d19f863-n\decora-d3d.dll

2010-05-22 19:15 . 2010-05-22 19:15 -------- d-----w- d:\documents and settings\All Users\Dados de aplicativos\CA

2010-05-18 23:28 . 2009-09-18 16:11 100368 ----a-w- d:\windows\system32\drivers\VBoxNetAdp.sys

2010-05-18 23:28 . 2010-05-18 23:28 133648 ----a-w- d:\windows\system32\VBoxNetFltNotify.dll

2010-05-18 23:28 . 2010-05-18 23:28 111248 ----a-w- d:\windows\system32\drivers\VBoxNetFlt.sys

2010-05-18 23:28 . 2009-09-18 16:11 142864 ----a-w- d:\windows\system32\drivers\VBoxDrv.sys

2010-05-18 23:28 . 2009-09-18 16:10 41744 ----a-w- d:\windows\system32\drivers\VBoxUSBMon.sys

2010-05-06 10:34 . 2004-08-04 10:45 916480 ----a-w- d:\windows\system32\WININET.DLL

2010-05-06 10:34 . 2004-08-04 10:45 916480 ----a-w- d:\windows\system32\wininet(8)(2).dll

2010-05-06 10:34 . 2004-08-04 10:45 1209344 ----a-w- d:\windows\system32\urlmon(8)(2).dll

2010-05-04 18:34 . 2010-05-04 18:34 12552 ----a-w- d:\windows\system32\drivers\hddirect.sys

2010-05-02 08:08 . 2004-08-04 10:38 1851392 ----a-w- d:\windows\system32\win32k.sys

2010-04-29 18:39 . 2010-05-02 21:04 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys

2010-04-29 18:39 . 2010-05-02 21:04 20952 ----a-w- d:\windows\system32\drivers\mbam.sys

2010-04-21 18:22 . 2010-04-18 01:03 79488 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\jre1.6.0_20\gtapi.dll

2010-04-21 18:22 . 2010-04-18 01:03 152576 ----a-w- d:\documents and settings\edsom luis\Dados de aplicativos\Sun\Java\jre1.6.0_20\lzma.dll

2009-12-01 18:16 . 2009-12-01 18:16 38338 ------w- d:\arquivos de programas\Uninst.isu

2009-11-27 21:47 . 2009-11-13 21:19 218 ------w- d:\arquivos de programas\Arquivos comuns\operaprefs_default.ini

2009-11-20 22:11 . 2009-11-20 22:11 15828 ------w- d:\arquivos de programas\Arquivos comuns\license.rtf

2009-11-20 22:01 . 2009-11-20 22:01 832296 ------w- d:\arquivos de programas\Arquivos comuns\opera.exe

2009-11-20 22:01 . 2009-11-20 22:01 4450088 ------w- d:\arquivos de programas\Arquivos comuns\opera.dll

2009-11-20 22:00 . 2009-11-20 22:00 20480 ------w- d:\arquivos de programas\Arquivos comuns\OUniAnsi.dll

2009-11-20 22:00 . 2009-11-20 22:00 653419 ------w- d:\arquivos de programas\Arquivos comuns\encoding.bin

2009-11-13 21:19 . 2009-03-27 23:27 2320 ------w- d:\arquivos de programas\Arquivos comuns\operadef6.ini

2009-08-19 08:39 . 2009-08-19 08:39 330 ------w- d:\arquivos de programas\setup.ini

2009-07-10 06:20 . 2009-12-01 18:16 621546 ----a-w- d:\arquivos de programas\Arquivos comuns\ACIHELP.HLP.vir

2009-07-10 06:20 . 2009-12-01 18:16 3219 ----a-w- d:\arquivos de programas\Arquivos comuns\Acihelp.cnt.vir

2009-06-17 17:41 . 2009-06-17 17:41 3870 ----a-w- d:\arquivos de programas\Arquivos comuns\lngcode.txt.vir

2008-06-09 13:17 . 2008-06-09 13:17 301 ----a-w- d:\arquivos de programas\Arquivos comuns\c3nform.vxml.vir

2004-02-26 16:35 . 2004-02-26 16:35 7904 ------w- d:\arquivos de programas\Arquivos comuns\html40_entities.dtd

2009-11-24 09:18 . 2009-04-29 23:59 32 --sha-w- d:\windows\system32\drivers\fidbox.dat

2008-04-13 22:21 . 2010-06-30 19:00 73728 --sha-w- d:\windows\system32\dllcache\wmplayer.exe

2009-03-08 17:09 . 2008-04-14 03:21 510816 --sha-w- d:\windows\ServicePackFiles\i386\iexplore.exe

