socketerro 1104

acsbel · 27 de janeiro de 2006

Logfile of HijackThis v1.99.1

Scan saved at 15:42:07, on 27-01-2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\Ati2evxx.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\alg.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Programas\Ficheiros comuns\Logitech\QCDriver2\LVCOMS.EXE

C:\Programas\Real\RealPlayer\RealPlay.exe

C:\Programas\Java\jre1.5.0_04\bin\jusched.exe

C:\Programas\Winamp\winampa.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE

C:\Programas\QuickTime\qttask.exe

C:\WINDOWS\msi.exe

C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Programas\Messenger\msmsgs.exe

C:\Programas\MSN Messenger\MsnMsgr.Exe

C:\WINDOWS\DvzCommon\DvzMsgr.exe

C:\Programas\Nikon\PictureProject\NkbMonitor.exe

C:\Programas\Palm\HOTSYNC.EXE

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE

C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\psimsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\WebProxy.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\PROGRA~1\Kounen\TRADUZ~1\2.0p\bin\Traduz.exe

C:\WINDOWS\System32\wuauclt.exe

C:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cabovisao.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: TraduzWeb - {2d43d3a0-ec29-11d2-8ade-0020182cecb3} - C:\Programas\Kounen\TraduzWeb\2.0p\bin\TWeb.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar2.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar2.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Barra do SAPO - {8DAC2EA6-20F9-441C-A4F1-B6FACCDD7D6B} - C:\DOCUME~1\ALEXAN~1\AMBIEN~1\A\SAPOBr.dll (file missing)

O3 - Toolbar: Tradu&zWeb - {2d43d3a4-ec29-11d2-8ade-0020182cecb3} - C:\Programas\Kounen\TraduzWeb\2.0p\bin\TWeb.dll

O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LVCOMS] C:\Programas\Ficheiros comuns\Logitech\QCDriver2\LVCOMS.EXE

O4 - HKLM\..\Run: [RealTray] C:\Programas\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programas\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Programas\Winamp\winampa.exe

O4 - HKLM\..\Run: [sCANINICIO] "C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"

O4 - HKLM\..\Run: [APVXDWIN] "C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\msi.exe

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Programas\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [spyware Cleaner] "C:\Programas\Spyware Cleaner\SpywareCleaner.Exe" /boot

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [TraduzU.exe] C:\PROGRA~1\Kounen\TRADUZ~1\2.0p\bin\TraduzU.exe

O4 - Startup: HotSync Manager.lnk = C:\Programas\Palm\HOTSYNC.EXE

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Programas\Nikon\PictureProject\NkbMonitor.exe

O8 - Extra context menu item: &Google Search - res://c:\programas\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\programas\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:\programas\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programas\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:\programas\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Tradu&zir - file://C:\Programas\Kounen\TraduzWeb\2.0p\bin\tw.html

O8 - Extra context menu item: Translate Page into English - res://c:\programas\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\MSMSGS.EXE

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://carretel.grude.ufmg.br/iNotes6.cab

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://jogos.sapo.pt/CLASSES/ExentCtl.ocx

O16 - DPF: {8DAC2EA6-20F9-441C-A4F1-B6FACCDD7D6B} (Barra do SAPO) - http://barra.sapo.pt/cab/SAPOBr.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/pt/check/qdiagh.cab?326

O17 - HKLM\System\CCS\Services\Tcpip\..\{14477F1B-54E5-43EE-AB72-CC23E2F37355}: NameServer = 194.65.100.117

O17 - HKLM\System\CS1\Services\Tcpip\..\{14477F1B-54E5-43EE-AB72-CC23E2F37355}: NameServer = 194.65.100.117

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe

O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe

O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe

O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe

O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programas\Panda Software\Panda Platinum 2005 Internet Security\psimsvc.exe