Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
valdinei.daniel

DLLSRV.EXE e o windows não mostra a barra de tarefas e os ícones

Recommended Posts

Vi um artigo que já foi arquivado, executei o combofix e os icones e barra de tarefas voltou, porém continua dando mensgem de erro do dllsrv.exe, segue abaixo relatório do combofix. Me ajudem por favor:

ComboFix 09-03-26.03 - Daffenne Cristina 2009-04-02 16:49:22.1 - NTFSx86

Executando de: e:\dayane\ComboFix.exe

ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\arquivos de programas\Microsoft Common

c:\arquivos de programas\Microsoft Common\svchost.exe

c:\windows\GnuHashes.ini

c:\windows\system32\1.tmp

c:\windows\system32\5.tmp

c:\windows\system32\Cache

c:\windows\system32\GroupPolicy000.dat

c:\windows\system32\nspD.dll

c:\windows\System32\nyxnnrxrdmey.dll

c:\windows\System32\qvwyxtuptlpbjo.dll

E:\AutoRun.inf

E:\copy.exe

E:\EXPLORER.EXE

E:\host.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_IPRIP

-------\Service_Iprip

(((((((((((((((( Arquivos/Ficheiros criados de 2009-03-02 to 2009-04-02 ))))))))))))))))))))))))))))

.

2009-04-01 09:11 . 2009-04-01 09:14 <DIR> d-------- c:\arquivos de programas\Spyware Doctor

2009-03-26 21:20 . 2001-10-28 15:06 150,016 --a--c--- c:\windows\system32\dllcache\winzm.ime

2009-03-26 21:20 . 2001-10-28 15:06 150,016 --a--c--- c:\windows\system32\dllcache\winsp.ime

2009-03-26 21:20 . 2001-10-28 15:06 150,016 --a--c--- c:\windows\system32\dllcache\winpy.ime

2009-03-26 21:20 . 2001-10-28 15:06 75,776 --a--c--- c:\windows\system32\dllcache\winar30.ime

2009-03-26 21:20 . 2001-10-28 15:06 69,120 --a--c--- c:\windows\system32\dllcache\wingb.ime

2009-03-26 21:20 . 2001-10-28 15:06 62,464 --a--c--- c:\windows\system32\dllcache\winime.ime

2009-03-26 21:20 . 2001-10-28 15:07 41,600 --a--c--- c:\windows\system32\dllcache\weitekp9.dll

2009-03-26 21:20 . 2001-10-28 15:07 31,488 --a--c--- c:\windows\system32\dllcache\weitekp9.sys

2009-03-26 21:18 . 2001-10-28 15:06 1,875,968 --a--c--- c:\windows\system32\dllcache\msir3jp.lex

2009-03-26 21:17 . 2001-10-28 15:06 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll

2009-03-26 21:11 . 2009-03-26 21:11 749 -rah----- c:\windows\WindowsShell.Manifest

2009-03-26 21:11 . 2009-03-26 21:11 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest

2009-03-26 21:11 . 2009-03-26 21:11 749 -rah----- c:\windows\system32\sapi.cpl.manifest

2009-03-26 21:11 . 2009-03-26 21:11 749 -rah----- c:\windows\system32\nwc.cpl.manifest

2009-03-26 21:11 . 2009-03-26 21:11 749 -rah----- c:\windows\system32\ncpa.cpl.manifest

2009-03-26 21:11 . 2009-03-26 21:11 488 -rah----- c:\windows\system32\logonui.exe.manifest

2009-03-26 21:09 . 2001-10-28 15:07 2,512,384 --a--c--- c:\windows\system32\dllcache\msoeres.dll

2009-03-26 21:08 . 2001-10-28 15:07 307,200 --a--c--- c:\windows\system32\dllcache\msadce.dll

2009-03-26 21:08 . 2001-09-05 23:50 286,720 --a------ c:\windows\system32\msh263.drv

