Posted by: carlbug
« on: 02. September 2011., 07:41:38 »for me the above version is the best... I use it without major issues.
Posted by: Samker
« on: 27. August 2011., 14:03:27 »Posted by: Duar97
« on: 27. August 2011., 12:52:04 »thanks alot samker...
Posted by: Samker
« on: 25. August 2011., 09:01:53 »Hi again D.
It's little bit hard for me to check HJT log in Portuguese
, but I agree with BitDefender "Não foram encontradas infecções" ("There were no infections.").
However, I have few advices, to try, to little bit speedup your PC:
1. Run again HJT and remove this items:
2. I'm almost sure that you don't need all these Toolbars: Bing, ZoneAlarm, Site Advisor etc. Check your: Control Panel / Add or Remove Programs and uninstall some of them. My advice is to remove all of them, except Site Advisor.
3. Download and Use CCleaner: http://scforum.info/index.php/topic,1133.0.html I'm sure it'll clean a lot of Internet "garbage".
4. As I remember, ZoneAlarm FW doesn't work good in combination with McAfee... to slow start-up on my Desktop. If you have same problems think about possibility to change some of them with FREE solutions from SCF's download areas (you know that your McAfee 8.5 will not have support after Dec. 2011.):
- SCF's AV area: http://scforum.info/index.php/board,10.0.html
- SCF's FW area: http://scforum.info/index.php/board,13.0.html
My advice is to use FREE Avira Anti-Virus (or to buy license from some well know AV Company), last months (in my experience) it have better results in comparative with other Free AV's.
Related to FireWall ZoneAlarm is very good, but Comodo also provide solid protection with it's Free version.
Hope these advices will help you??
Best Regards,
S.
It's little bit hard for me to check HJT log in Portuguese
, but I agree with BitDefender "Não foram encontradas infecções" ("There were no infections.").However, I have few advices, to try, to little bit speedup your PC:
1. Run again HJT and remove this items:
Quote
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Programas\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SwitchBoard] C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"
2. I'm almost sure that you don't need all these Toolbars: Bing, ZoneAlarm, Site Advisor etc. Check your: Control Panel / Add or Remove Programs and uninstall some of them. My advice is to remove all of them, except Site Advisor.
3. Download and Use CCleaner: http://scforum.info/index.php/topic,1133.0.html I'm sure it'll clean a lot of Internet "garbage".
4. As I remember, ZoneAlarm FW doesn't work good in combination with McAfee... to slow start-up on my Desktop. If you have same problems think about possibility to change some of them with FREE solutions from SCF's download areas (you know that your McAfee 8.5 will not have support after Dec. 2011.):
- SCF's AV area: http://scforum.info/index.php/board,10.0.html
- SCF's FW area: http://scforum.info/index.php/board,13.0.html
My advice is to use FREE Avira Anti-Virus (or to buy license from some well know AV Company), last months (in my experience) it have better results in comparative with other Free AV's.
Related to FireWall ZoneAlarm is very good, but Comodo also provide solid protection with it's Free version.
Hope these advices will help you??
Best Regards,
S.
Posted by: Samker
« on: 24. August 2011., 19:38:05 »Quote
Samker gave me the password of the patch and problems dissapered, but for i runned the HijackThis and this is the log:
...
Ok D.
As I was explain you in PM, I'm just came home from vacation in Neum (Bosnia and Herzegovina / Europe): http://en.wikipedia.org/wiki/Neum
First thing to do is to check your logs and for that I need, at least, few hours... so, expect your results - tomorrow.
Regards,
S.
Posted by: Duar97
« on: 24. August 2011., 10:46:07 »Bit Defender Online Scan Log:
QuickScan Beta 32-bit v0.9.9.98
-------------------------------
Data da análise: Wed Aug 24 10:44:20 2011
ID da máquina: 4C8A3440
Não foram encontradas infecções.
--------------------------------
Processos
---------
DiskScan.exe 3556 C:\Programas\IObit\Advanced SystemCare 4\DiskScan.exe
Hewlett-Packard hpotdd01 2712 C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Nalpeiron License Management 2088 C:\WINDOWS\system32\nlssrv32.exe
VirusScan Enterprise 2788 C:\Programas\McAfee\VirusScan Enterprise\shstat.exe
VirusScan Enterprise 388 C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
VSCORE.13.3.2.137.x86 236 C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
(verificado) IoctlSvc Application 2280 C:\WINDOWS\system32\IoctlSvc.exe
(verificado) Advanced SystemCare 2196 C:\Programas\IObit\Advanced SystemCare 4\ASC.exe
(verificado) Advanced SystemCare 1528 C:\Programas\IObit\Advanced SystemCare 4\ASCService.exe
(verificado) Advanced SystemCare 4 Tray 3532 C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
(verificado) ATI Desktop Component 3032 C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
(verificado) ati2evxx.exe 1360 C:\WINDOWS\system32\ati2evxx.exe
(verificado) Bing Bar 2320 C:\Programas\Microsoft\BingBar\SeaPort.EXE
(verificado) Firefox 1980 C:\Programas\Mozilla Firefox\firefox.exe
(verificado) Firefox 3548 C:\Programas\Mozilla Firefox\plugin-container.exe
(verificado) Firefox 1732 C:\Programas\Mozilla Firefox\plugin-container.exe
(verificado) Hewlett-Packard hpwuSchd 2696 C:\Programas\Hewlett-Packard\HP Software Update\hpwuSchd.exe
(verificado) hp coretech (COmponent REuse TECHnolog 3168 C:\Programas\HP\hpcoretech\hpcmpmgr.exe
(verificado) HP DeskJet 3188 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
(verificado) Java(TM) Platform SE 6 U24 1832 C:\Programas\Java\jre6\bin\jqs.exe
(verificado) McAfee Common Framework 1948 C:\Programas\McAfee\Common Framework\FrameworkService.exe
(verificado) McAfee Common Framework 3808 C:\Programas\McAfee\Common Framework\Mctray.exe
(verificado) McAfee Common Framework 932 C:\Programas\McAfee\Common Framework\naPrdMgr.exe
(verificado) McAfee Common Framework 1912 C:\Programas\McAfee\Common Framework\UdaterUI.exe
(verificado) McAfee SiteAdvisor 1892 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
(verificado) Microsoft® Visual Studio .NET 1480 C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
(verificado) Microsoft® Windows Live ID 2552 C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
(verificado) Microsoft® Windows Live ID 3400 C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(verificado) Microsoft® Windows® Operating System 3720 C:\WINDOWS\system32\alg.exe
(verificado) Microsoft® Windows® Operating System 1064 C:\WINDOWS\system32\csrss.exe
(verificado) Microsoft® Windows® Operating System 3456 C:\WINDOWS\system32\ctfmon.exe
(verificado) Microsoft® Windows® Operating System 1160 C:\WINDOWS\system32\lsass.exe
(verificado) Microsoft® Windows® Operating System 352 C:\WINDOWS\system32\spoolsv.exe
