Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

smilekr82

[Resolvido] Comp lerdo e travado

Recommended Posts

Oi, eu estou com o pc da firma mto lento e travando mto. Eu estive olhando o topico com problema parecido com o meu. Entao utilizei o programa q pediram para ele passar. Vou postar o log espero q me ajudem. Obrigado. Provavelmente eu vou continuar mexendo nesse comp amanha de manha. Obrigado!!!

 

 

Logfile of HijackThis v1.99.1

Scan saved at 오전 5:50:52, on 2006-07-18

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINDOWS\VVNFUg\command.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\ossvc.exe

C:\WINDOWS\system32\ieaus.exe

C:\WINDOWS\System32\SCHAS.EXE

C:\WINDOWS\System32\sucker.exe

C:\WINDOWS\System32\sucker.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\HijackThis\HijackThis.exe

 

R3 - URLSearchHook: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\Affiliate Beta\untitled.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\Affiliate Beta\untitled.dll

O3 - Toolbar: 라디오(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (1 ??)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P37 "EPSON Stylus Photo R200 Series (1 ??)" /O6 "USB001" /M "Stylus Photo R200"

O4 - HKLM\..\Run: [Windows ASN4 Services] fdnc.exe

O4 - HKLM\..\Run: [keyboard] c:\\kybrd_1.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe /auto

O4 - HKLM\..\Run: [Windows MS Update 32] sucker.exe

O4 - HKLM\..\RunServices: [Windows ASN4 Services] fdnc.exe

O4 - HKLM\..\RunServices: [Windows MS Update 32] sucker.exe

O4 - HKLM\..\RunOnce: [Windows MS Update 32] sucker.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Windows MS Update 32] sucker.exe

O4 - HKCU\..\RunOnce: [Windows MS Update 32] sucker.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\Affiliate Beta\untitled.dll

O9 - Extra 'Tools' menuitem: Affiliate Beta - {C49DD894-C6DE-4910-8C41-BA20F852D8BC} - C:\Program Files\Affiliate Beta\untitled.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab

O16 - DPF: {20AC97A6-EA84-437D-89F4-05EA923ADAD3} (RewardNetwork clxLauncher Class) - http://codebase.cleanx.co.kr/codebase/launcher/WScleanx.cab

O16 - DPF: {213282C9-DDC9-4471-8ADD-280604FBD74F} (CCInst Control) - http://down.c-zero.co.kr/cab2/CCInst.CAB

O16 - DPF: {32A9207F-23EF-447E-984A-80E11D3DDB10} (WebC2X Control) - http://www.127.co.kr/tool/WebC240.cab

O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab

O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10

O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - http://mail.daum.net/hanmail-ax/hanmail.cab

O16 - DPF: {A8497454-CB7D-4877-A633-3932BF776A6A} (Webinstall Control) - http://211.214.161.198/downloads/hana/hana163/Webinstall.cab

O16 - DPF: {AF11AA64-87A5-4146-AF3B-A7BD0F278485} (SBStarter Control) - http://download.soribada.com/down/Soribada...705/SBStart.CAB

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\kt4ul7h91.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\VVNFUg\command.exe

O23 - Service: fwnet64 (fwnet) - Unknown owner - C:\WINDOWS\fwnet64.exe (file missing)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Open Search Keyword Services (ossvc) - Brainnames - C:\WINDOWS\system32\ossvc.exe

O23 - Service: Ineterner Explorer Add Update Services (updatecheck) - Brainnames - C:\WINDOWS\system32\ieaus.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites
Platform: Windows XP SP1 (WinNT 5.01.2600)
Que windows que você usa?

<_<

 

... opa smilekr82,

 

Vá em Iniciar -> Executar -> digite msconfig -> dê Ok -> aba Inicializar -> marque todas as caixas. Feito isto poste um novo log.

 

Abraços.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Platform: Windows XP SP1 (WinNT 5.01.2600)
Que windows que você usa?

