[Resolvido] Computador com internet super lenta

[carol2906 0]

Boa tarde,

 

De uns dias pra cá meu computador tem ficado muito lento na internet, já olhei com minha operadora e aparentemente não há problemas com o meu sinal.

Mas o fato é que não consigo carregar vídeos sem travar e nunca consigo vê-los até o final e até mesmo fotos tem hora que trava tudo.

Apareceu uma voz do nada também dizendo "Opa, detectamos um plugin malicioso em seu pc". Removi um programa que aparentemente estava fazendo isso mas acho que deve ter ficado ainda alguma coisa.

 

Segue log do hijack this

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:45:01, on 14/11/2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Serv_SpUsb.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\FsUsbExService.Exe

C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\ngsrv\ngslotd.exe

C:\WINDOWS\system32\HPZipm12.exe

c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\aetcrss1.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\rundll32.exe

C:\DOCUME~1\Carol\CONFIG~1\Temp\~nsu.tmp\Au_.exe

C:\HIJACKTHIS\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer

R3 - Default URLSearchHook is missing

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehCef.dll

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O4 - HKLM\..\Run: [APSDaemon] "C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [CertificateRegistration] aetcrss1.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [] C:\Arquivos de programas\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Append to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: http://www.bancosantander.com.br

O15 - Trusted Zone: www.bb.com.br

O15 - Trusted Zone: http://www.bb.com.br

O15 - Trusted Zone: imagem.caixa.gov.br

O15 - Trusted Zone: internetbanking.caixa.gov.br

O15 - Trusted Zone: internetbankingpf.caixa.gov.br

O15 - Trusted Zone: www.caixa.gov.br

O15 - Trusted Zone: http://www.santander.com.br

O15 - Trusted Zone: http://www.santanderempresarial.com.br

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll

O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll

O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Baidu MoboMarket Service (BASSVC) - Baidu, Inc. - C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe

O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: SAGEM MorphoSmart Service Provider Usb Server (MSO_SpUsb_Service) - Unknown owner - C:\WINDOWS\system32\Serv_SpUsb.exe

O23 - Service: ngSlotDaemon (ngSlotD) - OEM - C:\Arquivos de programas\ngsrv\ngslotd.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

O23 - Service: ScsiAccess - Unknown owner - C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\SwitchBoard\SwitchBoard.exe

--

End of file - 11497 bytes

[DigRam 144]

Boa Noite! carol2906

 

> Baixe: < > ( ... par Xplode )

>

> Ou daqui: < AdwCleaner >

> Ao acessar,clique em "Download Now".

>

> Salve-o no desktop!

< >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

> Ps: Dê início ao scan,clicando em "Examinar".

< >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.

> Copie o log ou clique "Relatório".

> Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

A+

[carol2906 0]

Bom dia,

 

Não consigo executar de maneira alguma o programa AdwCleaner.

Ao clicar com o botão direito e executar como simplesmente o programa não abre e nem abre nada para selecionar o modo de execução.

 

Até mais

[DigRam 144]

Boa Noite! carol2906

 

> Baixe: < Adware Removal Tool for PC > ( ... by bitdefender.com )

> Estando na página,clique: FREE DOWNLOAD

> Salve-o no desktop ou unidade pendrive. ( BDPUARLauncher.exe )

> Execute-a,com duplo clique em BDPUARLauncher.exe <<

> Informe se houve detecções!

A+

[carol2906 0]

Boa noite DigRam,

 

A detecção foi a seguinte:

C:\WINDOWS\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c Adware.Netfilter.H

 

Devo remover?

 

Até mais

[DigRam 144]

Boa noite DigRam,

 

A detecção foi a seguinte:

C:\WINDOWS\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c Adware.Netfilter.H

 

Devo remover?

 

Até mais

Boa Noite! carol2906

 

> Se a ferramenta não o fez...remova-o!

 

> Baixe: < > ( ... by Oleg N. Scherbakov )

> Salve-o no desktop!

> Desabilite seu antivírus!

> Para Windows 7,clique direito em JRT.exe e execute-o ...

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+

[carol2906 0]

Boa tarde DigRam,

 

Fiz a remoção do arquivo.

Já o JRT.exe não executa de forma alguma.

 

Até mais

[DigRam 144]

Boa Noite! carol2906

 

> Baixe: < Farbar Recovery Scan Tool >

> Baixe: < > ( ... by Farbar )

> Ou aqui...

< Farbar Recovery Scan Tool 64-Bit >

> Ou aqui,para sistemas 64bit!

> Salve-o no desktop! (Área de trabalho ...)

> Execute a ferramenta! Clique "Yes" >> "Scan".

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.

> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".

> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

> Poste o relatório! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à Pjjoint.malekal.

> Ou acesse: < >

> Maiores informações: < |Link| >

A+

[carol2906 0]

Boa noite Digram,

 

Não sei mais o que fazer, este programa também não executa, não dá nem sinal. :upset:

 

Até mais.

[DigRam 144]

Boa noite Digram,

 

Não sei mais o que fazer, este programa também não executa, não dá nem sinal. :upset:

 

Até mais.