2009-03-26 21:08 . 2001-10-28 15:07 145,920 --a--c--- c:\windows\system32\dllcache\triedit.dll

2009-03-26 21:08 . 2001-10-28 15:06 116,224 --a--c--- c:\windows\system32\dllcache\dhtmled.ocx

2009-03-26 21:08 . 2001-10-28 15:06 94,208 --a--c--- c:\windows\system32\dllcache\ieinfo5.ocx

2009-03-26 21:08 . 2001-10-28 15:06 91,136 --a--c--- c:\windows\system32\dllcache\iexplore.exe

2009-03-26 21:08 . 2001-10-28 15:07 57,344 --a--c--- c:\windows\system32\dllcache\msadcf.dll

2009-03-26 21:08 . 2001-10-28 15:06 36,352 --a--c--- c:\windows\system32\dllcache\hmmapi.dll

2009-03-26 21:08 . 2001-10-28 15:07 20,480 --a--c--- c:\windows\system32\dllcache\msadcer.dll

2009-03-26 21:08 . 2001-10-28 15:07 16,384 --a--c--- c:\windows\system32\dllcache\msadcfr.dll

2009-03-26 21:07 . 2001-07-19 14:40 217,088 --a--c--- c:\windows\system32\dllcache\fpmmcsat.dll

2009-03-26 21:07 . 2001-05-23 05:15 184,435 --a--c--- c:\windows\system32\dllcache\fp4amsft.dll

2009-03-26 21:07 . 2001-05-23 05:15 41,020 --a--c--- c:\windows\system32\dllcache\fp4avnb.dll

2009-03-26 21:07 . 2001-05-23 05:15 32,827 --a--c--- c:\windows\system32\dllcache\tcptest.exe

2009-03-26 21:07 . 2001-05-23 05:15 24,632 --a--c--- c:\windows\system32\dllcache\fpadmcgi.exe

2009-03-26 21:07 . 2001-05-23 05:15 20,540 --a--c--- c:\windows\system32\dllcache\author.dll

2009-03-26 21:07 . 2001-05-23 05:15 20,540 --a--c--- c:\windows\system32\dllcache\admin.dll

2009-03-26 21:07 . 2001-05-23 05:15 20,536 --a--c--- c:\windows\system32\dllcache\shtml.dll

2009-03-26 21:07 . 2001-05-23 05:15 16,439 --a--c--- c:\windows\system32\dllcache\author.exe

2009-03-26 21:07 . 2001-05-23 05:15 16,439 --a--c--- c:\windows\system32\dllcache\admin.exe

2009-03-26 21:07 . 2001-05-23 05:15 16,437 --a--c--- c:\windows\system32\dllcache\shtml.exe

2009-03-26 21:07 . 2001-07-19 14:40 16,384 --a--c--- c:\windows\system32\dllcache\tcptsat.dll

2009-03-26 21:05 . 2001-10-28 15:06 1,139,200 --a--c--- c:\windows\system32\dllcache\comsvcs.dll

2009-03-26 21:04 . 2001-10-28 15:06 1,267,200 --a--c--- c:\windows\system32\dllcache\cimwin32.dll

2009-03-26 21:02 . 2001-08-17 21:59 50,048 --a------ c:\windows\system32\drivers\DMusic.sys

2009-03-26 21:02 . 2001-08-17 22:00 5,632 --a------ c:\windows\system32\drivers\splitter.sys

2009-03-26 21:01 . 2001-09-05 23:23 56,448 --a------ c:\windows\system32\drivers\redbook.sys

2009-03-26 21:00 . 2001-09-05 23:50 117,248 --a------ c:\windows\system32\ksproxy.ax

2009-03-26 21:00 . 2001-08-17 20:13 27,165 --a------ c:\windows\system32\drivers\fetnd5.sys

2009-03-26 21:00 . 2001-09-05 23:50 4,096 --a------ c:\windows\system32\ksuser.dll