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CursorXP"="d:\arquivos de programas\CursorXP\CursorXP.exe" [2005-01-19 128000]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroCheck"="c:\windows\System32\NeroCheck.exe" [2001-07-09 155648]

"Adobe Reader Speed Launcher"="d:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]

"Adobe ARM"="d:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"SunJavaUpdateSched"="d:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2010-02-18 248040]

"avgnt"="d:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

"NoResolveTrack"= 1 (0x1)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoRealMode"= 0 (0x0)

"HonorAutoRunSetting"= 0 (0x0)

"NoFileUrl"= 0 (0x0)

"NoUpdateCheck"= 0 (0x0)

"NoSMBalloonTip"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ \0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

 

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^BrOffice.org 3.1.lnk]

 

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^setup_9.0.0.722_15.01.2010_15-37.lnk]

 

[HKLM\~\startupfolder\D:^Documents and Settings^edsom luis^Menu Iniciar^Programas^Inicializar^setup_9.0.0.722_18.02.2010_16-03.lnk]

 

[HKLM\~\startupfolder\^.mjsync_pt_BR]

path=\.mjsync_pt_BR

 

[HKLM\~\startupfolder\^catchme.exe]

path=\catchme.exe

 

[HKLM\~\startupfolder\^Desktop.rar]

path=\Desktop.rar

 

[HKLM\~\startupfolder\^dumphive.exe]

path=\dumphive.exe

 

[HKLM\~\startupfolder\^Favoritos.rar]

path=\Favoritos.rar

 

[HKLM\~\startupfolder\^haxoth2.txt]

path=\haxoth2.txt

 

[HKLM\~\startupfolder\^md5file.exe]

path=\md5file.exe

 

[HKLM\~\startupfolder\^moveex.exe]

path=\moveex.exe

 

[HKLM\~\startupfolder\^NTUSER.DAT]

path=\ntuser.dat

 

[HKLM\~\startupfolder\^NTUSER.DAT.bak_jv16pt]

path=\NTUSER.DAT.bak_jv16pt

 

[HKLM\~\startupfolder\^ntuser.dat.LOG]

path=\ntuser.dat.LOG

 

[HKLM\~\startupfolder\^NTUSER.DAT.tmp.LOG]

path=\NTUSER.DAT.tmp.LOG

 

[HKLM\~\startupfolder\^ntuser.ini]

path=\ntuser.ini

 

[HKLM\~\startupfolder\^ntuser.pol]

path=\ntuser.pol

 

[HKLM\~\startupfolder\^PrivacIE.rar]

path=\PrivacIE.rar

 

[HKLM\~\startupfolder\^process.exe]

path=\process.exe

 

[HKLM\~\startupfolder\^rebuilt.Menu Iniciar.rar]

path=\rebuilt.Menu Iniciar.rar

 

[HKLM\~\startupfolder\^rebuilt.UserData.rar]

path=\rebuilt.UserData.rar

 

[HKLM\~\startupfolder\^run2.hax]

path=\run2.hax

 

[HKLM\~\startupfolder\^swreg.exe]

path=\swreg.exe

 

[HKLM\~\startupfolder\^swsc.exe]

path=\swsc.exe

 

[HKLM\~\startupfolder\^tool_en.log]

path=\tool_en.log

 

[HKLM\~\startupfolder\^UserData.rar]

path=\UserData.rar

 

[HKLM\~\startupfolder\^vfind.exe]

path=\vfind.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- d:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-04-04 05:42 36272 ----a-w- d:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 03:20 15360 ----a-w- d:\windows\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorXP]

2005-01-19 19:34 128000 ----a-w- d:\arquivos de programas\CursorXP\CursorXP.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]

2008-11-04 04:44 435096 ------w- d:\arquiv~1\ARQUIV~1\MICROS~1\DW\DWTRIG20.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-02-18 14:43 248040 ----a-w- d:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"GoogleDesktopManager-060409-093314"=3 (0x3)

"ZeppelinService"=2 (0x2)

"idsvc"=3 (0x3)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"d:\\Arquivos de programas\\Arquivos comuns\\opera.exe"=

"d:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"d:\\Arquivos de programas\\Opera\\opera.exe"=

 

R0 PCTCore;PCTools KDS;d:\windows\system32\drivers\PCTCore.sys [18/7/2010 19:12 130936]

R1 VBoxDrv;VirtualBox Service;d:\windows\system32\drivers\VBoxDrv.sys [18/9/2009 13:11 142864]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;d:\windows\system32\drivers\VBoxUSBMon.sys [18/9/2009 13:10 41744]