Boa Noite! carol2906

 

> Tente em Modo de Segurança.

 

A+

[carol2906 0]

Boa noite DigRam,

 

Seguem os links dos logs para análise:

 

http://cjoint.com/?DKswGFB0uBf

http://cjoint.com/?DKswHUi50ka

Até mais

[DigRam 144]

Boa Noite! Carol2906

> Copie estas informações que estão em vermelho,para o Bloco de Notas.

> Salve-a com o nome fixlist.txt.

> Salve-a no desktop! ( Área de trabalho ... ) /!\ (C:\Documents and Settings\Carol\Desktop) /!\

start

CloseProcesses:

(Baidu, Inc.) C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe

(Baidu, Inc.) C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe

(Baidu, Inc.) C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\liveupdate.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKU\S-1-5-21-725345543-920026266-1801674531-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKLM -> DefaultScope value is missing.

FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E8874} [Not Found]

R2 BASSVC; C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe [208928 2014-11-07] (Baidu, Inc.)

R0 Bhbase; C:\WINDOWS\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)

S0 360HookOem; system32\drivers\360HookOem.sys [X]

S3 BHip---; \??\C:\WINDOWS\System32\drivers\BHip---.sys [X]

S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]

U2 CertPropSvc; No ImagePath

U4 dwshd; \SystemRoot\System32\drivers\dwshd.sys [X]

S4 InCDFs; system32\drivers\InCDFs.sys [X]

S4 IntelIde; No ImagePath

S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

S3 PCFApiUtil; \??\C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]

S3 Spring; \??\C:\Arquivos de programas\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Spring.sys [X]

U1 WS2IFSL; No ImagePath

S1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gt; system32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gt.sys [X]

2014-11-17 12:09 - 2014-11-17 12:09 - 01707532 _____ (Thisisu) C:\Documents and Settings\Carol\Desktop\JRT.exe

2014-11-11 14:58 - 2014-11-18 19:19 - 00027889 _____ () C:\WINDOWS\setupapi.log

2014-10-21 16:55 - 2014-10-21 16:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess

2014-10-21 16:55 - 2014-10-21 16:54 - 00815314 _____ () C:\Documents and Settings\Carol\Dados de aplicativos\unins002.exe

2014-11-18 19:20 - 2009-09-01 10:16 - 01420836 _____ () C:\WINDOWS\WindowsUpdate.log

2014-11-18 19:19 - 2009-09-01 10:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2014-11-18 19:19 - 2009-09-01 10:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2014-11-18 19:15 - 2009-09-01 10:20 - 00032534 _____ () C:\WINDOWS\SchedLgU.Txt

2014-11-17 11:41 - 2010-05-22 20:52 - 00247296 _____ () C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-11-14 18:22 - 2012-03-14 11:52 - 00000300 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2014-11-14 12:44 - 2013-05-03 13:40 - 00000000 ____D () C:\HIJACKTHIS

2014-11-10 17:42 - 2014-09-28 11:18 - 00000000 ____D () C:\Documents and Settings\Carol\Dados de aplicativos\Baidu Security

2014-11-10 17:42 - 2014-09-25 21:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security

2014-11-01 07:28 - 2014-09-28 11:16 - 00000000 ____D () C:\Arquivos de programas\Baidu Security

2014-10-29 02:00 - 2014-05-22 21:45 - 00000364 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-CASA-46997CABD5-Carol.job

2014-11-07 05:08 - 2014-11-07 05:08 - 02257952 _____ () C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\skiax.dll

2014-11-07 05:08 - 2014-11-07 05:08 - 00141856 _____ () C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\zlib1.dll

C:\Documents and Settings\Carol\jagex_runescape_preferences.dat

C:\Documents and Settings\Carol\jagex_runescape_preferences2.dat

C:\Documents and Settings\Carol\jagex__preferences3.dat

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-CASA-46997CABD5-Carol.job => C:\Arquivos de programas\Arquivos comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe

AlternateDataStreams: C:\WINDOWS\system32\drivers:IncompleteBoot.cnt

emptytemp:

end

> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!

> Na mensagem,clique Executar.

> Poste o relatório! (Fixlog.txt)

A+

[carol2906 0]

Boa tarde DigRam,

 

Segue o relatório para análise:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-11-2014

Ran by Carol at 2014-11-19 11:19:31 Run:1

Running from C:\Documents and Settings\Carol\Desktop

Loaded Profile: Carol (Available profiles: Carol & Administrador)

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

start

CloseProcesses:

(Baidu, Inc.) C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe

(Baidu, Inc.) C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe

(Baidu, Inc.) C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\liveupdate.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKU\S-1-5-21-725345543-920026266-1801674531-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKLM -> DefaultScope value is missing.

FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E8874} [Not Found]

R2 BASSVC; C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe [208928 2014-11-07] (Baidu, Inc.)

