Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
acsbel

socketerro 1104

Recommended Posts

Logfile of HijackThis v1.99.1

Scan saved at 15:42:07, on 27-01-2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\alg.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programas\Ficheiros comuns\Logitech\QCDriver2\LVCOMS.EXE

C:\Programas\Real\RealPlayer\RealPlay.exe

C:\Programas\Java\jre1.5.0_04\bin\jusched.exe

C:\Programas\Winamp\winampa.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE

C:\Programas\QuickTime\qttask.exe

C:\WINDOWS\msi.exe

C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Programas\Messenger\msmsgs.exe

C:\Programas\MSN Messenger\MsnMsgr.Exe

C:\WINDOWS\DvzCommon\DvzMsgr.exe

C:\Programas\Nikon\PictureProject\NkbMonitor.exe

C:\Programas\Palm\HOTSYNC.EXE

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE

C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\psimsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\PROGRA~1\Kounen\TRADUZ~1\2.0p\bin\Traduz.exe

C:\WINDOWS\System32\wuauclt.exe

C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cabovisao.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: TraduzWeb - {2d43d3a0-ec29-11d2-8ade-0020182cecb3} - C:\Programas\Kounen\TraduzWeb\2.0p\bin\TWeb.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar2.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar2.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Barra do SAPO - {8DAC2EA6-20F9-441C-A4F1-B6FACCDD7D6B} - C:\DOCUME~1\ALEXAN~1\AMBIEN~1\A\SAPOBr.dll (file missing)

O3 - Toolbar: Tradu&zWeb - {2d43d3a4-ec29-11d2-8ade-0020182cecb3} - C:\Programas\Kounen\TraduzWeb\2.0p\bin\TWeb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Programas\Ficheiros comuns\Logitech\QCDriver2\LVCOMS.EXE

O4 - HKLM\..\Run: [RealTray] C:\Programas\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programas\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [sCANINICIO] "C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"

O4 - HKLM\..\Run: [APVXDWIN] "C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\msi.exe

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spyware Cleaner] "C:\Programas\Spyware Cleaner\SpywareCleaner.Exe" /boot

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [TraduzU.exe] C:\PROGRA~1\Kounen\TRADUZ~1\2.0p\bin\TraduzU.exe

O4 - Startup: HotSync Manager.lnk = C:\Programas\Palm\HOTSYNC.EXE

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programas\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: &Google Search - res://c:\programas\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\programas\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:\programas\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programas\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:\programas\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Tradu&zir - file://C:\Programas\Kounen\TraduzWeb\2.0p\bin\tw.html

O8 - Extra context menu item: Translate Page into English - res://c:\programas\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\MSMSGS.EXE

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://carretel.grude.ufmg.br/iNotes6.cab

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jogos.sapo.pt/CLASSES/ExentCtl.ocx

O16 - DPF: {8DAC2EA6-20F9-441C-A4F1-B6FACCDD7D6B} (Barra do SAPO) - http://barra.sapo.pt/cab/SAPOBr.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/pt/check/qdiagh.cab?326

O17 - HKLM\System\CCS\Services\Tcpip\..\{14477F1B-54E5-43EE-AB72-CC23E2F37355}: NameServer = 194.65.100.117

O17 - HKLM\System\CS1\Services\Tcpip\..\{14477F1B-54E5-43EE-AB72-CC23E2F37355}: NameServer = 194.65.100.117

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe

O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe

O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe

O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe

O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\psimsvc.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Reinicie o computador em modo seguro (pressione F8 durante a inicialização);

- Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\msi.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

- Localize e delete o arquivo em destaque:

C:\WINDOWS\msi.exe

- Reinicie em modo normal, veja se o problema foi resolvido, gere novo log e cole na sua resposta.

C:\Programas\Spyware Cleaner

Recomendo a desinstalação deste programa. Ele está na lista de antispywares suspeitos por apresentar falsos positivos.

http://www.spywarewarrior.com/rogue_anti-spyware.htm

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×