<_<

 

... opa smilekr82,

 

Vá em Iniciar -> Executar -> digite msconfig -> dê Ok -> aba Inicializar -> marque todas as caixas. Feito isto poste um novo log.

 

Abraços.

 

 

Logfile of HijackThis v1.99.1

Scan saved at 오후 10:47:13, on 2006-07-20

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINDOWS\VVNFUg\command.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\ossvc.exe

C:\WINDOWS\system32\ieaus.exe

C:\WINDOWS\System32\SCHAS.EXE

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\sucker.exe

C:\WINDOWS\System32\sucker.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\HijackThis\HijackThis.exe

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: 라디오(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (1 ??)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P37 "EPSON Stylus Photo R200 Series (1 ??)" /O6 "USB001" /M "Stylus Photo R200"

O4 - HKLM\..\Run: [Windows ASN4 Services] fdnc.exe

O4 - HKLM\..\Run: [keyboard] c:\\kybrd_1.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Windows MS Update 32] sucker.exe

O4 - HKLM\..\Run: [ClubBox] sucker.exe

O4 - HKLM\..\RunServices: [Windows ASN4 Services] fdnc.exe

O4 - HKLM\..\RunServices: [Windows MS Update 32] sucker.exe

O4 - HKLM\..\RunOnce: [Windows MS Update 32] sucker.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Windows MS Update 32] sucker.exe

O4 - HKCU\..\RunOnce: [Windows MS Update 32] sucker.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab

O16 - DPF: {20AC97A6-EA84-437D-89F4-05EA923ADAD3} (RewardNetwork clxLauncher Class) - http://codebase.cleanx.co.kr/codebase/launcher/WScleanx.cab

O16 - DPF: {213282C9-DDC9-4471-8ADD-280604FBD74F} (CCInst Control) - http://down.c-zero.co.kr/cab2/CCInst.CAB

O16 - DPF: {32A9207F-23EF-447E-984A-80E11D3DDB10} (WebC2X Control) - http://www.127.co.kr/tool/WebC240.cab

O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab

O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10

O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - http://mail.daum.net/hanmail-ax/hanmail.cab

O16 - DPF: {A8497454-CB7D-4877-A633-3932BF776A6A} (Webinstall Control) - http://211.214.161.198/downloads/hana/hana163/Webinstall.cab

O16 - DPF: {AF11AA64-87A5-4146-AF3B-A7BD0F278485} (SBStarter Control) - http://download.soribada.com/down/Soribada...705/SBStart.CAB

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\kt4ul7h91.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\VVNFUg\command.exe

O23 - Service: fwnet64 (fwnet) - Unknown owner - C:\WINDOWS\fwnet64.exe (file missing)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Open Search Keyword Services (ossvc) - Brainnames - C:\WINDOWS\system32\ossvc.exe

O23 - Service: Ineterner Explorer Add Update Services (updatecheck) - Brainnames - C:\WINDOWS\system32\ieaus.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

Opa smilekr82,

 

Vamos lá.

 

Habilite o Windows para mostrar todos os arquivos (até ocultos).

 

1ª Etapa

 

Baixe o Killbox em:

Killbox

 

Baixe, mas não execute ainda.

 

2ª Etapa

 

Faça o seguinte:

 

Iniciar -->Executar --> digite services.msc e dê OK.

 

Procure o serviço Open Search Keyword Services.

 

Dê um clique direito nele e vá para Propriedades.

 

Clique em Parar e modifique o Tipo de Inicialização para Desativado.