R0 Bhbase; C:\WINDOWS\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)

S0 360HookOem; system32\drivers\360HookOem.sys [X]

S3 BHip---; \??\C:\WINDOWS\System32\drivers\BHip---.sys [X]

S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X]

U2 CertPropSvc; No ImagePath

U4 dwshd; \SystemRoot\System32\drivers\dwshd.sys [X]

S4 InCDFs; system32\drivers\InCDFs.sys [X]

S4 IntelIde; No ImagePath

S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

S3 PCFApiUtil; \??\C:\Arquivos de programas\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]

S3 Spring; \??\C:\Arquivos de programas\Baidu-Security-2014-4.4.4.73687\Baidu Antivirus\Spring.sys [X]

U1 WS2IFSL; No ImagePath

S1 {bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gt; system32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gt.sys [X]

2014-11-17 12:09 - 2014-11-17 12:09 - 01707532 _____ (Thisisu) C:\Documents and Settings\Carol\Desktop\JRT.exe

2014-11-11 14:58 - 2014-11-18 19:19 - 00027889 _____ () C:\WINDOWS\setupapi.log

2014-10-21 16:55 - 2014-10-21 16:55 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess

2014-10-21 16:55 - 2014-10-21 16:54 - 00815314 _____ () C:\Documents and Settings\Carol\Dados de aplicativos\unins002.exe

2014-11-18 19:20 - 2009-09-01 10:16 - 01420836 _____ () C:\WINDOWS\WindowsUpdate.log

2014-11-18 19:19 - 2009-09-01 10:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log

2014-11-18 19:19 - 2009-09-01 10:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log

2014-11-18 19:15 - 2009-09-01 10:20 - 00032534 _____ () C:\WINDOWS\SchedLgU.Txt

2014-11-17 11:41 - 2010-05-22 20:52 - 00247296 _____ () C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-11-14 18:22 - 2012-03-14 11:52 - 00000300 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2014-11-14 12:44 - 2013-05-03 13:40 - 00000000 ____D () C:\HIJACKTHIS

2014-11-10 17:42 - 2014-09-28 11:18 - 00000000 ____D () C:\Documents and Settings\Carol\Dados de aplicativos\Baidu Security

2014-11-10 17:42 - 2014-09-25 21:46 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security

2014-11-01 07:28 - 2014-09-28 11:16 - 00000000 ____D () C:\Arquivos de programas\Baidu Security

2014-10-29 02:00 - 2014-05-22 21:45 - 00000364 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-CASA-46997CABD5-Carol.job

2014-11-07 05:08 - 2014-11-07 05:08 - 02257952 _____ () C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\skiax.dll

2014-11-07 05:08 - 2014-11-07 05:08 - 00141856 _____ () C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\zlib1.dll

C:\Documents and Settings\Carol\jagex_runescape_preferences.dat

C:\Documents and Settings\Carol\jagex_runescape_preferences2.dat

C:\Documents and Settings\Carol\jagex__preferences3.dat

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-CASA-46997CABD5-Carol.job => C:\Arquivos de programas\Arquivos comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe

AlternateDataStreams: C:\WINDOWS\system32\drivers:IncompleteBoot.cnt

emptytemp:

end

*****************

Processes closed successfully.

C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe => No running process found

C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\bas_helper.exe => No running process found

C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\liveupdate.exe => No running process found

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

"HKU\S-1-5-21-725345543-920026266-1801674531-1005\SOFTWARE\Policies\Google" => Key deleted successfully.

Default URLSearchHook was restored successfully .

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

FF Extension: No Name - {87F8774F-B485-47E2-A755-A40A8A5E8874} [Not Found] => not found.

BASSVC => Service deleted successfully.

Bhbase => Unable to stop service

Bhbase => Service deleted successfully.

360HookOem => Service deleted successfully.

BHip--- => Service not found.

BprotectEx => Service deleted successfully.

CertPropSvc => Service deleted successfully.

dwshd => Service deleted successfully.

InCDFs => Service deleted successfully.

IntelIde => Service deleted successfully.

lmimirr => Service deleted successfully.

PCFApiUtil => Service deleted successfully.

Spring => Service deleted successfully.

WS2IFSL => Service deleted successfully.

{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gt => Service deleted successfully.

C:\Documents and Settings\Carol\Desktop\JRT.exe => Moved successfully.

C:\WINDOWS\setupapi.log => Moved successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\boost_interprocess => Moved successfully.

C:\Documents and Settings\Carol\Dados de aplicativos\unins002.exe => Moved successfully.

Could not move "C:\WINDOWS\WindowsUpdate.log" => Scheduled to move on reboot.

Could not move "C:\WINDOWS\wiadebug.log" => Scheduled to move on reboot.

Could not move "C:\WINDOWS\wiaservc.log" => Scheduled to move on reboot.

Could not move "C:\WINDOWS\SchedLgU.Txt" => Scheduled to move on reboot.

C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.

C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => Moved successfully.

C:\HIJACKTHIS => Moved successfully.

C:\Documents and Settings\Carol\Dados de aplicativos\Baidu Security => Moved successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security => Moved successfully.

C:\Arquivos de programas\Baidu Security => Moved successfully.

C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-CASA-46997CABD5-Carol.job => Moved successfully.