(verificado) Microsoft® Windows® Operating System 1936 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1572 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 2692 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1500 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1424 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1376 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 580 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 936 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verificado) Nero Home 3484 C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
(verificado) Nero Home 2004 C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
(verificado) Nero Home 3360 C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexStoreSvr.exe
(verificado) PerfectDisk 12 2544 C:\Programas\Ficheiros comuns\Raxco\Shared\PDEngine.exe
(verificado) PerfectDisk 12 2168 C:\Programas\Raxco\PerfectDisk\PDAgent.exe
(verificado) Service 1620 C:\Programas\Autodesk\Content Service\Connect.Service.ContentService.exe
(verificado) Sistema operativo Microsoft® Windows® 2028 C:\WINDOWS\explorer.exe
(verificado) Sistema operativo Microsoft® Windows® 1896 C:\WINDOWS\system32\rundll32.exe
(verificado) Sistema operativo Microsoft® Windows® 4012 C:\WINDOWS\system32\rundll32.exe
(verificado) Sistema operativo Microsoft® Windows® 1148 C:\WINDOWS\system32\services.exe
(verificado) Sistema operativo Microsoft® Windows® 940 C:\WINDOWS\system32\smss.exe
(verificado) Sistema operativo Microsoft® Windows® 2044 C:\WINDOWS\system32\wbem\wmiapsrv.exe
(verificado) Sistema operativo Microsoft® Windows® 1096 C:\WINDOWS\system32\winlogon.exe
(verificado) SoundMAX service agent 2448 C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
(verificado) TrueVector Service 1656 C:\Programas\CheckPoint\ZoneAlarm\vsmon.exe
(verificado) ZoneAlarm 3448 C:\Programas\CheckPoint\ZoneAlarm\zatray.exe
(verificado) ZoneAlarm Browser Security 828 C:\Programas\CheckPoint\ZAForceField\ForceField.exe
(verificado) ZoneAlarm Browser Security 548 C:\Programas\CheckPoint\ZAForceField\ISWSVC.exe
Atividade da Rede
-----------------
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 209.85.229.101
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 209.85.229.101
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 94.245.117.47
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 94.245.117.47
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 65.55.239.163
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.34.144
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 65.55.239.188
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 66.235.142.3
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 88.221.69.115
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.9.185
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.9.185
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 66.235.142.3
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 194.65.2.8
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 194.65.2.8
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.21.39
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.21.42
Processo svchost.exe (1424) escuta na porta: 135 (RPC)
Processo Connect.Service.ContentService.exe (1620) escuta na porta: 50248
Processo svchost.exe (1936) escuta na porta: 2869 (SSDP event notification, UPNP)
Autoruns e arquivos críticos
----------------------------
Hewlett-Packard hpotdd01 C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
VirusScan Enterprise C:\Programas\McAfee\VirusScan Enterprise\shstat.exe
(verificado) Adobe Reader and Acrobat Manager C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe
(verificado) Adobe Updater Startup Utility C:\Programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(verificado) Advanced SystemCare C:\Programas\IObit\Advanced SystemCare 4\AutoCare.exe
(verificado) Advanced SystemCare 4 Tray C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
(verificado) Advanced SystemCare Updater C:\Programas\IObit\Advanced SystemCare 4\AutoUpdate.exe
(verificado) Apple Software Update C:\Programas\Apple Software Update\SoftwareUpdate.exe
(verificado) ATI 2D Component C:\WINDOWS\system32\Ati2mdxx.exe
(verificado) ATI Desktop Component C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
(verificado) Default Manager C:\Programas\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
(verificado) Google Update C:\Programas\Google\Update\GoogleUpdate.exe
(verificado) Hewlett-Packard hpwuSchd C:\Programas\Hewlett-Packard\HP Software Update\hpwuSchd.exe
(verificado) hp coretech (COmponent REuse TECHnolog C:\Programas\HP\hpcoretech\hpcmpmgr.exe
(verificado) HP DeskJet C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
(verificado) McAfee Common Framework C:\Programas\McAfee\Common Framework\UdaterUI.exe
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verificado) Nero AG NeroCheck C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
(verificado) Nero Home C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
(verificado) PSDrvCheck.exe C:\WINDOWS\system32\PSDrvCheck.exe
(verificado) SBSV 2010/02/19-11:02:07 C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\BROWSEUI.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\CRYPT32.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\logon.scr
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\logonui.exe
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\SHELL32.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\stobject.dll
(verificado) Sistema operativo Microsoft® Windows® c:\windows\system32\userinit.exe
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\WlNotify.dll
(verificado) Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verificado) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
(verificado) Windows® Search C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll
(verificado) ZoneAlarm C:\Programas\CheckPoint\ZoneAlarm\zatray.exe
(verificado) ZoneAlarm Browser Security C:\Programas\CheckPoint\ZAForceField\ForceField.exe
Plugins do navegador
--------------------
Java(TM) Platform SE 6 U24 C:\Programas\Java\jre6\bin\new_plugin\npjp2.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin7.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
SPICtrl Dynamic Link Library C:\Programas\IObit\Advanced SystemCare 3\SPICtrl.dll
VSCORE.13.3.2.137.x86 C:\Programas\McAfee\VirusScan Enterprise\Scriptcl.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
(não assinado) Google Earth Plugin C:\Programas\Google\Google Earth\plugin\npgeplugin.dll
(não assinado) npFFApi C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
(não assinado) RadioWMPCore.dll C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\components\RadioWMPCore.dll
(não assinado) VLC Multimedia Plug-in C:\Programas\VideoLAN\VLC\npvlc.dll
(verificado) AcroIEHelperShim Library c:\programas\ficheiros comuns\adobe\acrobat\activex\acroiehelpershim.dll