2009-03-26 20:08 . 2004-08-03 23:01 124,800 --a------ c:\windows\system32\drivers\fltMgr.sys

2009-03-26 20:08 . 2004-08-04 00:45 22,528 --a------ c:\windows\system32\fltMc.exe

2009-03-26 20:08 . 2004-08-04 00:45 16,896 --a------ c:\windows\system32\fltlib.dll

2009-03-26 20:08 . 2004-08-04 00:45 8,192 --a------ c:\windows\system32\bitsprx2.dll

2009-03-26 20:08 . 2004-08-04 00:45 7,168 --a------ c:\windows\system32\bitsprx3.dll

2009-03-26 20:00 . 2004-07-17 11:48 66,082 --a------ c:\windows\system32\c_28603.nls

2009-03-26 19:51 . 2004-08-04 00:45 384,512 --a------ c:\windows\system32\mp4sdmod.dll

2009-03-26 19:51 . 2004-08-04 00:45 310,272 --a------ c:\windows\system32\mp43dmod.dll

2009-03-26 19:51 . 2004-08-04 00:45 71,680 --a------ c:\windows\system32\blastcln.exe

2009-03-26 19:51 . 2004-08-04 00:45 17,408 --a------ c:\windows\system32\winshfhc.dll

2009-03-26 19:50 . 2004-08-04 00:45 11,776 --a------ c:\windows\system32\spnpinst.exe

2009-03-26 19:48 . 2004-08-04 00:45 75,776 --a------ c:\windows\system32\strmfilt.dll

2009-03-26 19:48 . 2004-08-04 00:45 53,248 --a------ c:\windows\system32\vbicodec.ax

2009-03-26 19:48 . 2004-08-04 00:45 44,032 --a------ c:\windows\system32\twext.dll

2009-03-26 19:48 . 2004-08-04 00:45 15,872 --a------ c:\windows\system32\w3ssl.dll

2009-03-26 19:48 . 2004-08-03 22:59 12,800 --a------ c:\windows\system32\spiisupd.exe

2009-03-26 19:46 . 2004-08-04 00:45 134,656 --a------ c:\windows\system32\mssap.dll

2009-03-26 19:46 . 2004-08-04 00:45 25,600 --a------ c:\windows\system32\netsetup.cpl

2009-03-26 19:44 . 2004-08-04 00:45 2,113,536 --a------ c:\windows\system32\dxdiagn.dll

2009-03-26 19:44 . 2004-08-04 00:45 186,368 --a------ c:\windows\system32\encdec.dll

2009-03-26 19:44 . 2004-08-04 00:45 80,384 --a------ c:\windows\system32\firewall.cpl

2009-03-26 19:44 . 2004-08-04 00:45 60,416 --a------ c:\windows\system32\fwcfg.dll

2009-03-26 19:44 . 2004-08-04 00:45 20,480 --a------ c:\windows\system32\encapi.dll

2009-03-26 19:44 . 2004-08-04 00:44 4,096 --a------ c:\windows\system32\dsprpres.dll

2009-03-26 19:42 . 2004-08-04 00:45 1,689,088 --a------ c:\windows\system32\d3d9.dll

2009-03-26 19:42 . 2004-08-04 00:45 50,688 --a------ c:\windows\system32\btpanui.dll

2009-03-26 19:42 . 2004-08-04 00:45 32,768 --a------ c:\windows\system32\asr_pfu.exe

2009-03-26 19:42 . 2004-08-04 00:45 14,336 --a------ c:\windows\system32\auditusr.exe

2009-03-26 19:42 . 2004-08-04 00:45 13,824 --a------ c:\windows\system32\cmsetACL.dll

2009-03-26 16:53 . 2009-03-26 16:53 <DIR> d-------- c:\windows\Provisioning

2009-03-26 16:53 . 2009-03-26 16:57 <DIR> d-------- c:\windows\ehome

2009-03-17 20:50 . 2009-03-17 20:50 <DIR> d-------- c:\documents and settings\Daffenne Cristina\Dados de aplicativos\MSN6