"C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\skiax.dll" => File/Directory not found.

"C:\Arquivos de programas\Baidu Security\MoboMarket\1.2.8.3611\zlib1.dll" => File/Directory not found.

C:\Documents and Settings\Carol\jagex_runescape_preferences.dat => Moved successfully.

C:\Documents and Settings\Carol\jagex_runescape_preferences2.dat => Moved successfully.

C:\Documents and Settings\Carol\jagex__preferences3.dat => Moved successfully.

C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-CASA-46997CABD5-Carol.job not found.

C:\WINDOWS\Tasks\AppleSoftwareUpdate.job not found.

C:\WINDOWS\system32\drivers => ":IncompleteBoot.cnt" ADS removed successfully.

EmptyTemp: => Removed 763.2 MB temporary data.

Até mais

[DigRam 144]

Boa Tarde! carol2906

 

> Tente,agora,executar a ferramenta AdwCleaner e JRT.

> Caso não consiga,tente em Modo de Segurança.

> Poste os relatórios!

 

A+

[carol2906 0]

Boa noite DigRam,

 

Seguem os relatórios:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.3.9 (11.15.2014:2)

OS: Microsoft Windows XP x86

Ran by Carol on 19/11/2014 at 22:48:14,45

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\baidu"

Successfully deleted: [Folder] "C:\Arquivos de programas\yuna software"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 19/11/2014 at 22:52:53,53

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v4.101 - Relatório criado 19/11/2014 às 22:42:58

# Atualizado 09/11/2014 por Xplode

# Database : 2014-11-07.1 [Local]

# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)

# Usuário : Carol - CASA-46997CABD5

# Executando de : C:\Documents and Settings\Carol\Desktop\AdwCleaner.exe

# Opção : Limpar

***** [ Serviços ] *****

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Documents and Settings\All Users\Dados de aplicativos\baidu

Pasta Deletada : C:\Arquivos de programas\SiteLookup

Pasta Deletada : C:\Documents and Settings\Carol\Dados de aplicativos\baidu

***** [ Tarefas ] *****

***** [ Atalhos ] *****

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Chave Deletedo : HKCU\Software\InstallCore

Chave Deletedo : HKCU\Software\Softonic

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v33.1 (x86 pt-BR)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [1952 octets] - [19/11/2014 22:39:06]

AdwCleaner[s0].txt - [1844 octets] - [19/11/2014 22:42:58]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1904 octets] ##########

Até mais!

[DigRam 144]

Boa Noite! carol2906

 

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".

> Confirme a solicitação!

> Baixe: < > ( ... de Nicolas Coolman )

> Estando na página,clique

> Salve-a no desktop!

> Execute-a e ao abrir,clique "J'accept/I Agree".

> Para correções mais abrangentes,marque todas as opções disponíveis.

> Clique Réparer.

> Clique Rapport.

> Poste o relatório!

A+

 

[carol2906 0]

Boa tarde Digram

 

Segue relatório

 

~ ZHPCleaner v2014.11.19.230 by Nicolas Coolman (19/11/2014)

~ Run by Carol (Administrator) (20/11/2014 12:10:40)

~ Forum : http://forum.nicolascoolman.fr

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Type : Repair

~ Report : C:\Documents and Settings\Carol\Desktop\ZHPCleaner.txt

~ Quarantine : C:\Documents and Settings\Carol\Dados de aplicativos\ZHP\ZHPCleaner_Quarantine.txt

~ UAC : Deactivate

~ Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Services (0)

~ No malicious items found.

---\\ Browser Internet (8)

REPLACED Proxy: MigrateProxy ( 0 )

REPLACED IE Params: Default_Page_URL ( hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome )

REPLACED IE Params: Default_Search_URL ( hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch )

REPLACED IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm )

REPLACED IE Params: Default_Page_URL ( hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome )

REPLACED IE Params: Default_Search_URL ( hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch )

FOUND FF: C:\Documents and Settings\Carol\Dados de aplicativos\Mozilla\Firefox\Profiles\pqdvgsis.default\prefs.js

REPLACED FF: [pqdvgsis.default] - user_pref("browser.search.order.1", "Google"); (PUP.Babylon)

---\\ Hosts file (2)

REPLACED:

Number of found redirections 1/20

---\\ Scheduled automatic tasks. (0)

~ No malicious items found.

---\\ Explorer ( Files, Folders) (3)

MOVED: C:\Arquivos de programas\RocketDock (PUP.RockTurner)

MOVED: C:\Arquivos de programas\RocketDock\Icons [ - ] (PUP.RockTurner)

MOVED: C:\Arquivos de programas\RocketDock\RocketDock.dll [ - ] (PUP.RockTurner)

---\\ Registry ( Keys, Values, Datas) (3)

DELETED: HKCR\CLSID\{2a6eb050-7f1c-11ce-be57-00aa0051fe20} [French_French Stemmer] (Toolbar.Conduit)

DELETED: HKCR\CLSID\{59e09848-8099-101b-8df3-00000b65c3b5} [French_French Word Breaker] (Toolbar.Conduit)

DELETED: HKCR\ADDINEXPRESS.OutlookSecurityManager [OutlookSecMan Control] (Trojan.Camec)

---\\ Result of repair

~ Repair carried out successfully

~ No browser found (Opera Software)

End of clean at 12:23:30

[DigRam 144]

Boa Tarde! carol2906

 

> Baixe: < Complete Internet Repair >

> Extraia o conteúdo e execute o arquivo "CIntRep.exe".