(verificado) Adobe Acrobat C:\Programas\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
(verificado) Adobe Acrobat C:\Programas\Internet Explorer\plugins\nppdf32.dll
(verificado) BitDefender QuickScan C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verificado) Conduit Toolbar c:\programas\zonealarm_security_suite\prxtbzone.dll
(verificado) Google Update C:\Programas\Google\Update\1.3.21.65\npGoogleUpdate3.dll
(verificado) i-drop control C:\WINDOWS\Downloaded Program Files\IDrop.ocx
(verificado) i-drop control C:\WINDOWS\Downloaded Program Files\IDropENU.dll
(verificado) Java(TM) Platform SE 6 U24 c:\programas\java\jre6\bin\jp2ssv.dll
(verificado) Java(TM) Platform SE 6 U24 c:\programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verificado) McAfee SiteAdvisor c:\programas\mcafee\siteadvisor\mcieplg.dll
(verificado) McAfee Virtual Technician C:\Programas\McAfee\Supportability\MVT\npmvtplugin.dll
(verificado) Messenger C:\Programas\Messenger\msmsgs.exe
(verificado) Microsoft Office Live Plug-in for Firef C:\Programas\Microsoft\Office Live\npOLW.dll
(verificado) Microsoft® Windows Live ID c:\programas\ficheiros comuns\microsoft shared\windows live\windowslivelogin.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
(verificado) RadioWMPCoreGecko19.dll C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\components\RadioWMPCoreGecko19.dll
(verificado) Silverlight Plug-In c:\Programas\Microsoft Silverlight\4.0.60531.0\npctrl.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\MSWSOCK.dll
(verificado) Unity Player C:\Documents and Settings\ZE CARLOS\Definições locais\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
(verificado) Windows Live® Photo Gallery C:\Programas\Windows Live\Photo Gallery\NPWLPG.dll
(verificado) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verificado) ZoneAlarm Browser Security c:\programas\checkpoint\zaforcefield\trustchecker\bin\trustcheckerieplugin.dll
Arquivos desaparecidos
----------------------
Arquivos não encontrados: "c:\programas\microsoft\bingbar\bingext.dll"
--> HKLM\Software\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\InprocServer32\"(default)"
--> HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)"
Análise
-------
MD5: bee3af70dd90f91c5616193722fa4d9f C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
MD5: c2ad81a8cb014376dcc05257bc31ca23 C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\components\RadioWMPCore.dll
MD5: 88fe9488e3d91d7e5a364f8c1d877ea6 C:\PROGRAMAS\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.PTB
MD5: bad08b0ea1099a593e0a2a1f6c1409b3 C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
MD5: c228a432a5a1fd7803d5387089dd053c C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: 133c1ead44d8e6e3eb5bdcff0f900ca4 C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\PDFShell.PTB
MD5: e7f8c75fbc41b4e483294eacb42ca835 C:\Programas\Ficheiros comuns\Ahead\Lib\NMDataServices.dll
MD5: 3b3a110d7f9b6990a10f47c2dd8ffe8b C:\Programas\Ficheiros comuns\Ahead\Lib\NMSearchPluginSimilarImages.dll
MD5: 241c7a225015e5c7d81cfff85e3a35cd C:\Programas\Ficheiros comuns\Ahead\Lib\NMSQLDB.dll
MD5: 3d811bf538d6f359735d757c94f484b6 C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MSDBG2.DLL
MD5: 4912d2d5b12184d3bc02d730e3573eb7 C:\Programas\Ficheiros comuns\SYSTEM\MSMAPI\2070\contab32.dll
MD5: 2223facdfc2fe8b3379d6dbc69b4e27d C:\Programas\Ficheiros comuns\SYSTEM\MSMAPI\2070\MAPIR.DLL
MD5: 0f445b821549f9ff471bba56c69953d4 C:\Programas\Google\Google Earth\plugin\npgeplugin.dll
MD5: 7eef9e578d2aa3d562d074bfdfe56825 C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin2.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin3.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin4.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin5.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin6.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin7.dll
MD5: c7868fd23610dc8077f5037d5c7fde47 C:\Programas\IObit\Advanced SystemCare 3\SPICtrl.dll
MD5: c4660dd2d6d26d99841a950e5ef20344 C:\Programas\IObit\Advanced SystemCare 4\DiskScan.exe
MD5: 4ebb5b4dcabec18b29d01f9f607b0114 C:\Programas\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 80e806c7e7da5737074abc7424950feb c:\Programas\McAfee\SiteAdvisor\McSACorePS.dll
MD5: a6360992070cd80dacc07e36c8633ed6 c:\Programas\McAfee\SiteAdvisor\saupkeep.dll
MD5: 728f82737cccc9574628c17f8f37e6e7 C:\Programas\McAfee\VirusScan Enterprise\condl.dll
MD5: 079b0161b9b45fba19693aee3b457c6c C:\Programas\McAfee\VirusScan Enterprise\ftcfg.dll
MD5: 781c94660851635b2d4eb8b140762943 C:\Programas\McAfee\VirusScan Enterprise\FTL.Dll
MD5: af8655d3574c88df10c0c4e41e4e149f C:\Programas\McAfee\VirusScan Enterprise\LockDown.dll
MD5: 023c3b3b5369ea36ba65674b330e66b9 C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
MD5: 637931afdae50c44afbf759b873659af C:\Programas\McAfee\VirusScan Enterprise\mfeapfa.dll
MD5: c7d994601be4be20d4e928f165756d64 C:\Programas\McAfee\VirusScan Enterprise\mfeavfa.dll
MD5: 138a7508c41f1337df03de842d614762 C:\Programas\McAfee\VirusScan Enterprise\mfebopa.dll
MD5: 5fa5f50c9278e149c767f8373331a079 C:\Programas\McAfee\VirusScan Enterprise\mfehida.dll
MD5: 6e1e4bb2866260f2949a3b7a0759e3c6 C:\Programas\McAfee\VirusScan Enterprise\mferkdk.sys
MD5: 4001d7331938d1798c2b620cfabd99bf C:\Programas\McAfee\VirusScan Enterprise\MIDUtil.Dll
MD5: 276a3e2faee6400294d72d68dababd16 C:\Programas\McAfee\VirusScan Enterprise\mytilus.dll
MD5: fc5687d53c3985cca586e993accc89af C:\Programas\McAfee\VirusScan Enterprise\mytilus2.dll
MD5: ced35df1ee3168b3c5178d49390e21e6 C:\Programas\McAfee\VirusScan Enterprise\NAEvent.dll
MD5: e80b8f4ceb539735e7e6efc9a3b76fb7 C:\Programas\McAfee\VirusScan Enterprise\naiann.dll
MD5: 17c4c7f2c1c41366bdb82beac042ceaf C:\Programas\McAfee\VirusScan Enterprise\RES1600\McShield.dll
MD5: dfd2d0d65777a559a43f8c902f62ab56 C:\Programas\McAfee\VirusScan Enterprise\Scriptcl.dll
MD5: d75903390a054a68f0b0ba7eeb1b6193 C:\Programas\McAfee\VirusScan Enterprise\scriptsv.dll
MD5: a3a47cde47e8d71ca6b211fa3bdcdf09 C:\Programas\McAfee\VirusScan Enterprise\shstat.exe
MD5: 1a0420f2e3e3603a3756986165ae124a C:\Programas\McAfee\VirusScan Enterprise\shutil.dll
MD5: c473940e5e0e502376efda819553f469 C:\Programas\McAfee\VirusScan Enterprise\VsEvntUI.dll
MD5: 4b65465659d1d61f55e437d4ab94ba31 C:\Programas\McAfee\VirusScan Enterprise\VsPlugin.dll
MD5: 3cbb6d0798111dc749c87f12e1561dc4 C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
MD5: 825f81a6f7dd073509db101f0ba6dc59 C:\Programas\Microsoft\BingBar\BBSvc.EXE
MD5: cc5b1a70daa7a04fe15e6d7c54b55d02 C:\Programas\Mozilla Firefox\freebl3.dll
MD5: 96397535f6e4ca499dd659ce76c50746 C:\Programas\Mozilla Firefox\MOZCPP19.dll
MD5: 411f23aaf331da8b9f0cfd1cada4b8b5 C:\Programas\Mozilla Firefox\MOZCRT19.dll
MD5: f030ff40b6afb777b9992525800de3ea C:\Programas\Mozilla Firefox\nss3.dll
MD5: fb4fc7ee2e516063e25887c2e170d893 C:\Programas\Mozilla Firefox\nssutil3.dll