2009-03-14 20:47 . 2009-03-14 20:47 2,711 --a------ c:\windows\msnsetuplog.bak

2009-03-14 20:26 . 2009-04-01 13:14 <DIR> d-------- c:\arquivos de programas\PremierOpinion

2009-03-14 15:16 . 2009-03-14 17:36 <DIR> d-------- c:\arquivos de programas\eMule

2009-03-14 14:37 . 2009-03-14 20:14 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\SweetIM

2009-03-14 14:37 . 2009-03-14 20:14 <DIR> d-------- c:\arquivos de programas\SweetIM

2009-03-14 12:49 . 2009-03-14 12:49 <DIR> d-------- c:\arquivos de programas\Syncsoft

2009-03-11 19:05 . 2009-03-12 20:01 <DIR> d--hs---- c:\windows\system32\NetworkService32

2009-03-09 10:43 . 2009-03-09 10:43 <DIR> d-------- c:\documents and settings\THALYTA DAUANNE_2\Dados de aplicativos\NCH Swift Sound

2009-03-09 10:16 . 2009-03-09 10:16 <DIR> d-------- c:\documents and settings\THALYTA DAUANNE_2\Dados de aplicativos\Teleca

2009-03-09 10:16 . 2009-03-09 10:16 <DIR> d-------- c:\documents and settings\THALYTA DAUANNE_2\Dados de aplicativos\Sony Ericsson

2009-03-09 10:13 . 2008-08-10 13:54 <DIR> d--h----- c:\documents and settings\THALYTA DAUANNE_2\Modelos

2009-03-09 10:13 . 2009-03-14 10:23 <DIR> dr------- c:\documents and settings\THALYTA DAUANNE_2\Meus documentos

2009-03-09 10:13 . 2008-08-10 13:48 <DIR> dr------- c:\documents and settings\THALYTA DAUANNE_2\Menu Iniciar

2009-03-09 10:13 . 2009-03-09 10:16 <DIR> dr------- c:\documents and settings\THALYTA DAUANNE_2\Favoritos

2009-03-09 10:13 . 2009-03-09 10:43 <DIR> dr-h----- c:\documents and settings\THALYTA DAUANNE_2\Dados de aplicativos

2009-03-09 10:13 . 2009-03-09 10:16 <DIR> d--h----- c:\documents and settings\THALYTA DAUANNE_2\Configurações locais

2009-03-09 10:13 . 2008-08-10 13:48 <DIR> d--h----- c:\documents and settings\THALYTA DAUANNE_2\Ambiente de rede

2009-03-09 10:13 . 2008-08-10 13:48 <DIR> d--h----- c:\documents and settings\THALYTA DAUANNE_2\Ambiente de impressão

2009-03-09 10:13 . 2009-03-16 20:04 <DIR> d-------- c:\documents and settings\THALYTA DAUANNE_2

2009-03-08 19:04 . 2009-03-08 19:05 <DIR> d-------- c:\arquivos de programas\Jaangle

2009-03-08 19:03 . 2009-03-26 16:57 <DIR> d-------- c:\windows\PeerNet

2009-03-08 19:03 . 2009-03-08 19:03 <DIR> d-------- C:\Program Files

2009-03-08 19:03 . 2009-03-14 20:17 <DIR> d-------- c:\arquivos de programas\Speedy Mule

2009-03-08 16:04 . 2009-03-18 12:08 26,157 --a------ C:\k8m1l3e9f4n7.exe

2009-03-08 14:11 . 2009-03-08 14:11 157,696 --------- c:\windows\system32\drivers\DllSrv.exe

2009-03-06 23:18 . 2009-03-06 23:18 <DIR> d---s---- c:\documents and settings\Dayanne Cristina\UserData