> Marque as checkbox:

Reset Internet Protocol (TCP/IP)

Repair Winsock (Reset Catalog)

Renew Internet Connections

Flush DNS Resolver Cache

Repair Internet Explorer 10.0.9200

Clear Windows Update History

Repair Windows / Automatic Updates

Repair SSL / HTTPS / Cryptography

Reset Windows Firewall Configuration

Restore the default hosts file

Repair Workgroup Computers view

> Clique "Go!".

> Ao concluir,reinicie o computador!

> À seguir,acesse a pasta "Complete Internet Repair" >> "Logging".

> Duplo-clique em "CIntRep.log".

> Poste o log resultante!

A+

[carol2906 0]

Boa tarde DigRam

 

Segue o log:

 

./

(o o)

--------------------------------------oOOo-(_)-oOOo--------------------------------------

[20/11/2014 13:42:27] Resetting all TCP/IP Interfaces, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:37] TCP/IP Stack reset successful.

[20/11/2014 13:42:37] TCP/IP Reset log located @ [C:\Documents and Settings\Carol\Desktop\logging\CIRReset.log]

[20/11/2014 13:42:38] TCP/IP interfaces reset successful.

[20/11/2014 13:42:40] The TCP/IP v6 protocol might not be installed.

[20/11/2014 13:42:40] Click on 'Commands' then 'Install IP6 protocol' to install TCP/IP v6.

[20/11/2014 13:42:40] You may need to restart your computer for the settings to take effect.

[20/11/2014 13:42:40] Finished resetting the Internet Protocol (TCP/IP).

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:40] Attempting to reset Winsock catalog, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:42] Successfully reset the Winsock Catalog.

[20/11/2014 13:42:42] Finished repairing Winsock

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:43] Releasing TCP/IP connections, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:43] Successfully released TCP/IP connections.

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:43] Renewing TCP/IP connections, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:49] Successfully renewed TCP/IP adapters.

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:50] Configuring the Windows Event Log Service, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:50] Windows Event Log Service Configured.

[20/11/2014 13:42:50] Starting the Windows Event Log Service.....

[20/11/2014 13:42:50] Windows Event Log Service Started Successfully.

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:50] Flushing DNS Resolver Cache, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:51] Successfully flushed DNS Resolver Cache.

[20/11/2014 13:42:51] Refreshing all DHCP leases and re-registering DNS names, Please wait.....

[20/11/2014 13:42:51] Registration of the DNS resource records has been initiated.

[20/11/2014 13:42:51] Note: Any errors will be reported in the 'Event Viewer' in about 15 minutes.

[20/11/2014 13:42:51] Note: Click on 'File' and then 'Event Viewer...' to open the Event Viewer.

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:51] Repairing Internet Explorer 8.0.6001, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:42:51] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\DiagnosticsHub_is.dll"' Specified module not found

[20/11/2014 13:42:51] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\DiagnosticsTap.dll"' Specified module not found

[20/11/2014 13:42:52] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\F12.dll"' Specified module not found

[20/11/2014 13:42:52] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\F12Tools.dll"' Specified module not found

[20/11/2014 13:42:52] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\hmmapi.dll"' registration succeeded.

[20/11/2014 13:42:52] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\iedvtool.dll"' registration succeeded.

[20/11/2014 13:42:52] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\ieproxy.dll"' registration succeeded.

[20/11/2014 13:42:52] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\msdbg2.dll"' Specified module not found

[20/11/2014 13:42:53] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\pdm.dll"' registration succeeded.

[20/11/2014 13:42:53] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\pdmproxy100.dll"' Specified module not found

[20/11/2014 13:42:53] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\perf_nt.dll"' Specified module not found

[20/11/2014 13:42:53] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\perfcore.dll"' Specified module not found

[20/11/2014 13:42:53] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\Timeline_is.dll"' Specified module not found

[20/11/2014 13:42:53] RegSvr32.exe: actxprxy.dll' registration succeeded.

[20/11/2014 13:42:53] RegSvr32.exe: asctrls.ocx' registration succeeded.

[20/11/2014 13:42:55] RegSvr32.exe: browseui.dll' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: cdfview.dll' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: comcat.dll' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: comctl32.dll' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: corpol.dll' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: cryptdlg.dll' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\custsat.dll"' registration succeeded.

[20/11/2014 13:42:56] RegSvr32.exe: digest.dll' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: dispex.dll' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: dxtmsft.dll' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: dxtrans.dll' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: extmgr.dll' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\hmmapi.dll"' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: hlink.dll' registration succeeded.

