[Resolvido!]ERRO "SOCKET ERROR" #11004",

CRIS MARRA · Novembro 8, 2007

BOA NOITE, PESSOAL !!!

PRECISO DE AJUDA.....TODA VEZ Q LIGO MEU PC APARECE ESTE ERRO " INFECT - "SOCKET ERROR" #11004", PORÉM CONSIGO DESLIGAR E TRABALHAR NORMALMENTE.

POR FAVOR ME AJUDEM !!!!

GRATA

SEGUE ABAIXO MEU LOGFILE:

Logfile of HijackThis v1.99.1

Scan saved at 20:10:11, on 8/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe

C:\Arquivos de programas\iGinternet iLimitada\Discador iG.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\Windows32.exe

C:\WINDOWS\system32\export.com

C:\WINDOWS\system32\cftmon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIV~1\iGv6\sysbrand.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\java\SysBD.exe

C:\WINDOWS\java\SBB.exe

C:\WINDOWS\java\Syscef.exe

C:\WINDOWS\java\SysIta.exe

C:\WINDOWS\java\SysNsc.exe

C:\WINDOWS\java\SysRe.exe

C:\WINDOWS\java\BS.exe

C:\WINDOWS\java\STB.exe

C:\WINDOWS\java\CTB.exe

C:\WINDOWS\java\BHB.exe

C:\WINDOWS\java\CI.exe

C:\WINDOWS\java\CC.exe

C:\WINDOWS\java\SER.exe

C:\WINDOWS\java\UNI.exe

C:\WINDOWS\java\IFS.exe

C:\WINDOWS\java\infect.exe

C:\Arquivos de programas\WinZip\WZQKPICK.EXE

C:\Arquivos de programas\Discador itelefonica\DiscadorCompitelefonica.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\log file\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://farejador.ig.com.br

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de programas\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Arquivos de programas\Acelerador POP\components\NOWImaging.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O2 - BHO: TBSB00160 - {F882F0F4-2023-4905-A0F6-15054D5FE295} - C:\Arquivos de programas\IEToolbar\Recados\recados.dll

O3 - Toolbar: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Acelerador POP - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Arquivos de programas\Acelerador POP\Toolband.dll (file missing)

O3 - Toolbar: Recados Para Orkut - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Arquivos de programas\IEToolbar\Recados\recados.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Discador iG] "C:\Arquivos de programas\iGinternet iLimitada\Discador iG.exe" boot

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [slipStream] "C:\Arquivos de programas\Acelerador POP\slipcore.exe"

O4 - HKLM\..\Run: [Windows32] C:\Arquivos de programas\Windows32.exe

O4 - HKLM\..\Run: [taskmgra] C:\WINDOWS\system32\export.com

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [cftmon.exe] C:\WINDOWS\system32\cftmon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe"

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [NBJ] "C:\ARQUIV~1\Ahead\NEROBA~1\NBJ.exe"

O4 - HKCU\..\Run: [C:\WINDOWS\java\SysBD.exe] C:\WINDOWS\java\SysBD.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\SBB.exe] C:\WINDOWS\java\SBB.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\Syscef.exe] C:\WINDOWS\java\Syscef.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\SysIta.exe] C:\WINDOWS\java\SysIta.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\SysNsc.exe] C:\WINDOWS\java\SysNsc.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\SysRe.exe] C:\WINDOWS\java\SysRe.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\BS.exe] C:\WINDOWS\java\BS.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\STB.exe] C:\WINDOWS\java\STB.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\CTB.exe] C:\WINDOWS\java\CTB.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\BHB.exe] C:\WINDOWS\java\BHB.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\CI.exe] C:\WINDOWS\java\CI.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\CC.exe] C:\WINDOWS\java\CC.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\SER.exe] C:\WINDOWS\java\SER.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\UNI.exe] C:\WINDOWS\java\UNI.exe

O4 - HKCU\..\Run: [C:\WINDOWS\java\IFS.exe] C:\WINDOWS\java\IFS.exe

O4 - HKCU\..\Run: [infect] C:\WINDOWS\java\infect.exe

O4 - Global Startup: Acelerador POP.lnk = C:\Arquivos de programas\Acelerador POP\slipgui.exe