MD5: 4dfdfb82c4f60beaf88e3c13c01f124a C:\Programas\Mozilla Firefox\plc4.dll
MD5: b6a4cb50c2c0d7821a604c64a5058ed1 C:\Programas\Mozilla Firefox\ssl3.dll
MD5: 22334939e56fac64fc9c4d2cd4979d5a C:\Programas\Raxco\PerfectDisk\PDFsPerf.dll
MD5: 255144d9c764241c897c85c798c52241 C:\Programas\VideoLAN\VLC\npvlc.dll
MD5: 2829e74b26814fd5e320fe21746a6d4e C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\93e7df09dacd5fef442cc22d28efec83\mscorlib.ni.dll
MD5: bb1a72afd3ab4ba1965d8a7ff53a4296 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef32e2d63c908a8e4b21b30b2debcd03\SMDiagnostics.ni.dll
MD5: 464e5b3ce81ae0def1ac196ac2dc5f53 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\786df9adb3752f8f67b90dedb60dc2a1\System.Configuration.ni.dll
MD5: 2e82c7cca263d988a2646c437414436f C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\2721a63758cab451543e8a58dc4ffeeb\System.Core.ni.dll
MD5: 24bf471af0ad740f66200affa8e0d843 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\80bdabbd69127228408b96ca23460389\System.Data.ni.dll
MD5: 3c74081f7fb886d26e72e4a4621e5ee6 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ea0f339fb15935f1878e115be1c04f8f\System.Drawing.ni.dll
MD5: 5c6a7359fb2e655e6c520605752176c6 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.ni.dll
MD5: 8d1176cb888cdaf443074d6f30e2fe96 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.Wrapper.dll
MD5: 89c497a42aa8f7ca2ba2146ad721604b C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\e1acefba94c07ca77d751b68bc3e33d3\System.IdentityModel.ni.dll
MD5: b71b7bc1545669dfd2c4c716b430d4b9 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\5c659e2195f712d6638b8536da384cda\System.Runtime.DurableInstancing.ni.dll
MD5: 00118421e3ebe5b04bd109d6d998de80 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\33b886ae33f78b046f90bda3dde2688e\System.Runtime.Serialization.ni.dll
MD5: 5c0210bc3c7545d89bd8d309ccf78658 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3bea7a34d24b4dc1e3925b0b9bc9d45b\System.ServiceModel.Channels.ni.dll
MD5: ce9baccb5d03b6353323a0b64777cee9 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8671670b07fb8597048ef4aae0a5ede4\System.ServiceModel.Routing.ni.dll
MD5: 056abbae0974692cb77903a2b49b9e23 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a06883d82187f371b521c76e181dcca5\System.ServiceModel.Web.ni.dll
MD5: 7afc35302067b565472ecb182a4db7dc C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a53b7bb4838c656363b29f79f708a0f0\System.ServiceModel.Activities.ni.dll
MD5: 1b2408ff5c494df6c4210e27a11b7113 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f37365c0acb4b409a486f3aa4512a03e\System.ServiceModel.Discovery.ni.dll
MD5: 0919b13d2c7dd728aceb81cb15b8a709 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\56df5c322f32e926eb46047f65d0a357\System.ServiceModel.ni.dll
MD5: 8dd1bcc2ff94d13e2656d560265e2bd3 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\b784695a620842be9b660769dd43c898\System.ServiceProcess.ni.dll
MD5: a36e39a4afe43b9266085608c4e95e12 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\5314989a2066877016eaac44f927092c\System.Transactions.ni.dll
MD5: 900322cf59bd791b694301b4dcebb342 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\92e03c0c449ccacc9d819207642047b3\System.Web.Services.ni.dll
MD5: ce131cd239b5d5382f291f40cd8493b9 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\627971f71c1fe16a4035a016bc2814b7\System.WorkflowServices.ni.dll
MD5: e20342a923d192618cdee796d59c8736 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\6cf9069b4b5feb38824a79009ed9c7b4\System.Xml.ni.dll
MD5: 465fb5bcb2c668e506e4e8fbd517ca93 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\ffc825af968e2afbdd0d894b475331f3\System.ni.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: b07511c6f3bbc07b1e09e44f20ee5b8a C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
MD5: 90d231ed691ad4a2d0190685cd190a01 C:\WINDOWS\system32\cnbjmon.dll
MD5: 7c2c78485263830dcdcfc053eeb69e67 C:\WINDOWS\system32\desk.cpl
MD5: 640ee82b51017fb496b525026452cc31 C:\WINDOWS\System32\drivers\dmio.sys
MD5: c5e9ce8183f978ad5a210fa36290f6b1 C:\WINDOWS\system32\DRIVERS\intelppm.sys
MD5: fabff8a637ecc7fd67e4799403c0100e C:\WINDOWS\system32\DRIVERS\isapnp.sys
MD5: 4127e8b6ddb4090e815c1f8852c277d3 C:\WINDOWS\system32\DRIVERS\lirsgt.sys
MD5: 11115e2281dd9b885b038abb11dd8a75 C:\WINDOWS\system32\drivers\mfeapfk.sys
MD5: a14941aea876c395214f918b011a1371 C:\WINDOWS\system32\drivers\mfeavfk.sys
MD5: 59b8443b78c46d2ac4767938e778f043 C:\WINDOWS\system32\drivers\mfebopk.sys
MD5: 116689b95a37efca0acc2ac421795e60 C:\WINDOWS\system32\drivers\mfehidk.sys
MD5: 8468969c92d1dd1fa872cc6c936e4d60 C:\WINDOWS\system32\drivers\mfetdik.sys
MD5: 5ba9e672fc3fcb436a92b0646dd37625 C:\WINDOWS\system32\DRIVERS\parport.sys
MD5: b169d51385049145a8ddb1a87ab5f7bf C:\WINDOWS\system32\DRIVERS\redbook.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 9e1bb090d2d8dbf73d9042b4fae99a6b C:\WINDOWS\system32\epoPGPSDK.dll
MD5: 93194ded03c7679a562c4cf50c808d6e C:\WINDOWS\system32\fmifs.dll
MD5: bd94927532d2da7e7fd451b47232ad24 C:\WINDOWS\system32\hpzsnt09.dll
MD5: 3e0db0bf163038954615a9e35c84b097 C:\WINDOWS\system32\ifsutil.dll
MD5: 3ddaebc75d22c43a8d2dda857d9a7ec0 C:\WINDOWS\system32\inetpp.dll
MD5: 449fc146272625c06a1005c6c2f8cc16 C:\WINDOWS\system32\localspl.dll
MD5: 21a67095edc11a528f5434d28bb0ef3c C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MD5: 95d5c04c3a48532388b6922d8d73cccd C:\WINDOWS\system32\MFC42u.DLL
MD5: b1ef4686961986dffb7fe8f18e6fcb5b C:\WINDOWS\system32\nlssrv32.exe
MD5: e70e619a58a2deacdd0e5cc7b8b5210b C:\WINDOWS\system32\pjlmon.dll
MD5: a1cca05cbf970c08493c1fd151f5900d C:\WINDOWS\system32\pwdspio.sys
MD5: 306c3d6095f3342ec510c0f321af5bb0 C:\WINDOWS\system32\SPOOLSS.DLL
MD5: 934a88c915aa0c843d49885c17e38c43 C:\WINDOWS\System32\strmfilt.dll
MD5: bd9b4450d00d4ac891407b8c0e08de9c C:\WINDOWS\system32\SYNCOR11.DLL
MD5: c9a47fce3ed6ab271804655b1645b4b3 C:\WINDOWS\system32\tcpmon.dll
MD5: ce2d7102f76ec2e5e3f6da7aea7a34f6 C:\WINDOWS\system32\ulib.dll
MD5: 6bf5d556f31ab68665ae77c9d97b5cf7 C:\WINDOWS\system32\UNTFS.dll
MD5: 35107b6d82af97e6ca93cc6172f5f837 C:\WINDOWS\system32\usbmon.dll
MD5: effae4f29379c8a972fd82448ca5cf94 C:\WINDOWS\system32\wbem\WMIApRes.dll
MD5: 294aed61ebeee522345c7e2aaa2b25bc C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: 6eae8d29e51b9df39570f818e2c1b986 C:\WINDOWS\system32\win32spl.dll
MD5: 020d87c100f40691ae80ea69d61d28ce C:\WINDOWS\system32\xpsp2res.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
Nenhum arquivo carregado.
Fim da Análise - a comunicação levou 1 seg
Tráfego Total - 0.01 MB enviados, 0.42 KB receb
Analisados 810 arquivos e módulos - 67 segundos
==============================================================================
QuickScan Beta 32-bit v0.9.9.98
-------------------------------
Data da análise: Wed Aug 24 10:44:20 2011
ID da máquina: 4C8A3440
Não foram encontradas infecções.