[20/11/2014 13:42:57] RegSvr32.exe: ieaksie.dll' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: ieapfltr.dll' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: iedkcs32.dll' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\iedvtool.dll"' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: iedvtool.dll' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: ieframe.dll' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: iepeers.dll' registration succeeded.

[20/11/2014 13:42:58] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\ieproxy.dll"' registration succeeded.

[20/11/2014 13:42:59] RegSvr32.exe: ieproxy.dll' registration succeeded.

[20/11/2014 13:42:59] RegSvr32.exe: iesetup.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:42:59] RegSvr32.exe: imgutil.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:42:59] RegSvr32.exe: inetcpl.cpl' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:42:59] RegSvr32.exe: inetcpl.cpl' registration succeeded.

[20/11/2014 13:43:45] RegSvr32.exe: initpki.dll' registration succeeded.

[20/11/2014 13:43:46] RegSvr32.exe: inseng.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:46] RegSvr32.exe: jscript.dll' registration succeeded.

[20/11/2014 13:43:46] RegSvr32.exe: licmgr10.dll' registration succeeded.

[20/11/2014 13:43:46] RegSvr32.exe: mlang.dll' registration succeeded.

[20/11/2014 13:43:48] RegSvr32.exe: mobsync.dll' registration succeeded.

[20/11/2014 13:43:48] RegSvr32.exe: msapsspc.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:48] RegSvr32.exe: mscoree.dll' registration succeeded.

[20/11/2014 13:43:48] RegSvr32.exe: mscorier.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:48] RegSvr32.exe: mscories.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:49] RegSvr32.exe: msdbg2.dll' registration succeeded.

[20/11/2014 13:43:49] RegSvr32.exe: mshta.exe' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:49] RegSvr32.exe: mshtml.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:49] RegSvr32.exe: mshtmled.dll' registration succeeded.

[20/11/2014 13:43:49] RegSvr32.exe: msident.dll' registration succeeded.

[20/11/2014 13:43:49] RegSvr32.exe: msieftp.dll' registration succeeded.

[20/11/2014 13:43:50] RegSvr32.exe: msnsspc.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:50] RegSvr32.exe: msr2c.dll' registration succeeded.

[20/11/2014 13:43:50] RegSvr32.exe: msrating.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:50] RegSvr32.exe: mstime.dll' registration succeeded.

[20/11/2014 13:43:50] RegSvr32.exe: msxml.dll' registration succeeded.

[20/11/2014 13:43:50] RegSvr32.exe: ole32.dll' registration succeeded.

[20/11/2014 13:43:50] RegSvr32.exe: oleacc.dll' registration succeeded.

[20/11/2014 13:43:50] RegSvr32.exe: occache.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:51] RegSvr32.exe: oleaut32.dll' registration succeeded.

[20/11/2014 13:43:51] RegSvr32.exe: "C:\Arquivos de programas\Internet Explorer\pdm.dll"' registration succeeded.

[20/11/2014 13:43:51] RegSvr32.exe: plugin.ocx' Specified module not found

[20/11/2014 13:43:51] RegSvr32.exe: pngfilt.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:51] RegSvr32.exe: proctexe.ocx' registration succeeded.

[20/11/2014 13:43:52] RegSvr32.exe: scrobj.dll' Error number: 0x80070005

[20/11/2014 13:43:52] RegSvr32.exe: sendmail.dll' registration succeeded.

[20/11/2014 13:43:52] RegSvr32.exe: setupwbv.dll' Specified module not found

[20/11/2014 13:43:55] RegSvr32.exe: shdocvw.dll' registration succeeded.

[20/11/2014 13:43:55] RegSvr32.exe: tdc.ocx' registration succeeded.

[20/11/2014 13:43:55] RegSvr32.exe: url.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:58] RegSvr32.exe: urlmon.dll' registration succeeded.

[20/11/2014 13:43:58] RegSvr32.exe: urlmon.dll,NI,HKLM' Specified module not found

[20/11/2014 13:43:59] RegSvr32.exe: vbscript.dll' registration succeeded.

[20/11/2014 13:43:59] RegSvr32.exe: "C:\Arquivos de programas\microsoft shared\vgx\vgx.dll"' Specified module not found

[20/11/2014 13:43:59] RegSvr32.exe: webcheck.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:43:59] Fixing 'New tabs page cannot display content because it cannot access the controls'.

[20/11/2014 13:43:59] This is a result of a bug in shdocvw.dll.

[20/11/2014 13:43:59] Registering Outlook Express files.....

[20/11/2014 13:43:59] RegSvr32.exe: "C:\Arquivos de programas\Outlook Express\msoe.dll"' registration succeeded.

[20/11/2014 13:43:59] RegSvr32.exe: "C:\Arquivos de programas\Outlook Express\oeimport.dll"' registration succeeded.

[20/11/2014 13:43:59] RegSvr32.exe: "C:\Arquivos de programas\Outlook Express\oemiglib.dll"' registration succeeded.

[20/11/2014 13:44:00] RegSvr32.exe: "C:\Arquivos de programas\Outlook Express\wabfind.dll"' registration succeeded.