R2 713xTVCard;SAA7131 TV Card;d:\windows\system32\drivers\SAA713x.sys [15/3/2005 12:00 277504]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [3/5/2010 15:00 135336]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;d:\windows\system32\drivers\VBoxNetAdp.sys [18/9/2009 13:11 100368]

R3 VBoxNetFlt;VBoxNetFlt Service;d:\windows\system32\drivers\VBoxNetFlt.sys [18/5/2010 20:28 111248]

R3 xpvcom;XPVCOM Port;d:\windows\system32\drivers\XPVCOM.sys [23/3/2007 02:00 30032]

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2010-07-19 d:\windows\Tasks\User_Feed_Synchronization-{85870EB0-73F3-41E1-92DD-7C153C1F486E}.job

- d:\windows\system32\msfeedssync.exe [2007-08-13 07:31]

.

.

------- Scan Suplementar -------

.

mWindow Title =

IE: E&xportar para o Microsoft Excel

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-07-19 17:50

Windows 5.1.2600 Service Pack 3 FAT NTAPI

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

 

[HKEY_USERS\.Default\Software\Stardock\WindowBlinds\WB5.ini\Installed]

@DACL=(02 0000)

 

[HKEY_LOCAL_MACHINE\software\Classes\Microsoft.MSN.MCC.USNJSVC.1\CLSID]

@DACL=(02 0000)

@="{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}"

 

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler\CLSID]

@DACL=(02 0000)

@="{D74C0C0E-14F3-402C-9379-3E2BD0BF5D06}"

 

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler\CurVer]

@DACL=(02 0000)

@="MSN.V2SDeviceHandler.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\MSN.V2SDeviceHandler.1\CLSID]

@DACL=(02 0000)

@="{D74C0C0E-14F3-402C-9379-3E2BD0BF5D06}"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer\CLSID]

@DACL=(02 0000)

@="{6E2200B4-7C9E-44C6-96A3-F904A7AB8880}"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer\CurVer]

@DACL=(02 0000)

@="pcsexe.Dialer.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.Dialer.1\CLSID]

@DACL=(02 0000)

@="{6E2200B4-7C9E-44C6-96A3-F904A7AB8880}"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer\CLSID]

@DACL=(02 0000)

@="{81C63250-607F-4e79-9FCB-F756C16C5AB9}"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer\CurVer]

@DACL=(02 0000)

@="pcsexe.Dialer.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.MessengerDialer.1\CLSID]

@DACL=(02 0000)

@="{81C63250-607F-4e79-9FCB-F756C16C5AB9}"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut\CLSID]

@DACL=(02 0000)

@="{630ED07B-04A5-4AB9-A73B-FD94F34D5F09}"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut\CurVer]

@DACL=(02 0000)

@="pcsexe.PstnOut.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\pcsexe.PstnOut.1\CLSID]

@DACL=(02 0000)

@="{630ED07B-04A5-4AB9-A73B-FD94F34D5F09}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer\CLSID]

@DACL=(02 0000)

@="{72770783-9801-43c4-9E1F-9084BAE210CF}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer\CurVer]

@DACL=(02 0000)

@="Softphone.Dialer.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Dialer.1\CLSID]

@DACL=(02 0000)

@="{72770783-9801-43c4-9E1F-9084BAE210CF}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow\CLSID]

@DACL=(02 0000)

@="{37E192CB-B5C5-4487-9D66-2550B6F57B7A}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow\CurVer]

@DACL=(02 0000)

@="Softphone.DialerWindow.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.DialerWindow.1\CLSID]

@DACL=(02 0000)

@="{37E192CB-B5C5-4487-9D66-2550B6F57B7A}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error\CLSID]

@DACL=(02 0000)

@="{C2F86E32-3AD2-42f1-94F2-D7E0414F2C10}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error\CurVer]

@DACL=(02 0000)

@="Softphone.Error.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.Error.1\CLSID]

@DACL=(02 0000)

@="{C2F86E32-3AD2-42f1-94F2-D7E0414F2C10}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact\CLSID]

@DACL=(02 0000)

@="{52C92B9C-B117-4AC5-AD94-A6D8604608BB}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact\CurVer]

@DACL=(02 0000)

@="Softphone.PhoneContact.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneContact.1\CLSID]

@DACL=(02 0000)

@="{52C92B9C-B117-4AC5-AD94-A6D8604608BB}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber\CLSID]

@DACL=(02 0000)

@="{B0C5F2DF-5D4B-4DBC-888E-D96E971B57F4}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber\CurVer]

@DACL=(02 0000)

@="Softphone.PhoneNumber.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\Softphone.PhoneNumber.1\CLSID]