--------------------------------
Processos
---------
DiskScan.exe 3556 C:\Programas\IObit\Advanced SystemCare 4\DiskScan.exe
Hewlett-Packard hpotdd01 2712 C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
Nalpeiron License Management 2088 C:\WINDOWS\system32\nlssrv32.exe
VirusScan Enterprise 2788 C:\Programas\McAfee\VirusScan Enterprise\shstat.exe
VirusScan Enterprise 388 C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
VSCORE.13.3.2.137.x86 236 C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
(verificado) IoctlSvc Application 2280 C:\WINDOWS\system32\IoctlSvc.exe
(verificado) Advanced SystemCare 2196 C:\Programas\IObit\Advanced SystemCare 4\ASC.exe
(verificado) Advanced SystemCare 1528 C:\Programas\IObit\Advanced SystemCare 4\ASCService.exe
(verificado) Advanced SystemCare 4 Tray 3532 C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
(verificado) ATI Desktop Component 3032 C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
(verificado) ati2evxx.exe 1360 C:\WINDOWS\system32\ati2evxx.exe
(verificado) Bing Bar 2320 C:\Programas\Microsoft\BingBar\SeaPort.EXE
(verificado) Firefox 1980 C:\Programas\Mozilla Firefox\firefox.exe
(verificado) Firefox 3548 C:\Programas\Mozilla Firefox\plugin-container.exe
(verificado) Firefox 1732 C:\Programas\Mozilla Firefox\plugin-container.exe
(verificado) Hewlett-Packard hpwuSchd 2696 C:\Programas\Hewlett-Packard\HP Software Update\hpwuSchd.exe
(verificado) hp coretech (COmponent REuse TECHnolog 3168 C:\Programas\HP\hpcoretech\hpcmpmgr.exe
(verificado) HP DeskJet 3188 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
(verificado) Java(TM) Platform SE 6 U24 1832 C:\Programas\Java\jre6\bin\jqs.exe
(verificado) McAfee Common Framework 1948 C:\Programas\McAfee\Common Framework\FrameworkService.exe
(verificado) McAfee Common Framework 3808 C:\Programas\McAfee\Common Framework\Mctray.exe
(verificado) McAfee Common Framework 932 C:\Programas\McAfee\Common Framework\naPrdMgr.exe
(verificado) McAfee Common Framework 1912 C:\Programas\McAfee\Common Framework\UdaterUI.exe
(verificado) McAfee SiteAdvisor 1892 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
(verificado) Microsoft® Visual Studio .NET 1480 C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
(verificado) Microsoft® Windows Live ID 2552 C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
(verificado) Microsoft® Windows Live ID 3400 C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(verificado) Microsoft® Windows® Operating System 3720 C:\WINDOWS\system32\alg.exe
(verificado) Microsoft® Windows® Operating System 1064 C:\WINDOWS\system32\csrss.exe
(verificado) Microsoft® Windows® Operating System 3456 C:\WINDOWS\system32\ctfmon.exe
(verificado) Microsoft® Windows® Operating System 1160 C:\WINDOWS\system32\lsass.exe
(verificado) Microsoft® Windows® Operating System 352 C:\WINDOWS\system32\spoolsv.exe
(verificado) Microsoft® Windows® Operating System 1936 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1572 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 2692 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1500 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1424 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 1376 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 580 C:\WINDOWS\system32\svchost.exe
(verificado) Microsoft® Windows® Operating System 936 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verificado) Nero Home 3484 C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
(verificado) Nero Home 2004 C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
(verificado) Nero Home 3360 C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexStoreSvr.exe
(verificado) PerfectDisk 12 2544 C:\Programas\Ficheiros comuns\Raxco\Shared\PDEngine.exe
(verificado) PerfectDisk 12 2168 C:\Programas\Raxco\PerfectDisk\PDAgent.exe
(verificado) Service 1620 C:\Programas\Autodesk\Content Service\Connect.Service.ContentService.exe
(verificado) Sistema operativo Microsoft® Windows® 2028 C:\WINDOWS\explorer.exe
(verificado) Sistema operativo Microsoft® Windows® 1896 C:\WINDOWS\system32\rundll32.exe
(verificado) Sistema operativo Microsoft® Windows® 4012 C:\WINDOWS\system32\rundll32.exe
(verificado) Sistema operativo Microsoft® Windows® 1148 C:\WINDOWS\system32\services.exe
(verificado) Sistema operativo Microsoft® Windows® 940 C:\WINDOWS\system32\smss.exe
(verificado) Sistema operativo Microsoft® Windows® 2044 C:\WINDOWS\system32\wbem\wmiapsrv.exe
(verificado) Sistema operativo Microsoft® Windows® 1096 C:\WINDOWS\system32\winlogon.exe
(verificado) SoundMAX service agent 2448 C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
(verificado) TrueVector Service 1656 C:\Programas\CheckPoint\ZoneAlarm\vsmon.exe
(verificado) ZoneAlarm 3448 C:\Programas\CheckPoint\ZoneAlarm\zatray.exe
(verificado) ZoneAlarm Browser Security 828 C:\Programas\CheckPoint\ZAForceField\ForceField.exe
(verificado) ZoneAlarm Browser Security 548 C:\Programas\CheckPoint\ZAForceField\ISWSVC.exe
Atividade da Rede
-----------------
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 209.85.229.101
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 209.85.229.101
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 94.245.117.47
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 94.245.117.47
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 65.55.239.163
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.34.144
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 65.55.239.188
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 66.235.142.3
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 88.221.69.115
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.9.185
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.9.185
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 66.235.142.3
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 194.65.2.8
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 194.65.2.8
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.21.39
Processo firefox.exe (1980) conectado à porta 80 (HTTP) --> 64.4.21.42
Processo svchost.exe (1424) escuta na porta: 135 (RPC)
Processo Connect.Service.ContentService.exe (1620) escuta na porta: 50248
Processo svchost.exe (1936) escuta na porta: 2869 (SSDP event notification, UPNP)
Autoruns e arquivos críticos
----------------------------
Hewlett-Packard hpotdd01 C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
VirusScan Enterprise C:\Programas\McAfee\VirusScan Enterprise\shstat.exe
(verificado) Adobe Reader and Acrobat Manager C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe
(verificado) Adobe Updater Startup Utility C:\Programas\Ficheiros comuns\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(verificado) Advanced SystemCare C:\Programas\IObit\Advanced SystemCare 4\AutoCare.exe
(verificado) Advanced SystemCare 4 Tray C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
(verificado) Advanced SystemCare Updater C:\Programas\IObit\Advanced SystemCare 4\AutoUpdate.exe
(verificado) Apple Software Update C:\Programas\Apple Software Update\SoftwareUpdate.exe
(verificado) ATI 2D Component C:\WINDOWS\system32\Ati2mdxx.exe
(verificado) ATI Desktop Component C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
(verificado) Default Manager C:\Programas\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
(verificado) Google Update C:\Programas\Google\Update\GoogleUpdate.exe
(verificado) Hewlett-Packard hpwuSchd C:\Programas\Hewlett-Packard\HP Software Update\hpwuSchd.exe
(verificado) hp coretech (COmponent REuse TECHnolog C:\Programas\HP\hpcoretech\hpcmpmgr.exe
(verificado) HP DeskJet C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
(verificado) McAfee Common Framework C:\Programas\McAfee\Common Framework\UdaterUI.exe
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
(verificado) Nero AG NeroCheck C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
