[Resolvido!] Conexao da Net cai a todo instante

o_pensador · Janeiro 29, 2010

Tenho uma conexao a radio em minha residencia. Uso uma velocidade de 512k. Só que ultimamente nao consigo permanecer por mais de 2 min e a mesma desconecta a todo instante. Ainda consigo ficar algum tempo se eu estiver fazendo algum download, caso contrario a mesma cai, pra se ter uma ideia, se nao observar o progrsso do download, basta ele terminar e a conexao volta a cair. E isso por incrivel que pareca é um saco, Tenho que a todo instante fazer download. Gostaria que voces analizassem o meu LOG e me dessem alguma dica.

Atenciosamente,

Rubens Duarte

O MEU LOG:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:48:31, on 28/1/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

D:\Fichamento\MPK\MPK.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe

C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\RALINK\Common\RaUI.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\CMMON32.EXE

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Hijackthis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,D:\Fichamento\MPK\MPK.exe,

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Arquivos de programas\RALINK\Common\RaUI.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{E9751A08-3841-4598-9B30-73D4887E52C6}: NameServer = 187.19.145.5 200.253.30.69

O17 - HKLM\System\CCS\Services\Tcpip\..\{EC36E61F-5E5C-4BC7-8537-E8995644EA92}: NameServer = 187.19.145.5

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

--

End of file - 8184 bytes

wings · Janeiro 29, 2010

Bom dia o_pensador

você conhece?

D:\Fichamento\MPK

o_pensador · Janeiro 29, 2010

Bom dia o_pensador

você conhece?

D:\Fichamento\MPK

NÃO CONHEÇO ...

wings · Janeiro 30, 2010

*Baixe o MSNFix e salve-o no desktop

*Extraia a pasta para o desktop

*Desative temporariamente seu antivírus

Clique com o botão direito do mouse no ícone do Avira ao lado do relógio > clique na opção "AntiVir Guard enable".

*Reinicie o PC em Modo de Segurança (aperte F8 de forma intermitente durante a inicialização do PC e selecione "Modo Seguro)

*Na pasta MSNFix execute o arquivo MSN.bat

*Tecle [R] > [ENTER]

*Se alguma infecção for encontrada, no alto da tela surgirá uma mensagem "Infection Present"

*Tecle [N] > [ENTER]

*Para sair do programa tecle [Q] > [ENTER]

*Reinicie o PC em Modo Normal

*Cole o relatório criado em C:\msnfix.txt

o_pensador · Fevereiro 1, 2010

Fiz exatamente como o recomendado. Não foi encontrado nenhum VIRUS. Só que ao terminar procurei o ARQUIVO que deveria ser postado com o endereço C:\MSNFIX.txt só que o mesmo nao existe. O que vou colocar é o que tem no seguinte endereco: C:\WINDOWS\MSNFIX.txt

MSNFix 1.749

C:\Documents and Settings\TarTech\Desktop\MSNFix

Fix lançado dia seg 01/02/2010 - 19:51:36,04 By TarTech

modo normal

************************ Procurando os arquivos presentes

Nenhum arquivo encontrado

************************ Procurando as pastas presentes

Nenhuma pasta encontrada

wings · Fevereiro 2, 2010

OK...

1.

*Delete o MSNFix

2.

*Baixe o MalwareBytes Anti-malware e salve-o no desktop:

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as unidades a serem examinadas

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Selecione todos os rtesultados e clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado. Cole-o na sua próxima resposta.

o_pensador · Fevereiro 2, 2010

OK...

1.

*Delete o MSNFix

2.

*Baixe o MalwareBytes'>http://www.filehippo.com/download_malwarebytes_anti_malware/"]MalwareBytes Anti-malware e salve-o no desktop:

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as unidades a serem examinadas

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Selecione todos os rtesultados e clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado. Cole-o na sua próxima resposta.

SEGUE O RELATORIO PEDIDO:

Malwarebytes' Anti-Malware 1.44

Versão do banco de dados: 3675

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

2/2/2010 10:14:39

mbam-log-2010-02-02 (10-14-39).txt

Tipo de Verificação: Completa (C:\|D:\|F:\|G:\|)

Objetos verificados: 332110

Tempo decorrido: 2 hour(s), 36 minute(s), 21 second(s)

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 2

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 7

Arquivos infectados: 40

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Refog Software (Refog.Keylogger) -> Quarantined and deleted successfully.

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

Pastas infectadas:

C:\Documents and Settings\All Users\Dados de aplicativos\MPK (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\2 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\3 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\4 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\CPDA (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\CPDM (Refog.Keylogger) -> Quarantined and deleted successfully.

Arquivos infectados:

F:\ARJ\system32\cpwiuy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

F:\ARJ\system32\ecesq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

F:\ARJ\system32\t5rdv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

F:\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

F:\Arquivos de programas\Programas SRF\IRPF2006\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

F:\Arquivos de programas\Programas SRF\IRPF2007\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

F:\WINDOWS\system32\cpwiuy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

F:\WINDOWS\system32\t5rdv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

F:\WINDOWS\system32\ecesq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2004\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2005\DARF32CBX.DLL (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\M0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4089064236 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4133139815 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4137062268 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_4193811458 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_5405347569 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40166_5405380093 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40175_9693222569 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40181_7811125579 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40181_7866659375 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3588802083 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3594440741 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3599687037 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_3901334606 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40187_4004736227 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40204_8766494792 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\I40204_9895888426 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\1\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\2\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\2\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\3\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\3\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\4\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\4\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Dados de aplicativos\MPK\CPDM\cpfm.bin (Refog.Keylogger) -> Quarantined and deleted successfully.

wings · Fevereiro 2, 2010

1.

*Abra o programa Malwarebytes e na aba [Quarentena], selecione os resultados abaixo e clique em [Restaurar]

G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2004\DARF32CBX.DLL
G:\HD_4GB\Arquivos de programas\Programas SRF\IRPF2005\DARF32CBX.DLL

G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2004\DARF32CBX.DLL

G:\HD_4GB\HD-ANTIGO\Programas SRF\IRPF2005\DARF32CBX.DLL

2.

Novo log do hijack.

Informe também como está a máquina.

o_pensador · Fevereiro 2, 2010

Fiz exatamente como o recomendado. E gostaria de dizer que aparentemente parece ter sido resolvido o problema. Digo isso por ter mais de 16 horas seguidas e a internet ainda nao caiu.

Segue o LOG:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:15:01, on 2/2/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe

C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe

C:\Arquivos de programas\RALINK\Common\RaUI.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe