[Arquivado] Problema Ao Ligar Windows 2000

[Afonso Campaneli 0]

Olá, estou tendo um problema com uma máquina w2000, ela não inicia as vezes... ela liga mas não chega na tela de login... fica travada.

 

Segue log para Analise:

 

Logfile of HijackThis v1.99.1

Scan saved at 17:45:30, on 11/09/2007

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\System32\SCardSvr.exe

C:\WINNT\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

C:\WINNT\system32\spoolsv.exe

c:\progress\DLC91B\bin\AdmSrvc.exe

C:\Arquivos de programas\Symantec AntiVirus\DefWatch.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\jview.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\ARQUIV~1\MICROS~3\MSSQL$~1\binn\sqlservr.exe

C:\ARQUIV~1\MICROS~3\MSSQL\binn\sqlservr.exe

C:\Arquivos de programas\Microsoft Analysis Services\Bin\msmdsrv.exe

C:\Arquivos de programas\ngsrv\ngslotd.exe

C:\WINNT\system32\regsvc.exe

C:\Arquivos de programas\Symantec AntiVirus\SavRoam.exe

C:\WINNT\system32\MSTask.exe

C:\ARQUIV~1\MICROS~3\MSSQL\binn\sqlagent.exe

C:\WINNT\system32\stisvc.exe

C:\Arquivos de programas\Symantec AntiVirus\Rtvscan.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\WINNT\system32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\hkcmd.exe

C:\WINNT\system32\JupitCo.exe

C:\Arquivos de programas\ngsrv\epsng_certd.exe

C:\Arquivos de programas\Java\jre1.5.0_09\bin\jusched.exe

C:\WINNT\system32\aetcrss1.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe

C:\ARQUIV~1\SYMANT~1\VPTray.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Arquivos de programas\Java\jre1.5.0_09\bin\jucheck.exe

C:\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [igfxTray] C:\WINNT\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe

O4 - HKLM\..\Run: [uSB SECURITY DEVICE CoInstaller] JupitCo.exe

O4 - HKLM\..\Run: [epsng_certd] C:\Arquivos de programas\ngsrv\epsng_certd.exe -r

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.5.0_09\bin\jusched.exe"

O4 - HKLM\..\Run: [CertificateRegistration] aetcrss1.exe

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\ARQUIV~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\RunServices: [Pic Personal Firewall] pics.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Service Manager.lnk = C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...tup1.0.0.15.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164649125376

O16 - DPF: {6F7864F9-DB33-11D3-8166-0060B0F885E6} (VSPTA Class) - https://cert.bancodobrasil.com.br/VSApps/vspta3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} (GbPluginObj Class) - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = coimex.net

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = coimex.net

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = coimex.net

O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll

O23 - Service: AdminService for PROGRESS 9.1B (AdminService9.1B) - Unknown owner - c:\progress\DLC91B\bin\AdmSrvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Arquivos de programas\Symantec AntiVirus\DefWatch.exe

O23 - Service: Serviço administrativo do gerenciador de disco lógico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: ngSlotDaemon (ngSlotD) - ^_^ - C:\Arquivos de programas\ngsrv\ngslotd.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

O23 - Service: ProService for 8.3B (ProService8.3B) - Progress Software - C:\PROGRESS\DLC83B\bin\ProSrvc.exe

O23 - Service: ProService for 9.1B (ProService9.1B) - Progress Software - c:\progress\DLC91B\bin\ProSrvc.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Arquivos de programas\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Arquivos de programas\Symantec AntiVirus\Rtvscan.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

[taij 0]

Quando conseguir ligar seu computador instala o msconfig.exeEle vai te dizer os programas que iniciam no começo, tenta desativar aquele que são suspeitos.

[taij 0]

Quando conseguir ligar seu computador instala o msconfig.exeEle vai te dizer os programas que iniciam no começo, tenta desativar aquele que são suspeitos.

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.