(verificado) Nero Home C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe
(verificado) PSDrvCheck.exe C:\WINDOWS\system32\PSDrvCheck.exe
(verificado) SBSV 2010/02/19-11:02:07 C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\BROWSEUI.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\CRYPT32.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\cscdll.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\logon.scr
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\logonui.exe
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\sclgntfy.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\SHELL32.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\stobject.dll
(verificado) Sistema operativo Microsoft® Windows® c:\windows\system32\userinit.exe
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\WlNotify.dll
(verificado) Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
(verificado) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
(verificado) Windows® Search C:\Programas\Windows Desktop Search\MSNLNamespaceMgr.dll
(verificado) ZoneAlarm C:\Programas\CheckPoint\ZoneAlarm\zatray.exe
(verificado) ZoneAlarm Browser Security C:\Programas\CheckPoint\ZAForceField\ForceField.exe
Plugins do navegador
--------------------
Java(TM) Platform SE 6 U24 C:\Programas\Java\jre6\bin\new_plugin\npjp2.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Programas\Internet Explorer\plugins\npqtplugin7.dll
Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
SPICtrl Dynamic Link Library C:\Programas\IObit\Advanced SystemCare 3\SPICtrl.dll
VSCORE.13.3.2.137.x86 C:\Programas\McAfee\VirusScan Enterprise\Scriptcl.dll
Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
(não assinado) Google Earth Plugin C:\Programas\Google\Google Earth\plugin\npgeplugin.dll
(não assinado) npFFApi C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
(não assinado) RadioWMPCore.dll C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\components\RadioWMPCore.dll
(não assinado) VLC Multimedia Plug-in C:\Programas\VideoLAN\VLC\npvlc.dll
(verificado) AcroIEHelperShim Library c:\programas\ficheiros comuns\adobe\acrobat\activex\acroiehelpershim.dll
(verificado) Adobe Acrobat C:\Programas\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
(verificado) Adobe Acrobat C:\Programas\Internet Explorer\plugins\nppdf32.dll
(verificado) BitDefender QuickScan C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verificado) Conduit Toolbar c:\programas\zonealarm_security_suite\prxtbzone.dll
(verificado) Google Update C:\Programas\Google\Update\1.3.21.65\npGoogleUpdate3.dll
(verificado) i-drop control C:\WINDOWS\Downloaded Program Files\IDrop.ocx
(verificado) i-drop control C:\WINDOWS\Downloaded Program Files\IDropENU.dll
(verificado) Java(TM) Platform SE 6 U24 c:\programas\java\jre6\bin\jp2ssv.dll
(verificado) Java(TM) Platform SE 6 U24 c:\programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verificado) McAfee SiteAdvisor c:\programas\mcafee\siteadvisor\mcieplg.dll
(verificado) McAfee Virtual Technician C:\Programas\McAfee\Supportability\MVT\npmvtplugin.dll
(verificado) Messenger C:\Programas\Messenger\msmsgs.exe
(verificado) Microsoft Office Live Plug-in for Firef C:\Programas\Microsoft\Office Live\npOLW.dll
(verificado) Microsoft® Windows Live ID c:\programas\ficheiros comuns\microsoft shared\windows live\windowslivelogin.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verificado) Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
(verificado) RadioWMPCoreGecko19.dll C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\components\RadioWMPCoreGecko19.dll
(verificado) Silverlight Plug-In c:\Programas\Microsoft Silverlight\4.0.60531.0\npctrl.dll
(verificado) Sistema operativo Microsoft® Windows® C:\WINDOWS\system32\MSWSOCK.dll
(verificado) Unity Player C:\Documents and Settings\ZE CARLOS\Definições locais\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
(verificado) Windows Live® Photo Gallery C:\Programas\Windows Live\Photo Gallery\NPWLPG.dll
(verificado) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verificado) ZoneAlarm Browser Security c:\programas\checkpoint\zaforcefield\trustchecker\bin\trustcheckerieplugin.dll
Arquivos desaparecidos
----------------------
Arquivos não encontrados: "c:\programas\microsoft\bingbar\bingext.dll"
--> HKLM\Software\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\InprocServer32\"(default)"
--> HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)"
Análise
-------
MD5: bee3af70dd90f91c5616193722fa4d9f C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
MD5: c2ad81a8cb014376dcc05257bc31ca23 C:\Documents and Settings\ZE CARLOS\Application Data\Mozilla\Firefox\Profiles\xu6beaup.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\components\RadioWMPCore.dll
MD5: 88fe9488e3d91d7e5a364f8c1d877ea6 C:\PROGRAMAS\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.PTB
MD5: bad08b0ea1099a593e0a2a1f6c1409b3 C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
MD5: c228a432a5a1fd7803d5387089dd053c C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: 133c1ead44d8e6e3eb5bdcff0f900ca4 C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\PDFShell.PTB
MD5: e7f8c75fbc41b4e483294eacb42ca835 C:\Programas\Ficheiros comuns\Ahead\Lib\NMDataServices.dll
MD5: 3b3a110d7f9b6990a10f47c2dd8ffe8b C:\Programas\Ficheiros comuns\Ahead\Lib\NMSearchPluginSimilarImages.dll
MD5: 241c7a225015e5c7d81cfff85e3a35cd C:\Programas\Ficheiros comuns\Ahead\Lib\NMSQLDB.dll
MD5: 3d811bf538d6f359735d757c94f484b6 C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MSDBG2.DLL
MD5: 4912d2d5b12184d3bc02d730e3573eb7 C:\Programas\Ficheiros comuns\SYSTEM\MSMAPI\2070\contab32.dll
MD5: 2223facdfc2fe8b3379d6dbc69b4e27d C:\Programas\Ficheiros comuns\SYSTEM\MSMAPI\2070\MAPIR.DLL
MD5: 0f445b821549f9ff471bba56c69953d4 C:\Programas\Google\Google Earth\plugin\npgeplugin.dll
MD5: 7eef9e578d2aa3d562d074bfdfe56825 C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin2.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin3.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin4.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin5.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin6.dll
MD5: 82eed563be76e18607202aea759297f3 C:\Programas\Internet Explorer\plugins\npqtplugin7.dll
MD5: c7868fd23610dc8077f5037d5c7fde47 C:\Programas\IObit\Advanced SystemCare 3\SPICtrl.dll
MD5: c4660dd2d6d26d99841a950e5ef20344 C:\Programas\IObit\Advanced SystemCare 4\DiskScan.exe
MD5: 4ebb5b4dcabec18b29d01f9f607b0114 C:\Programas\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 80e806c7e7da5737074abc7424950feb c:\Programas\McAfee\SiteAdvisor\McSACorePS.dll
MD5: a6360992070cd80dacc07e36c8633ed6 c:\Programas\McAfee\SiteAdvisor\saupkeep.dll
MD5: 728f82737cccc9574628c17f8f37e6e7 C:\Programas\McAfee\VirusScan Enterprise\condl.dll
MD5: 079b0161b9b45fba19693aee3b457c6c C:\Programas\McAfee\VirusScan Enterprise\ftcfg.dll
MD5: 781c94660851635b2d4eb8b140762943 C:\Programas\McAfee\VirusScan Enterprise\FTL.Dll
MD5: af8655d3574c88df10c0c4e41e4e149f C:\Programas\McAfee\VirusScan Enterprise\LockDown.dll
MD5: 023c3b3b5369ea36ba65674b330e66b9 C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
MD5: 637931afdae50c44afbf759b873659af C:\Programas\McAfee\VirusScan Enterprise\mfeapfa.dll
MD5: c7d994601be4be20d4e928f165756d64 C:\Programas\McAfee\VirusScan Enterprise\mfeavfa.dll
MD5: 138a7508c41f1337df03de842d614762 C:\Programas\McAfee\VirusScan Enterprise\mfebopa.dll
MD5: 5fa5f50c9278e149c767f8373331a079 C:\Programas\McAfee\VirusScan Enterprise\mfehida.dll
MD5: 6e1e4bb2866260f2949a3b7a0759e3c6 C:\Programas\McAfee\VirusScan Enterprise\mferkdk.sys
MD5: 4001d7331938d1798c2b620cfabd99bf C:\Programas\McAfee\VirusScan Enterprise\MIDUtil.Dll
MD5: 276a3e2faee6400294d72d68dababd16 C:\Programas\McAfee\VirusScan Enterprise\mytilus.dll
MD5: fc5687d53c3985cca586e993accc89af C:\Programas\McAfee\VirusScan Enterprise\mytilus2.dll
MD5: ced35df1ee3168b3c5178d49390e21e6 C:\Programas\McAfee\VirusScan Enterprise\NAEvent.dll