 

Repita a operação para:

 

fwnet64

Ineterner Explorer Add Update Services

 

1. Execute o Killbox, clique em Delete on Reboot.

 

2. Copie a lista abaixo em negrito para a área de transferência. Selecione --> Editar --> Copiar.

C:\WINDOWS\system32\ossvc.exe

C:\WINDOWS\system32\ieaus.exe

C:\WINDOWS\System32\SCHAS.EXE

C:\WINDOWS\System32\sucker.exe

C:\WINDOWS\system32\fdnc.exe

C:\WINDOWS\system32\kt4ul7h91.dll

C:\WINDOWS\VVNFUg\command.exe

C:\WINDOWS\fwnet64.exe

c:\\kybrd_1.exe

3. Retorne ao Killbox. Clique em File > Paste from clipboard. Clique em All Files.

 

4. Aperte em "X". Responda "não" à pergunta.

 

É prudente que você faça a impressão deste documento ou salve-o em um lugar de fácil acesso, pois na próxima etapa entraremos em Modo de Seguro e a conexão à internet não será possível.

 

3ª Etapa

 

Reinicie o computador em Modo Seguro (após reiniciar aperte a tecla F8 até aparecer uma tela preta em DOS e escolha Modo Seguro).

 

Execute o HijackThis, clique em Open the Misc Tools section.

 

Clique em Delete an NT service.

 

Coloque:

 

Open Search Keyword Services

 

Elimine o serviço.

 

Repita a operação para:

 

fwnet64

Ineterner Explorer Add Update Services

 

Execute o HijackThis novamente, clique em Do a system scan only e marque:

O4 - HKLM\..\Run: [Windows ASN4 Services] fdnc.exe

O4 - HKLM\..\Run: [keyboard] c:\\kybrd_1.exe

O4 - HKLM\..\Run: [Windows MS Update 32] sucker.exe

O4 - HKLM\..\Run: [ClubBox] sucker.exe

O4 - HKLM\..\RunServices: [Windows ASN4 Services] fdnc.exe

O4 - HKLM\..\RunServices: [Windows MS Update 32] sucker.exe

O4 - HKLM\..\RunOnce: [Windows MS Update 32] sucker.exe

O4 - HKCU\..\Run: [Windows MS Update 32] sucker.exe

O4 - HKCU\..\RunOnce: [Windows MS Update 32] sucker.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O16 - DPF: {32A9207F-23EF-447E-984A-80E11D3DDB10} (WebC2X Control) - http://www.127.co.kr/tool/WebC240.cab

O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab

O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10

O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - http://mail.daum.net/hanmail-ax/hanmail.cab

O16 - DPF: {A8497454-CB7D-4877-A633-3932BF776A6A} (Webinstall Control) - http://211.214.161.198/downloads/hana/hana163/Webinstall.cab

O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\kt4ul7h91.dll (file missing)

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\VVNFUg\command.exe

O23 - Service: fwnet64 (fwnet) - Unknown owner - C:\WINDOWS\fwnet64.exe (file missing)

O23 - Service: Open Search Keyword Services (ossvc) - Brainnames - C:\WINDOWS\system32\ossvc.exe

O23 - Service: Ineterner Explorer Add Update Services (updatecheck) - Brainnames - C:\WINDOWS\system32\ieaus.exe

Clique em Fix Checked.

 

4ª Etapa

 

Reinicie em Modo Normal.

 

Poste o novo log do HijackThis.

 

Aguardo retorno.

 

Um abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Logfile of HijackThis v1.99.1

Scan saved at 오후 10:45:47, on 2006-07-24

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\HijackThis\HijackThis.exe

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: 라디오(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (1 ??)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE /P37 "EPSON Stylus Photo R200 Series (1 ??)" /O6 "USB001" /M "Stylus Photo R200"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\RunServices: [Windows ASN4 Services] fdnc.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab

O16 - DPF: {20AC97A6-EA84-437D-89F4-05EA923ADAD3} (RewardNetwork clxLauncher Class) - http://codebase.cleanx.co.kr/codebase/launcher/WScleanx.cab

O16 - DPF: {213282C9-DDC9-4471-8ADD-280604FBD74F} (CCInst Control) - http://down.c-zero.co.kr/cab2/CCInst.CAB

O16 - DPF: {AF11AA64-87A5-4146-AF3B-A7BD0F278485} (SBStarter Control) - http://download.soribada.com/down/Soribada...705/SBStart.CAB

O17 - HKLM\System\CCS\Services\Tcpip\..\{BEA0CF16-8AE1-4413-9EED-D4CD2500BC61}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\VVNFUg\command.exe (file missing)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

 

 

Nessa ultima etapa eu não encontrei os 3 últimos itens. Será que deu algo de errado?