2009-03-06 22:51 . 2004-08-04 00:45 431,616 --a------ c:\windows\system32\wuapi.dll

2009-03-06 22:51 . 2004-08-04 00:45 183,808 --a------ c:\windows\system32\wuaueng1.dll

2009-03-06 22:51 . 2004-08-04 00:45 167,936 --a------ c:\windows\system32\wuauclt1.exe

2009-03-06 22:51 . 2004-08-04 00:45 120,320 --a------ c:\windows\system32\wuweb.dll

2009-03-06 22:51 . 2004-08-04 00:45 113,152 --a------ c:\windows\system32\wucltui.dll

2009-03-06 22:51 . 2004-08-04 00:45 36,864 --a------ c:\windows\system32\wups.dll

2009-03-06 22:41 . 2009-03-06 22:41 <DIR> d-------- C:\WUTemp

2009-03-06 22:31 . 2009-03-06 22:31 <DIR> d-------- c:\arquivos de programas\MSN Messenger

2009-03-06 22:22 . 2009-03-06 22:22 <DIR> d-------- c:\windows\IIS Temporary Compressed Files

2009-03-06 22:22 . 2009-03-06 22:22 0 --a------ c:\windows\frontpg.ini

2009-03-06 22:20 . 2009-03-06 22:20 <DIR> d---s---- c:\windows\system32\Microsoft

2009-03-06 22:18 . 2009-03-14 18:17 <DIR> d-------- c:\windows\system32\FxsTmp

2009-03-06 22:18 . 2009-03-26 21:07 590 --a------ c:\windows\system32\mapisvc.inf

2009-03-06 22:16 . 2009-03-06 22:16 <DIR> d-------- c:\windows\system32\msmq

2009-03-06 22:16 . 2009-03-06 22:16 <DIR> d-------- c:\windows\system32\Logfiles

2009-03-06 22:16 . 2001-10-28 15:06 58,880 --a------ c:\windows\system32\fxsevent.dll

2009-03-06 22:16 . 2001-10-28 15:06 58,880 --a--c--- c:\windows\system32\dllcache\fxsevent.dll

2009-03-06 22:16 . 2001-10-28 15:06 22,016 --a------ c:\windows\system32\fxsmon.dll

2009-03-06 22:16 . 2001-10-28 15:06 22,016 --a--c--- c:\windows\system32\dllcache\fxsmon.dll

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-27 00:23 133,632 ----a-w c:\windows\system32\sfc_os.dll

2009-03-27 00:09 --------- d-----w c:\arquivos de programas\Arquivos comuns\Serviços

2009-03-27 00:07 --------- d-----w c:\arquivos de programas\Serviços on-line

2009-03-17 00:27 --------- d-----w c:\documents and settings\Dayanne Cristina\Dados de aplicativos\MSN6

2009-03-15 00:02 --------- d-----w c:\arquivos de programas\Google

2009-03-13 22:13 69,158 ----a-w c:\windows\system32\nyxnnrxrdmey.dll-uninst.exe

2009-03-07 17:57 --------- d-----w c:\arquivos de programas\Samsung

2009-03-07 17:53 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information

2009-03-07 02:58 48,284 ----a-w c:\windows\system32\dmbzfqrkpypwtr.exe

2009-03-07 00:04 85,665 ----a-w c:\windows\system32\bd3e7e6e-b4d6-aa75-5f3e-7b99b736ef6e.exe

2009-02-19 00:06 --------- d-----w c:\arquivos de programas\Motive

2009-02-19 00:06 --------- d-----w c:\arquivos de programas\Common Files

2009-02-13 23:40 --------- d-----w c:\documents and settings\Dayanne Cristina\Dados de aplicativos\Samsung

2009-02-12 15:13 --------- d-----w c:\documents and settings\Daffenne Cristina\Dados de aplicativos\LimeWire