MD5: e80b8f4ceb539735e7e6efc9a3b76fb7 C:\Programas\McAfee\VirusScan Enterprise\naiann.dll
MD5: 17c4c7f2c1c41366bdb82beac042ceaf C:\Programas\McAfee\VirusScan Enterprise\RES1600\McShield.dll
MD5: dfd2d0d65777a559a43f8c902f62ab56 C:\Programas\McAfee\VirusScan Enterprise\Scriptcl.dll
MD5: d75903390a054a68f0b0ba7eeb1b6193 C:\Programas\McAfee\VirusScan Enterprise\scriptsv.dll
MD5: a3a47cde47e8d71ca6b211fa3bdcdf09 C:\Programas\McAfee\VirusScan Enterprise\shstat.exe
MD5: 1a0420f2e3e3603a3756986165ae124a C:\Programas\McAfee\VirusScan Enterprise\shutil.dll
MD5: c473940e5e0e502376efda819553f469 C:\Programas\McAfee\VirusScan Enterprise\VsEvntUI.dll
MD5: 4b65465659d1d61f55e437d4ab94ba31 C:\Programas\McAfee\VirusScan Enterprise\VsPlugin.dll
MD5: 3cbb6d0798111dc749c87f12e1561dc4 C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
MD5: 825f81a6f7dd073509db101f0ba6dc59 C:\Programas\Microsoft\BingBar\BBSvc.EXE
MD5: cc5b1a70daa7a04fe15e6d7c54b55d02 C:\Programas\Mozilla Firefox\freebl3.dll
MD5: 96397535f6e4ca499dd659ce76c50746 C:\Programas\Mozilla Firefox\MOZCPP19.dll
MD5: 411f23aaf331da8b9f0cfd1cada4b8b5 C:\Programas\Mozilla Firefox\MOZCRT19.dll
MD5: f030ff40b6afb777b9992525800de3ea C:\Programas\Mozilla Firefox\nss3.dll
MD5: fb4fc7ee2e516063e25887c2e170d893 C:\Programas\Mozilla Firefox\nssutil3.dll
MD5: 4dfdfb82c4f60beaf88e3c13c01f124a C:\Programas\Mozilla Firefox\plc4.dll
MD5: b6a4cb50c2c0d7821a604c64a5058ed1 C:\Programas\Mozilla Firefox\ssl3.dll
MD5: 22334939e56fac64fc9c4d2cd4979d5a C:\Programas\Raxco\PerfectDisk\PDFsPerf.dll
MD5: 255144d9c764241c897c85c798c52241 C:\Programas\VideoLAN\VLC\npvlc.dll
MD5: 2829e74b26814fd5e320fe21746a6d4e C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\93e7df09dacd5fef442cc22d28efec83\mscorlib.ni.dll
MD5: bb1a72afd3ab4ba1965d8a7ff53a4296 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef32e2d63c908a8e4b21b30b2debcd03\SMDiagnostics.ni.dll
MD5: 464e5b3ce81ae0def1ac196ac2dc5f53 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\786df9adb3752f8f67b90dedb60dc2a1\System.Configuration.ni.dll
MD5: 2e82c7cca263d988a2646c437414436f C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\2721a63758cab451543e8a58dc4ffeeb\System.Core.ni.dll
MD5: 24bf471af0ad740f66200affa8e0d843 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\80bdabbd69127228408b96ca23460389\System.Data.ni.dll
MD5: 3c74081f7fb886d26e72e4a4621e5ee6 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\ea0f339fb15935f1878e115be1c04f8f\System.Drawing.ni.dll
MD5: 5c6a7359fb2e655e6c520605752176c6 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.ni.dll
MD5: 8d1176cb888cdaf443074d6f30e2fe96 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\3c81550255199caad42b6927e52cbe20\System.EnterpriseServices.Wrapper.dll
MD5: 89c497a42aa8f7ca2ba2146ad721604b C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\e1acefba94c07ca77d751b68bc3e33d3\System.IdentityModel.ni.dll
MD5: b71b7bc1545669dfd2c4c716b430d4b9 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\5c659e2195f712d6638b8536da384cda\System.Runtime.DurableInstancing.ni.dll
MD5: 00118421e3ebe5b04bd109d6d998de80 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\33b886ae33f78b046f90bda3dde2688e\System.Runtime.Serialization.ni.dll
MD5: 5c0210bc3c7545d89bd8d309ccf78658 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3bea7a34d24b4dc1e3925b0b9bc9d45b\System.ServiceModel.Channels.ni.dll
MD5: ce9baccb5d03b6353323a0b64777cee9 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8671670b07fb8597048ef4aae0a5ede4\System.ServiceModel.Routing.ni.dll
MD5: 056abbae0974692cb77903a2b49b9e23 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a06883d82187f371b521c76e181dcca5\System.ServiceModel.Web.ni.dll
MD5: 7afc35302067b565472ecb182a4db7dc C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\a53b7bb4838c656363b29f79f708a0f0\System.ServiceModel.Activities.ni.dll
MD5: 1b2408ff5c494df6c4210e27a11b7113 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f37365c0acb4b409a486f3aa4512a03e\System.ServiceModel.Discovery.ni.dll
MD5: 0919b13d2c7dd728aceb81cb15b8a709 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\56df5c322f32e926eb46047f65d0a357\System.ServiceModel.ni.dll
MD5: 8dd1bcc2ff94d13e2656d560265e2bd3 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\b784695a620842be9b660769dd43c898\System.ServiceProcess.ni.dll
MD5: a36e39a4afe43b9266085608c4e95e12 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\5314989a2066877016eaac44f927092c\System.Transactions.ni.dll
MD5: 900322cf59bd791b694301b4dcebb342 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\92e03c0c449ccacc9d819207642047b3\System.Web.Services.ni.dll
MD5: ce131cd239b5d5382f291f40cd8493b9 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\627971f71c1fe16a4035a016bc2814b7\System.WorkflowServices.ni.dll
MD5: e20342a923d192618cdee796d59c8736 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\6cf9069b4b5feb38824a79009ed9c7b4\System.Xml.ni.dll
MD5: 465fb5bcb2c668e506e4e8fbd517ca93 C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\ffc825af968e2afbdd0d894b475331f3\System.ni.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: b07511c6f3bbc07b1e09e44f20ee5b8a C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
MD5: 90d231ed691ad4a2d0190685cd190a01 C:\WINDOWS\system32\cnbjmon.dll
MD5: 7c2c78485263830dcdcfc053eeb69e67 C:\WINDOWS\system32\desk.cpl
MD5: 640ee82b51017fb496b525026452cc31 C:\WINDOWS\System32\drivers\dmio.sys
MD5: c5e9ce8183f978ad5a210fa36290f6b1 C:\WINDOWS\system32\DRIVERS\intelppm.sys
MD5: fabff8a637ecc7fd67e4799403c0100e C:\WINDOWS\system32\DRIVERS\isapnp.sys
MD5: 4127e8b6ddb4090e815c1f8852c277d3 C:\WINDOWS\system32\DRIVERS\lirsgt.sys
MD5: 11115e2281dd9b885b038abb11dd8a75 C:\WINDOWS\system32\drivers\mfeapfk.sys
MD5: a14941aea876c395214f918b011a1371 C:\WINDOWS\system32\drivers\mfeavfk.sys
MD5: 59b8443b78c46d2ac4767938e778f043 C:\WINDOWS\system32\drivers\mfebopk.sys
MD5: 116689b95a37efca0acc2ac421795e60 C:\WINDOWS\system32\drivers\mfehidk.sys
MD5: 8468969c92d1dd1fa872cc6c936e4d60 C:\WINDOWS\system32\drivers\mfetdik.sys
MD5: 5ba9e672fc3fcb436a92b0646dd37625 C:\WINDOWS\system32\DRIVERS\parport.sys
MD5: b169d51385049145a8ddb1a87ab5f7bf C:\WINDOWS\system32\DRIVERS\redbook.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 9e1bb090d2d8dbf73d9042b4fae99a6b C:\WINDOWS\system32\epoPGPSDK.dll
MD5: 93194ded03c7679a562c4cf50c808d6e C:\WINDOWS\system32\fmifs.dll
MD5: bd94927532d2da7e7fd451b47232ad24 C:\WINDOWS\system32\hpzsnt09.dll
MD5: 3e0db0bf163038954615a9e35c84b097 C:\WINDOWS\system32\ifsutil.dll
MD5: 3ddaebc75d22c43a8d2dda857d9a7ec0 C:\WINDOWS\system32\inetpp.dll
MD5: 449fc146272625c06a1005c6c2f8cc16 C:\WINDOWS\system32\localspl.dll
MD5: 21a67095edc11a528f5434d28bb0ef3c C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MD5: 95d5c04c3a48532388b6922d8d73cccd C:\WINDOWS\system32\MFC42u.DLL
MD5: b1ef4686961986dffb7fe8f18e6fcb5b C:\WINDOWS\system32\nlssrv32.exe
MD5: e70e619a58a2deacdd0e5cc7b8b5210b C:\WINDOWS\system32\pjlmon.dll
MD5: a1cca05cbf970c08493c1fd151f5900d C:\WINDOWS\system32\pwdspio.sys
MD5: 306c3d6095f3342ec510c0f321af5bb0 C:\WINDOWS\system32\SPOOLSS.DLL
MD5: 934a88c915aa0c843d49885c17e38c43 C:\WINDOWS\System32\strmfilt.dll
MD5: bd9b4450d00d4ac891407b8c0e08de9c C:\WINDOWS\system32\SYNCOR11.DLL
MD5: c9a47fce3ed6ab271804655b1645b4b3 C:\WINDOWS\system32\tcpmon.dll
MD5: ce2d7102f76ec2e5e3f6da7aea7a34f6 C:\WINDOWS\system32\ulib.dll
MD5: 6bf5d556f31ab68665ae77c9d97b5cf7 C:\WINDOWS\system32\UNTFS.dll
MD5: 35107b6d82af97e6ca93cc6172f5f837 C:\WINDOWS\system32\usbmon.dll
MD5: effae4f29379c8a972fd82448ca5cf94 C:\WINDOWS\system32\wbem\WMIApRes.dll
MD5: 294aed61ebeee522345c7e2aaa2b25bc C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: 6eae8d29e51b9df39570f818e2c1b986 C:\WINDOWS\system32\win32spl.dll
MD5: 020d87c100f40691ae80ea69d61d28ce C:\WINDOWS\system32\xpsp2res.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll
Nenhum arquivo carregado.