O23 - Service: fwnet64 (fwnet) - Unknown owner - C:\WINDOWS\fwnet64.exe (file missing)

O23 - Service: Open Search Keyword Services (ossvc) - Brainnames - C:\WINDOWS\system32\ossvc.exe

O23 - Service: Ineterner Explorer Add Update Services (updatecheck) - Brainnames - C:\WINDOWS\system32\ieaus.exe

 

 

Agradeco a sua ajuda jgarcia. Infelizmente, tenho mais 3 comps para checar. Espero que você possa me ajudar novamente.

 

Mais uma dúvida. O que são estes 2 itens? Saberia me dizer?

 

O3 - Toolbar: 라디오(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

 

O16 - DPF: {20AC97A6-EA84-437D-89F4-05EA923ADAD3} (RewardNetwork clxLauncher Class) - http://codebase.cleanx.co.kr/codebase/launcher/WScleanx.cab

Compartilhar este post


Link para o post
Compartilhar em outros sites

Opa smilekr82,

 

Baixe o SpySweeper em:

SpySweeper

 

Baixe e atualize o banco de dados, mas não execute ainda.

 

Execute o HijackThis, clique em Do a system scan only e marque:

O4 - HKLM\..\RunServices: [Windows ASN4 Services] fdnc.exe

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\VVNFUg\command.exe (file missing)

Clique em Fix Checked.

 

Reinicie em Modo Seguro.

 

Execute uma verificação completa com o SpySweeper.

 

Reinicie em Modo Normal.

 

Poste um novo log.

 

Abraços.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Lá vamos nós de novo. ^^

 

Logfile of HijackThis v1.99.1

Scan saved at 오후 11:14:56, on 2006-07-25

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\HijackThis\HijackThis.exe

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: 라디오(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [ink Monitor] "C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe"

O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (1 ??)] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXE" /P37 "EPSON Stylus Photo R200 Series (1 ??)" /O6 "USB001" /M "Stylus Photo R200"

O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab

O16 - DPF: {20AC97A6-EA84-437D-89F4-05EA923ADAD3} (RewardNetwork clxLauncher Class) - http://codebase.cleanx.co.kr/codebase/launcher/WScleanx.cab

O16 - DPF: {213282C9-DDC9-4471-8ADD-280604FBD74F} (CCInst Control) - http://down.c-zero.co.kr/cab2/CCInst.CAB

O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab

O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10

O16 - DPF: {A00B2A53-60D9-4477-ADA3-60490770C5E0} (Hanmail Upload Control) - http://mail.daum.net/hanmail-ax/hanmail.cab

O16 - DPF: {AF11AA64-87A5-4146-AF3B-A7BD0F278485} (SBStarter Control) - http://download.soribada.com/down/Soribada...705/SBStart.CAB

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

Opa smilekr82,

 

Este log está LIMPO. :thumbsup:

 

Para finalizar:

 

1. Desabilite e Reabilite a função de Restauração Automática do XP. Clique aqui para ver como;

 

2. Atualize o seu Sistema Operacional urgentemente.

 

Para que tenha uma idéia, já foram lançados 02 (dois) grandes pacotes de atualização de (SP1 e SP2) e você só possui o primeiro deles instalado. Utilize o Windows UpDate contido no menu Iniciar ou solicite o CD SP2 a um amigo (melhor opção).

 

Abraços.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Obrigado jgarcia.

Mase essa atualização pode ser feita por quem tem windows pirata?

Pode sim. Basta marcar Automática em Atualizações Automáticas e deixar que as atualizações sejam baixadas e instaladas (desde que esteja conectado). Aqui tem funcionado que é uma beleza, he he (cuidado com os espiões do tio Bill).

 

Abraços.

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto é necessário enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.