2009-02-12 12:58 374,272 --sha-w c:\windows\system32\18.tmp

2009-02-12 12:58 135,168 ----a-w c:\windows\system32\iesetup32.VIR

2009-02-12 12:51 --------- d-----w c:\arquivos de programas\Snappyads Games Collection

2009-02-12 01:41 410,984 ----a-w c:\windows\system32\deploytk.dll

2009-02-12 01:41 --------- d-----w c:\arquivos de programas\Java

2009-02-12 01:30 677,888 --sha-r c:\windows\system32\drivers\NirCmd.exe

2009-02-12 01:30 --------- d-----w c:\arquivos de programas\NOS

2009-02-12 01:00 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\NOS

2009-02-12 00:31 --------- d-----w c:\documents and settings\Dayanne Cristina\Dados de aplicativos\Motive

2009-02-11 19:14 --------- d-----w c:\documents and settings\Daffenne Cristina\Dados de aplicativos\Motive

2009-02-11 19:14 --------- d-----w c:\arquivos de programas\Arquivos comuns\Motive

2009-02-11 19:13 155,995 ----a-w c:\windows\java\Packages\1N7Z3TRD.ZIP

2001-10-28 18:07 520,192 --sha-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe

.

------- Sigcheck -------

2001-10-28 15:07 12800 979f27f95f9a60ad6292b803aee12de5 c:\windows\system32\svchost.exe

2001-10-28 15:07 12800 979f27f95f9a60ad6292b803aee12de5 c:\windows\system32\dllcache\svchost.exe

2001-10-28 15:07 561664 e4c13720156ce01f6c06092327cd6816 c:\windows\system32\user32.dll

2001-10-28 15:07 561664 e4c13720156ce01f6c06092327cd6816 c:\windows\system32\dllcache\user32.dll

2001-10-28 15:07 75264 4a95e7320199ec0e3a695494f140c69f c:\windows\system32\ws2_32.dll

2001-10-28 15:07 75264 4a95e7320199ec0e3a695494f140c69f c:\windows\system32\dllcache\ws2_32.dll

2001-10-28 15:07 595968 73e60c457a3fa07ea6fd9684ddd67856 c:\windows\system32\wininet.dll

2001-10-28 15:07 595968 73e60c457a3fa07ea6fd9684ddd67856 c:\windows\system32\dllcache\wininet.dll

2001-10-28 15:07 327168 e7774698bb0d14b0710a9a31e209f9b6 c:\windows\system32\dllcache\tcpip.sys

2001-10-28 15:07 327168 e7774698bb0d14b0710a9a31e209f9b6 c:\windows\system32\drivers\tcpip.sys

2001-10-28 15:07 432128 4bbd085f3684a4dbebc7c291bd3d9f94 c:\windows\system32\winlogon.exe

2001-10-28 15:07 432128 4bbd085f3684a4dbebc7c291bd3d9f94 c:\windows\system32\dllcache\winlogon.exe

2001-10-28 15:07 161536 3efd4f59ba0a340de0a3ab984001dbf7 c:\windows\system32\dllcache\ndis.sys

2001-10-28 15:07 161536 3efd4f59ba0a340de0a3ab984001dbf7 c:\windows\system32\drivers\ndis.sys

2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\system32\drivers\ip6fw.sys

2001-10-28 15:06 1900416 fa687b67a53e7a3960a8f9423a587d17 c:\windows\system32\ntkrnlpa.exe

2001-10-28 15:07 1985920 4d4f236f525f7347e4346ccb77d524ef c:\windows\system32\ntoskrnl.exe

2001-10-28 15:06 1003008 6793e48fe13281f743e043dd5dce6fe0 c:\windows\explorer.exe

2001-10-28 15:06 1003008 6793e48fe13281f743e043dd5dce6fe0 c:\windows\system32\dllcache\explorer.exe

2001-10-28 15:07 101888 ab1b155a5c021b4344aabe5f001b5260 c:\windows\system32\services.exe