O4 - Global Startup: Windows32.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Arquivos de programas\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra button: Barra do iG - {FD1672E0-AE0D-465B-B345-F7B0944A121D} - C:\ARQUIV~1\iGv6\igshop.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1186542596968

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Arquivos de programas\AutoCAD 2000i\AcDcToday.ocx

O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred Control) - file://C:\Arquivos de programas\AutoCAD 2000i\InstFred.ocx

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Arquivos de programas\AutoCAD 2000i\AcPreview.ocx

O17 - HKLM\System\CCS\Services\Tcpip\..\{469D2FF2-53EC-468A-AA7E-E9E2A4F29481}: NameServer = 200.204.0.138 200.204.0.10

O17 - HKLM\System\CS1\Services\Tcpip\..\{469D2FF2-53EC-468A-AA7E-E9E2A4F29481}: NameServer = 200.204.0.138 200.204.0.10

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~2\GOEC62~1.DLL

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

DigRam · Novembro 9, 2007

Boa Noite CRIS MARRA!

>@< Faça o download do BankerFix.

>@< Baixe-o para o Desktop!

>@< Feche todas as janelas e o navegador,ao rodar o BankerFix.Desabilite,se possível,as proteções residente de AntiVírus e AntiSpywares.

>@< Dê um duplo clique no Bankerfix.exe,depois Enter. Aguarde!Ao terminar,leia a mensagem na tela ( Dos ),e dê Enter,novamente.

>@< Poste o relatorio.txt do BankerFix que está em C:\LinhaDefensiva\relatorio.txt

>@< Poste,também,um nôvo Log do HijackThis,na sua resposta.

Abraços!

CRIS MARRA · Novembro 10, 2007

OLÁ DIGRAM.....

SEGUE ABAIXO RELATÓRIO BANKERFIX:

BankerFix 2.4 - Removedor de Bankers

Linha Defensiva - http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

Data: 10/11/2007 - 10:24

-------------------------------------------------------

Lista de Definição: 2007-11-06-1

=======================================================

Arquivo infectado detectado: C:\WINDOWS\System\nppagent.exe

Arquivo infectado removido com sucesso!

Arquivo infectado detectado: C:\WINDOWS\System\regclean.cmd

Arquivo infectado removido com sucesso!

Arquivo infectado detectado: C:\WINDOWS\winload.inf

Arquivo infectado removido com sucesso!

Arquivo infectado detectado: C:\WINDOWS\system32\export.com

Arquivo infectado removido com sucesso!

Arquivo infectado detectado: C:\Arquivos de programas\Windows32.exe

Arquivo infectado removido com sucesso!

Arquivo infectado detectado: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Windows32.exe

Arquivo infectado removido com sucesso!

Killando arquivos em Help

-----------------------------------

Killing '*'

Removendo Arquivos em Help

-----------------------------------

----- Fim -------------------------

E AKI SEGUE MEU NOVO LOGFILE:

Logfile of HijackThis v1.99.1

Scan saved at 10:32:19, on 10/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\iGinternet iLimitada\Discador iG.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\WINDOWS\system32\cftmon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIV~1\iGv6\sysbrand.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\java\SysBD.exe

C:\WINDOWS\java\SBB.exe

C:\WINDOWS\java\Syscef.exe

C:\WINDOWS\java\SysIta.exe

C:\WINDOWS\java\SysNsc.exe

C:\WINDOWS\java\SysRe.exe

C:\WINDOWS\java\BS.exe

C:\WINDOWS\java\STB.exe

C:\WINDOWS\java\CTB.exe

C:\WINDOWS\java\BHB.exe

C:\WINDOWS\java\CI.exe

C:\WINDOWS\java\CC.exe

C:\WINDOWS\java\SER.exe

C:\WINDOWS\java\UNI.exe

C:\WINDOWS\java\IFS.exe

C:\WINDOWS\java\infect.exe

C:\Arquivos de programas\WinZip\WZQKPICK.EXE

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\wscntfy.exe