@DACL=(02 0000)

@="{B0C5F2DF-5D4B-4DBC-888E-D96E971B57F4}"

 

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob\CLSID]

@DACL=(02 0000)

@="{9B38B1AC-C774-46AB-AD99-0C19871F0714}"

 

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob\CurVer]

@DACL=(02 0000)

@="WindowsLive.SetupJob.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupJob.1\CLSID]

@DACL=(02 0000)

@="{9B38B1AC-C774-46AB-AD99-0C19871F0714}"

 

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService\CLSID]

@DACL=(02 0000)

@="{585D47D2-CF74-4869-BF4E-DF5662504F11}"

 

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService\CurVer]

@DACL=(02 0000)

@="WindowsLive.SetupService.1"

 

[HKEY_LOCAL_MACHINE\software\Classes\WindowsLive.SetupService.1\CLSID]

@DACL=(02 0000)

@="{585D47D2-CF74-4869-BF4E-DF5662504F11}"

 

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedCompression.1\CLSID]

@DACL=(02 0000)

@="{4C836512-BB70-11D2-A5A7-00105A9C91C6}"

 

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedCompression.1\Insertable]

@DACL=(02 0000)

 

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedZip.4\CLSID]

@DACL=(02 0000)

@="{DB797690-40E0-11D2-9BD5-0060082AE372}"

 

[HKEY_LOCAL_MACHINE\software\Classes\XceedSoftware.XceedZip.4\Insertable]

@DACL=(02 0000)

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]

"6140110900063D11C8EF10054038389C"="D?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'winlogon.exe'(1052)

d:\windows\system32\sfc_os.dll

 

- - - - - - - > 'explorer.exe'(3808)

d:\windows\system32\WININET.dll

d:\windows\system32\msi.dll

d:\windows\system32\webcheck.dll

d:\windows\system32\WPDShServiceObj.dll

d:\windows\system32\PortableDeviceTypes.dll

d:\windows\system32\PortableDeviceApi.dll

.

------------------------ Outros Processos em Execução ------------------------

.

d:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe

d:\arquivos de programas\Java\jre6\bin\jqs.exe

d:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

d:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

d:\arquivos de programas\Avira\AntiVir Desktop\avshadow.exe

d:\windows\system32\wbem\wmiapsrv.exe

.

**************************************************************************

.

Tempo para conclusão: 2010-07-19 17:52:10 - Máquina reiniciou

ComboFix-quarantined-files.txt 2010-07-19 20:52

ComboFix2.txt 2010-07-17 16:21

 

Pré-execução: 19 pasta(s) 40.455.995.392 bytes disponíveis

Pós execução: 21 pasta(s) 40.443.019.264 bytes disponíveis

 

- - End Of File - - 20398A2346C9067672F229F444AA1807

 

 

 

Abraços

[wings 22]

O log do Combofix está limpo.

 

Em relação a Restauração do Sistema tente as opções:

 

1.

*Clique em [iniciar] > [Executar] > copie e cole: D:\Windows\system32\restore\rstrui.exe

*Clique OK

 

Veja se consegue acessar a Restauração. Caso o Windows informe não encontrar o arquivo, baixe-o aqui. Extraia-o e salve-o na pasta pasta D:\Windows\system32\restore

 

2.

*Clique em [iniciar] > [Executar] > digite: gpedit.msc > [Configuração do computador] > [Modelos administrativos] > [sistema] > [Restauração do sistema]

*Verifique se os itens abaixo estão desativados:

Desativar configuração

Desativar restauração do sistema

*Caso estejam, ative-os.

 

3.

*Dê uma olhada nestes links também:

http://support.microsoft.com/default.aspx?scid=kb;pt-br;302796&Product=allBra

http://support.microsoft.com/default.aspx?scid=kb;pt-br;299904&Product=allBra

http://support.microsoft.com/default.aspx?scid=kb;pt-br;301224&Product=allBra

[EDSSX 0]

Boa noite ! wings

 

 

Nada, nada; nada . Tudo na mesma .

 

 

Abraços

[wings 22]

1.

Tente criar um novo usuário e veja se funciona.

 

2.

*Clique em [iniciar] > [Executar] > digite: Combofix /uninstall

*Clique [OK]

 

 

*Clique em [Executar]

*Aguarde até surgir a mensagem: "ComboFix está desinstalado"

*Clique [OK]

 

Sem um CD do Windows fica difícil.....

 

Um abraço.

[EDSSX 0]

Ok . Pode encerrar o tópico .

 

 

 

Obrigado e abraços

[wings 22]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.