2001-10-28 15:07 101888 ab1b155a5c021b4344aabe5f001b5260 c:\windows\system32\dllcache\services.exe

2009-02-13 23:34 8888320 57f625b1e33493dcaab5956409a6c07f c:\windows\system32\imgrdir\services.exe

2001-10-28 15:06 11776 645758200a07595426d03d5a1c06c103 c:\windows\system32\lsass.exe

2001-10-28 15:06 11776 645758200a07595426d03d5a1c06c103 c:\windows\system32\dllcache\lsass.exe

2001-10-28 15:06 13312 c3ca8a31f9e1a0e6a878da714eeddb44 c:\windows\system32\ctfmon.exe

2001-10-28 15:06 13312 c3ca8a31f9e1a0e6a878da714eeddb44 c:\windows\system32\dllcache\ctfmon.exe

2001-10-28 15:07 51200 9459644e947febefd4ed3041cbd608ba c:\windows\system32\spoolsv.exe

2001-10-28 15:07 51200 9459644e947febefd4ed3041cbd608ba c:\windows\system32\dllcache\spoolsv.exe

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

2008-10-08 12:22 1172792 --a------ c:\arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\arquiv~1\MSNMES~1\msnmsgr.exe" [2005-10-12 7086080]

"MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2004-08-04 1667584]

"CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2001-10-28 13312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-02-11 148888]

"Sony Ericsson PC Suite"="c:\arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]

"services"="c:\windows\System32\imgrdir\services.exe" [2009-02-13 8888320]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"Motive SmartBridge"="c:\docume~1\DAFFEN~1\Desktop\ASSIST~1\SMARTB~1\MotiveSB.exe" [2005-04-15 397312]

"InCD"="c:\arquivos de programas\Ahead\InCD\InCD.exe" [2005-01-27 1381376]

"avgnt"="c:\arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

"Adobe Photo Downloader"="c:\arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]

"VTTrayp"="VTtrayp.exe" [2005-10-31 c:\windows\system32\VTTrayp.exe]

"VTTimer"="VTTimer.exe" [2005-03-07 c:\windows\system32\VTTimer.exe]

"SRFirstRun"="srclient.dll" [2001-10-28 c:\windows\system32\srclient.dll]

"SoundMan"="SOUNDMAN.EXE" [2005-11-11 c:\windows\SOUNDMAN.EXE]

"SchedulingAgent"="mstinit.exe" [2001-10-28 c:\windows\system32\mstinit.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2001-10-28 13312]

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Adobe Reader Speed Launch.lnk - c:\arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

Assistente Tecnico Speedy.lnk - c:\documents and settings\Daffenne Cristina\Desktop\Assistente Tecnico Speedy\bin\matcli.exe [2009-02-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\iesetup32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"Iprip"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

"AntiVirusDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\PremierOpinion\\pmropn.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R2 DllSrv Service Controler;DllSrv Service Controler;c:\windows\system32\drivers\DllSrv.exe [2009-03-08 157696]

R2 Nemesis Patch;Nemesis Patch;c:\program files\DomainSpa\Nemesis\Patch\NemesisPatch.exe [2009-03-14 178688]

R3 Nemesis Client;Nemesis Client;c:\program files\DomainSpa\Nemesis\Client\NemesisClient.exe [2009-03-26 173056]

R3 SetupNTGLM7X;SetupNTGLM7X; [x]

R3 usb2vcom;USB to Serial Bridge Controller; [x]

R3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\DRIVERS\w200bus.sys [2006-11-07 61504]

R3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]

R3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]

R3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]

R3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\w200obex.sys [2006-11-07 86368]

S0 avgntmgr;avgntmgr;c:\windows\SYSTEM32\DRIVERS\avgntmgr.sys [2008-01-21 22336]