[20/11/2014 13:44:00] RegSvr32.exe: "C:\Arquivos de programas\Outlook Express\wabimp.dll"' registration succeeded.

[20/11/2014 13:44:00] Finished repairing Internet Explorer 8.0.6001

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:00] Repairing Windows Update / Automatic Updates, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:00] Stopping the BITS Service.....

[20/11/2014 13:44:00] BITS Stopped Successfully.

[20/11/2014 13:44:00] Stopping the Automatic Updates (wuauserv) Service.....

[20/11/2014 13:44:00] Automatic Updates (wuauserv) Service Stopped Successfully.

[20/11/2014 13:44:00] Clearing File Stores (Update History).....

[20/11/2014 13:44:00] Clearing [C:\WINDOWS\SoftwareDistribution\Download].....

[20/11/2014 13:44:00] [C:\WINDOWS\SoftwareDistribution\Download] Cleared.

[20/11/2014 13:44:00] Clearing [C:\WINDOWS\SoftwareDistribution\DataStore].....

[20/11/2014 13:44:00] [C:\WINDOWS\SoftwareDistribution\DataStore] Cleared.

[20/11/2014 13:44:00] Clearing [C:\WINDOWS\system32\CatRoot2].....

[20/11/2014 13:44:00] [C:\WINDOWS\system32\CatRoot2] Cleared.

[20/11/2014 13:44:00] Setting BITS Security Descriptor.....

[20/11/2014 13:44:01] BITS Security Descriptor Set.

[20/11/2014 13:44:01] Setting Automatic Updates (wuauserv) Service Security Descriptor.....

[20/11/2014 13:44:02] Automatic Updates (wuauserv) Security Descriptor Set.

[20/11/2014 13:44:02] Configuring the Automatic Updates (wuauserv) Service.....

[20/11/2014 13:44:02] Automatic Updates (wuauserv) Service Configured.

[20/11/2014 13:44:02] Configuring BITS.....

[20/11/2014 13:44:02] BITS Configured.

[20/11/2014 13:44:02] Registering WUAU DLLs.....

[20/11/2014 13:44:02] RegSvr32.exe: actxprxy.dll' registration succeeded.

[20/11/2014 13:44:02] RegSvr32.exe: atl.dll' registration succeeded.

[20/11/2014 13:44:02] RegSvr32.exe: browseui.dll' registration succeeded.

[20/11/2014 13:44:02] RegSvr32.exe: corpol.dll' registration succeeded.

[20/11/2014 13:44:03] RegSvr32.exe: cryptdlg.dll' registration succeeded.

[20/11/2014 13:44:03] RegSvr32.exe: dispex.dll' registration succeeded.

[20/11/2014 13:44:03] RegSvr32.exe: dssenh.dll' registration succeeded.

[20/11/2014 13:44:03] RegSvr32.exe: gpkcsp.dll' registration succeeded.

[20/11/2014 13:44:24] RegSvr32.exe: initpki.dll' registration succeeded.

[20/11/2014 13:44:24] RegSvr32.exe: jscript.dll' registration succeeded.

[20/11/2014 13:44:24] RegSvr32.exe: mshtml.dll' Module loaded but entry-point DllRegisterServer was not found.

[20/11/2014 13:44:24] RegSvr32.exe: msscript.ocx' registration succeeded.

[20/11/2014 13:44:24] RegSvr32.exe: msxml.dll' registration succeeded.

[20/11/2014 13:44:25] RegSvr32.exe: msxml2.dll' registration succeeded.

[20/11/2014 13:44:26] RegSvr32.exe: msxml3.dll' registration succeeded.

[20/11/2014 13:44:26] RegSvr32.exe: msxml4.dll' registration succeeded.

[20/11/2014 13:44:27] RegSvr32.exe: msxml6.dll' registration succeeded.

[20/11/2014 13:44:27] RegSvr32.exe: muweb.dll' registration succeeded.

[20/11/2014 13:44:27] RegSvr32.exe: ole.dll' Specified module not found

[20/11/2014 13:44:27] RegSvr32.exe: ole32.dll' registration succeeded.

[20/11/2014 13:44:27] RegSvr32.exe: oleaut.dll' Specified module not found

[20/11/2014 13:44:27] RegSvr32.exe: oleaut32.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: qmgr.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: qmgrprxy.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: gpkcsp.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: rsaenh.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: sccbase.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: scrobj.dll' registration succeeded.

[20/11/2014 13:44:28] RegSvr32.exe: scrrun.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: shdocvw.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: shell.dll' Specified module not found

[20/11/2014 13:44:29] RegSvr32.exe: shell32.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: slbcsp.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: softpub.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: urlmon.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: vbscript.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: winhttp.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: wintrust.dll' registration succeeded.

[20/11/2014 13:44:29] RegSvr32.exe: wshext.dll' registration succeeded.

[20/11/2014 13:44:30] RegSvr32.exe: wuapi.dll' registration succeeded.

[20/11/2014 13:44:30] RegSvr32.exe: wuaueng.dll' Error number: 0x80070005

[20/11/2014 13:44:30] RegSvr32.exe: wuaueng1.dll' registration succeeded.

[20/11/2014 13:44:30] RegSvr32.exe: wucltui.dll' registration succeeded.

[20/11/2014 13:44:30] RegSvr32.exe: wucltux.dll' Specified module not found

[20/11/2014 13:44:30] RegSvr32.exe: wups.dll' registration succeeded.

[20/11/2014 13:44:31] RegSvr32.exe: wups2.dll' registration succeeded.

[20/11/2014 13:44:31] RegSvr32.exe: wuweb.dll' registration succeeded.

[20/11/2014 13:44:31] RegSvr32.exe: wuwebv.dll' Specified module not found

[20/11/2014 13:44:31] WUAU DLLs Reregistered.

[20/11/2014 13:44:31] Setting proxy to direct access.....

[20/11/2014 13:44:31] Proxy set to direct access.

[20/11/2014 13:44:31] Restarting the Automatic Updates (wuauserv) Service.....

[20/11/2014 13:44:31] Automatic Updates (wuauserv) Service Restarted.

[20/11/2014 13:44:31] Restarting the BITS Service.....

[20/11/2014 13:44:31] BITS Service Restarted.

[20/11/2014 13:44:32] Initiating Windows Updates detection right away.....

[20/11/2014 13:44:32] Finished repairing Windows Update / Automatic Updates.

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:32] Repairing SSL / HTTPS / Cryptography service, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:32] Configuring the Cryptographic Service.....

[20/11/2014 13:44:33] Cryptographic Service Configured.

[20/11/2014 13:44:33] Stopping the Cryptographic Service.....

[20/11/2014 13:44:33] Cryptographic service Stopped Successfully.

[20/11/2014 13:44:33] Clearing [C:\WINDOWS\system32\CatRoot].....

[20/11/2014 13:44:34] [C:\WINDOWS\system32\CatRoot] cleared.

[20/11/2014 13:44:34] Re-registering SSL / HTTPS / Cryptography DLLs.....

[20/11/2014 13:44:34] RegSvr32.exe: cryptdlg.dll' registration succeeded.

[20/11/2014 13:44:34] RegSvr32.exe: cryptext.dll' registration succeeded.

[20/11/2014 13:44:34] RegSvr32.exe: cryptui.dll' registration succeeded.

[20/11/2014 13:44:34] RegSvr32.exe: dssenh.dll' registration succeeded.

[20/11/2014 13:44:34] RegSvr32.exe: gpkcsp.dll' registration succeeded.

[20/11/2014 13:44:52] RegSvr32.exe: initpki.dll' registration succeeded.

[20/11/2014 13:44:52] RegSvr32.exe: licdll.dll' registration succeeded.

[20/11/2014 13:44:53] RegSvr32.exe: mssign32.dll' registration succeeded.

[20/11/2014 13:44:53] RegSvr32.exe: mssip32.dll' registration succeeded.

[20/11/2014 13:44:53] RegSvr32.exe: regwizc.dll' registration succeeded.

[20/11/2014 13:44:53] RegSvr32.exe: rsaenh.dll' registration succeeded.

[20/11/2014 13:44:53] RegSvr32.exe: scardssp.dll' registration succeeded.

[20/11/2014 13:44:53] RegSvr32.exe: sccbase.dll' registration succeeded.

[20/11/2014 13:44:54] RegSvr32.exe: scecli.dll' registration succeeded.

[20/11/2014 13:44:54] RegSvr32.exe: slbcsp.dll' registration succeeded.

[20/11/2014 13:44:54] RegSvr32.exe: softpub.dll' registration succeeded.

[20/11/2014 13:44:54] RegSvr32.exe: winhttp.dll' registration succeeded.

[20/11/2014 13:44:54] RegSvr32.exe: wintrust.dll' registration succeeded.

[20/11/2014 13:44:54] SSL / HTTPS / Cryptography DLLs re-registered.

[20/11/2014 13:44:54] Restarting the Cryptographic Service.....

[20/11/2014 13:44:55] Cryptographic Service restarted.

[20/11/2014 13:44:55] Finished repairing SSL / HTTPS / Cryptography service.

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:55] Resetting the Windows Firewall configuraton, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:56] Windows Firewall configuration reset successful.

[20/11/2014 13:44:56] Finished resetting the Windows Firewall configuraton.

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:56] Restoring the default Windows HOSTS file, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:56] Writing data to the HOSTS file.....

[20/11/2014 13:44:56] HOSTS file created successfully.

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:56] Repairing Workgroup Computers view, Please wait.....

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:56] Finished repairing Workgroup Computers view.

-----------------------------------------------------------------------------------------

[20/11/2014 13:44:56] You will need to reboot your computer before the settings will take effect.

-----------------------------------------------------------------------------------------

[20/11/2014 13:45:31] Your computer is restarting now.....

-----------------------------------------------------------------------------------------

[DigRam 144]

Boa Tarde! carol2906

 

> Como está sua Internet? Houve melhoras? :)

> Poste novo relatório do HijackThis.

> Ps: Baixe,novamente,a ferramenta.

 

Abs!