Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Tenho uma conexao a radio em minha residencia. Uso uma velocidade de 512k. Só que ultimamente nao consigo permanecer por mais de 2 min e a mesma desconecta a todo instante. Ainda consigo ficar algum tempo se eu estiver fazendo algum download, caso contrario a mesma cai, pra se ter uma ideia, se nao observar o progrsso do download, basta ele terminar e a conexao volta a cair. E isso por incrivel que pareca é um saco, Tenho que a todo instante fazer download. Gostaria que voces analizassem o meu LOG e me dessem alguma dica.
Atenciosamente,
Rubens Duarte
O MEU LOG:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:31, on 28/1/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Fichamento\MPK\MPK.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe
C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe
C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe
C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\RALINK\Common\RaUI.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\CMMON32.EXE
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Hijackthis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,D:\Fichamento\MPK\MPK.exe,
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Arquivos de programas\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9751A08-3841-4598-9B30-73D4887E52C6}: NameServer = 187.19.145.5 200.253.30.69
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC36E61F-5E5C-4BC7-8537-E8995644EA92}: NameServer = 187.19.145.5
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
--
End of file - 8184 bytes
>
Bom dia o_pensador
você conhece?
D:\Fichamento\MPK
NÃO CONHEÇO ...
*Baixe o MSNFix e salve-o no desktop
*Extraia a pasta para o desktop
*Desative temporariamente seu antivírus
Clique com o botão direito do mouse no ícone do Avira ao lado do relógio > clique na opção "AntiVir Guard enable".
*Reinicie o PC em Modo de Segurança (aperte F8 de forma intermitente durante a inicialização do PC e selecione "Modo Seguro)
*Na pasta MSNFix execute o arquivo MSN.bat
*Tecle [R] > [ENTER]
*Se alguma infecção for encontrada, no alto da tela surgirá uma mensagem "Infection Present"
*Tecle [N] > [ENTER]
*Para sair do programa tecle [Q] > [ENTER]
*Reinicie o PC em Modo Normal
*Cole o relatório criado em C:\msnfix.txt
Fiz exatamente como o recomendado. Não foi encontrado nenhum VIRUS. Só que ao terminar procurei o ARQUIVO que deveria ser postado com o endereço C:\MSNFIX.txt só que o mesmo nao existe. O que vou colocar é o que tem no seguinte endereco: C:\WINDOWS\MSNFIX.txt
MSNFix 1.749
C:\Documents and Settings\TarTech\Desktop\MSNFix
Fix lançado dia seg 01/02/2010 - 19:51:36,04 By TarTech
modo normal
************************ Procurando os arquivos presentes
Nenhum arquivo encontrado
************************ Procurando as pastas presentes
Nenhuma pasta encontrada
OK...
1.
*Delete o MSNFix
2.
*Baixe o MalwareBytes Anti-malware e salve-o no desktop:
*Instale o programa
*Se alguma atualização existir,o download será automático. Aguarde...
*O programa será aberto automaticamente.
*Na aba [Verificação], selecione a opção [Verificação completa]
*Clique em [Verificar] e selecione as unidades a serem examinadas
*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]
*Selecione todos os rtesultados e clique em [Remover Selecionados]
*Um relatório (mbam-log-ano-mês-data.txt) será apresentado. Cole-o na sua próxima resposta.
>
OK...
1.
*Delete o MSNFix
2.
*Baixe o MalwareBytes'>http://www.filehippo.com/download_malwarebytes_anti_malware/"]MalwareBytes Anti-malware e salve-o no desktop:
*Instale o programa
*Se alguma atualização existir,o download será automático. Aguarde...
*O programa será aberto automaticamente.
*Na aba [Verificação], selecione a opção [Verificação completa]
*Clique em [Verificar] e selecione as unidades a serem examinadas
*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]
*Selecione todos os rtesultados e clique em [Remover Selecionados]
*Um relatório (mbam-log-ano-mês-data.txt) será apresentado. Cole-o na sua próxima resposta.
SEGUE O RELATORIO PEDIDO:
Malwarebytes' Anti-Malware 1.44
Versão do banco de dados: 3675
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2/2/2010 10:14:39
mbam-log-2010-02-02 (10-14-39).txt
Tipo de Verificação: Completa (C:\|D:\|F:\|G:\|)
Objetos verificados: 332110
Tempo decorrido: 2 hour(s), 36 minute(s), 21 second(s)
Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 2
Valores do Registro infectados: 0
Ítens do Registro infectados: 0
Pastas infectadas: 7
Arquivos infectados: 40
Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)
Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)
Chaves do Registro infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Refog Software (Refog.Keylogger) -> Quarantined and deleted successfully.
Valores do Registro infectados:
(Nenhum ítem malicioso foi detectado)
Ítens do Registro infectados:
(Nenhum ítem malicioso foi detectado)
Pastas infectadas:
C:\Documents and Settings\All Users\Dados de aplicativos\MPK (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\2 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\3 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\4 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\CPDA (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\CPDM (Refog.Keylogger) -> Quarantined and deleted successfully.
Arquivos infectados:
F:\ARJ\system32\cpwiuy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
F:\ARJ\system32\ecesq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
F:\ARJ\system32\t5rdv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
F:\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
F:\Arquivos de programas\Programas SRF\IRPF2006\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
F:\Arquivos de programas\Programas SRF\IRPF2007\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\cpwiuy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\t5rdv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\ecesq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\M0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4089064236 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4133139815 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4137062268 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4193811458 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_5405347569 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_5405380093 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40175_9693222569 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40181_7811125579 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40181_7866659375 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3588802083 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3594440741 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3599687037 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3901334606 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_4004736227 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40204_8766494792 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40204_9895888426 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\2\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\2\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\3\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\3\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\4\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\4\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Dados de aplicativos\MPK\CPDM\cpfm.bin (Refog.Keylogger) -> Quarantined and deleted successfully.
1.
*Abra o programa Malwarebytes e na aba [Quarentena], selecione os resultados abaixo e clique em [Restaurar]
G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLLG:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL
G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2004\DARF32CBX.DLL
G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2005\DARF32CBX.DLL
2.
Novo log do hijack.
Informe também como está a máquina.
Fiz exatamente como o recomendado. E gostaria de dizer que aparentemente parece ter sido resolvido o problema. Digo isso por ter mais de 16 horas seguidas e a internet ainda nao caiu.
Segue o LOG:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:15:01, on 2/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe
C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe
C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe
C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe
C:\Arquivos de programas\RALINK\Common\RaUI.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\CMMON32.EXE
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe
C:\Hijackthis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-329068152-1604221776-725345543-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LogMeInRemoteUser')
O4 - HKUS\S-1-5-21-329068152-1604221776-725345543-1005\..\RunOnce: [NeroHomeFirstStart] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMFirstStart.exe (User 'LogMeInRemoteUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Arquivos de programas\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9751A08-3841-4598-9B30-73D4887E52C6}: NameServer = 187.19.145.5 200.253.30.69
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC36E61F-5E5C-4BC7-8537-E8995644EA92}: NameServer = 187.19.145.5
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
--
End of file - 8518 bytes
OK...
Seu log está limpo.
Um abraço.
PROBLEMA RESOLVIDO!
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Bom dia o_pensador
você conhece?
D:\Fichamento\MPK