S1 avgntdd;avgntdd;c:\windows\system32\DRIVERS\avgntdd.sys [2008-05-09 45376]

--- ---

*Deregistered* - AFD

*Deregistered* - audstub

*Deregistered* - avgntdd

*Deregistered* - avgntmgr

*Deregistered* - avipbb

*Deregistered* - Beep

*Deregistered* - CryptSvc

*Deregistered* - dmio

*Deregistered* - dmload

*Deregistered* - ERSvc

*Deregistered* - Fastfat

*Deregistered* - Fips

*Deregistered* - Ftdisk

*Deregistered* - Gpc

*Deregistered* - helpsvc

*Deregistered* - InCDfs

*Deregistered* - IPSec

*Deregistered* - KSecDD

*Deregistered* - mnmdd

*Deregistered* - MountMgr

*Deregistered* - MRxSmb

*Deregistered* - Msfs

*Deregistered* - Mup

*Deregistered* - NDIS

*Deregistered* - NdisTapi

*Deregistered* - NdisWan

*Deregistered* - NDProxy

*Deregistered* - NetBIOS

*Deregistered* - NetBT

*Deregistered* - Npfs

*Deregistered* - Ntfs

*Deregistered* - Null

*Deregistered* - NwlnkIpx

*Deregistered* - NwlnkNb

*Deregistered* - NwlnkSpx

*Deregistered* - PartMgr

*Deregistered* - ParVdm

*Deregistered* - PptpMiniport

*Deregistered* - PSched

*Deregistered* - RasAcd

*Deregistered* - Rasl2tp

*Deregistered* - RasPppoe

*Deregistered* - Raspti

*Deregistered* - Rdbss

*Deregistered* - RDPCDD

*Deregistered* - rdpdr

*Deregistered* - RpcSs

*Deregistered* - Spooler

*Deregistered* - sr

*Deregistered* - srservice

*Deregistered* - ssmdrv

*Deregistered* - StarOpen

*Deregistered* - swenum

*Deregistered* - Tcpip

*Deregistered* - TermDD

*Deregistered* - Update

*Deregistered* - VgaSave

*Deregistered* - VolSnap

*Deregistered* - Wanarp

*Deregistered* - winmgmt

*Deregistered* - wuauserv

.

- - - - ORFÃOS REMOVIDOS - - - -

BHO-{4a72c9fb-3151-857e-e702-f8c0983d56ae} - c:\windows\System32\nspD.dll

BHO-{577F9564-65A2-6755-9FB2-1B7F28ABF2AB} - c:\windows\System32\qvwyxtuptlpbjo.dll

BHO-{D3F45127-22BD-D5E1-7DF7-0863E0BCB2DE} - c:\windows\System32\nyxnnrxrdmey.dll

HKCU-Run-swg - c:\arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

HKLM-Run-rrveoxlmobv - c:\windows\System32\qvwyxtuptlpbjo.dll

HKLM-RunOnce-3telefonica.BlockedAlerts - c:\arquivos de programas\Assistente Tecnico Speedy\bin\AboutBrowser\MotiveBrowser.exe

Notify-449aeb7f530 - c:\windows\System32\iesetup32.dll

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com.br/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = 127.0.0.1

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm

TCP: {E5B0A612-899B-464C-B744-1692DCCF312A} = 200.204.0.10,200.204.0.138

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-04-02 17:05:03

Windows 5.1.2600 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(664)

c:\windows\system32\ODBC32.dll

c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

- - - - - - - > 'lsass.exe'(720)

c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\windows\system32\userinit.exe

.

**************************************************************************

.

Tempo para conclusão: 2009-04-02 17:07:08 - Máquina reiniciou [Daffenne Cristina]

ComboFix-quarantined-files.txt 2009-04-02 20:07:06

Pré-execução: 10 pasta(s) 55.944.683.520 bytes disponíveis

Pós execução: 9 pasta(s) 57,244,295,168 bytes disponíveis

402

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×