[Resolvido] Internet fechando paginas toda hora sem motivo...

plugado · Maio 8, 2008

olá pessoal estou com um probleminha chato pra dedéu...de uns dias pra cá eu estou tranquilo na net qd de repente fecham todas as paginas assim do nada...na maioria das vezes é qd eu clico para abrir outra por exemplo no google qd faço uma pesquisa q clico na pagina q eu kero abrir aí fecha tudo será q é um malware?

scaniei com o antivirus e n achei nada....jah excluí cookies,arquivos temp e o problema continua

alguem tem ideia do q seja?

Esse é meu log

Logfile of HijackThis v1.99.1

Scan saved at 14:31:35, on 7/5/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\FixCamera.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\tsnp2std.exe

C:\WINDOWS\vsnp2std.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\PowerArchiver\PASTARTER.EXE

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\DOCUME~1\ALL\CONFIG~1\Temp\Vgdtv7mo.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Documents and Settings\ALL\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe "

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [msci] C:\DOCUME~1\ALL\CONFIG~1\Temp\20078993844_mcinfo.e xe /insfin

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe

O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Arquivos de programas\PowerArchiver\PASTARTER.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{3147C8AA-0E72-44B8-965C-BBC9EBC0B806}: NameServer = 200.241.52.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{85E5BCAA-C008-40CE-8680-37B8D5A62457}: NameServer = 200.165.132.154 200.165.132.148

O17 - HKLM\System\CS1\Services\Tcpip\..\{3147C8AA-0E72-44B8-965C-BBC9EBC0B806}: NameServer = 200.241.52.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{3147C8AA-0E72-44B8-965C-BBC9EBC0B806}: NameServer = 200.241.52.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Silas Martins · Maio 8, 2008

Siga as instruções abaixo:

Baixe o Killbox

Execute o KillBox,clique em Delete on Reboot.

Copie a lista abaixo:

C:\DOCUME~1\ALL\CONFIG~1\Temp\Vgdtv7mo.exe

Vá ao Killbox.E clique em File > Paste from clipboard. Clique em All Files.

Pressione "X". Responda "NÃO" à pergunta.

Reinicie

o computador em Modo Seguro (após reiniciar aperte a tecla F8 repetidamente até aparecer uma tela preta em DOS e escolha Modo Seguro).

Execute o HijackThis, clique em Do a system scan only e selecione as linhas:

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

03 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O4 - HKLM\..\Run: [msci] C:\DOCUME~1\ALL\CONFIG~1\Temp\20078993844_mcinfo.e xe /insfin

Clique em Fix Checked

Feito isso Reinicie em modo normal e gere um novo log do Hijackthis.

Aguardo retorno.

plugado · Maio 8, 2008

Siga as instruções abaixo:

Baixe o Killbox

Execute o KillBox,clique em Delete on Reboot.

Copie a lista abaixo:

C:\DOCUME~1\ALL\CONFIG~1\Temp\Vgdtv7mo.exe

Vá ao Killbox.E clique em File > Paste from clipboard. Clique em All Files.

Pressione "X". Responda "NÃO" à pergunta.

Reinicie

o computador em Modo Seguro (após reiniciar aperte a tecla F8 repetidamente até aparecer uma tela preta em DOS e escolha Modo Seguro).

Execute o HijackThis, clique em Do a system scan only e selecione as linhas:

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

03 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

O4 - HKLM\..\Run: [msci] C:\DOCUME~1\ALL\CONFIG~1\Temp\20078993844_mcinfo.e xe /insfin

Clique em Fix Checked

Feito isso Reinicie em modo normal e gere um novo log do Hijackthis.

Aguardo retorno.

amigao fiz o q você mandou...meu novo log é esse

Logfile of HijackThis v1.99.1

Scan saved at 20:50:20, on 8/5/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\PV92Tray.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\FixCamera.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\tsnp2std.exe

C:\WINDOWS\vsnp2std.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\PowerArchiver\PASTARTER.EXE

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Documents and Settings\ALL\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"