Fim da Análise - a comunicação levou 1 seg
Tráfego Total - 0.01 MB enviados, 0.42 KB receb
Analisados 810 arquivos e módulos - 67 segundos
==============================================================================
Posted by: Duar97
« on: 23. August 2011., 12:27:12 »Samker gave me the password of the patch and problems dissapered, but for i runned the HijackThis and this is the log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:46, on 23-08-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\CheckPoint\ZAForceField\IswSvc.exe
C:\Programas\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Programas\Java\jre6\bin\jqs.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Programas\McAfee\Common Framework\FrameworkService.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nlssrv32.exe
C:\Programas\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Programas\Microsoft\BingBar\SeaPort.EXE
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programas\Ficheiros comuns\Raxco\Shared\PDEngine.exe
C:\Programas\McAfee\Common Framework\UdaterUI.exe
C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programas\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programas\McAfee\Common Framework\McTray.exe
C:\Programas\CheckPoint\ZoneAlarm\zatray.exe
C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programas\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Programas\IObit\Game Booster\gbtray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\IObit\Advanced SystemCare 4\ASCService.exe
H:\uTorrentPortable\uTorrentPortable.exe
H:\uTorrentPortable\App\uTorrent\uTorrent.exe
C:\Programas\IObit\Advanced SystemCare 4\ASC.exe
C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Programas\Raxco\PerfectDisk\PDAgentS1.exe
C:\Programas\Raxco\PerfectDisk\PerfectDisk.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\ZE CARLOS\Ambiente de trabalho\VSE85iP8_SCF\Setup.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Programas\IObit\Advanced SystemCare 4\Toolbox.exe
C:\Documents and Settings\ZE CARLOS\Ambiente de trabalho\HijackThis.exe
C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Programas\IObit\Advanced SystemCare 4\Suo14_SmartDefrag.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sapo.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Programas\ZoneAlarm_Security_Suite\prxtbZone.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Suite - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Programas\ZoneAlarm_Security_Suite\prxtbZone.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programas\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programas\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programas\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Programas\ZoneAlarm_Security_Suite\prxtbZone.dll
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programas\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programas\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Programas\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SwitchBoard] C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISW] "C:\Programas\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Programas\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://download09.managerzone.com/soccer-3d/PowerLoader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197497226812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258834740906
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Programas\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Programas\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Programas\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NBService - Nero AG - C:\Programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programas\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programas\Ficheiros comuns\Raxco\Shared\PDEngine.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Programas\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 14869 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:46, on 23-08-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\CheckPoint\ZAForceField\IswSvc.exe
C:\Programas\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Programas\Java\jre6\bin\jqs.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Programas\McAfee\Common Framework\FrameworkService.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nlssrv32.exe
C:\Programas\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Programas\Microsoft\BingBar\SeaPort.EXE
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programas\Ficheiros comuns\Raxco\Shared\PDEngine.exe
C:\Programas\McAfee\Common Framework\UdaterUI.exe
C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programas\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programas\McAfee\Common Framework\McTray.exe
C:\Programas\CheckPoint\ZoneAlarm\zatray.exe
C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexStoreSvr.exe
C:\Programas\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Programas\IObit\Game Booster\gbtray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\IObit\Advanced SystemCare 4\ASCService.exe
H:\uTorrentPortable\uTorrentPortable.exe
H:\uTorrentPortable\App\uTorrent\uTorrent.exe
C:\Programas\IObit\Advanced SystemCare 4\ASC.exe
C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Programas\Raxco\PerfectDisk\PDAgentS1.exe
C:\Programas\Raxco\PerfectDisk\PerfectDisk.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\ZE CARLOS\Ambiente de trabalho\VSE85iP8_SCF\Setup.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programas\Mozilla Firefox\plugin-container.exe
C:\Programas\IObit\Advanced SystemCare 4\Toolbox.exe
C:\Documents and Settings\ZE CARLOS\Ambiente de trabalho\HijackThis.exe
C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Programas\IObit\Advanced SystemCare 4\Suo14_SmartDefrag.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sapo.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Programas\ZoneAlarm_Security_Suite\prxtbZone.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Suite - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Programas\ZoneAlarm_Security_Suite\prxtbZone.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programas\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Programas\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Programas\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programas\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - C:\Programas\ZoneAlarm_Security_Suite\prxtbZone.dll
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programas\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programas\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Programas\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SwitchBoard] C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISW] "C:\Programas\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Programas\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Programas\IObit\Advanced SystemCare 4\ASCTray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: c:\programas\iobit\advanced systemcare 3\spictrl.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://download09.managerzone.com/soccer-3d/PowerLoader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1197497226812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258834740906
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Programas\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Programas\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Programas\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Programas\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NBService - Nero AG - C:\Programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Programas\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programas\Ficheiros comuns\Raxco\Shared\PDEngine.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programas\Ficheiros comuns\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Programas\CheckPoint\ZoneAlarm\vsmon.exe
--
End of file - 14869 bytes
Posted by: jheysen
« on: 22. August 2011., 20:22:37 »I already asked Samker but he closed the topic after i askThat's because 8.5i will go EOL this year, so we encougare our users to upgrade to 8.7i or the newest 8.8i
Posted by: Duar97
« on: 22. August 2011., 19:26:55 »I already asked Samker but he closed the topic after i ask
Posted by: Fintech
« on: 22. August 2011., 19:09:37 »Please read rules and then ask @Samker! 
Posted by: Duar97
« on: 22. August 2011., 14:33:14 »I don't have the password of patch 7 and 8 but i have till patch 6...
Can anyone give me the passwords?
Regards, Duar97
Can anyone give me the passwords?
Regards, Duar97
Posted by: vishwanath99
« on: 22. August 2011., 07:26:55 »install in maximum protection update with all patch and scan ur system..
Posted by: jheysen
« on: 21. August 2011., 19:38:48 »looks like a trojan or worm infection
Posted by: Fintech
« on: 21. August 2011., 18:18:16 »Do you have all updates to this program ? Or are you updated it at all? 
Posted by: Duar97
« on: 21. August 2011., 14:25:54 »Hi
I have McAfee VSE 8.5i for about 5 years and a couple of week ago it started acting really strange...
When i turn on my PC the icon in the taskbar (if its wrong correct me) apears, and then when i pass the mouse over it dissapear.
And more strange is when i try to scan a file or folder, it's like if i didn't pressed the button.
I reinstalled it from the Add/Remove Programs and it's still acting the same way.
Intel Pentium 4 3,00 Ghz
ATI RADEON 9100 IGP 64 Mb RAM
2 GB RAM
XP Professional SP3
Ver: 5.1.2600
Please help me!!!!
I have McAfee VSE 8.5i for about 5 years and a couple of week ago it started acting really strange...
When i turn on my PC the icon in the taskbar (if its wrong correct me) apears, and then when i pass the mouse over it dissapear.
And more strange is when i try to scan a file or folder, it's like if i didn't pressed the button.
I reinstalled it from the Add/Remove Programs and it's still acting the same way.
Intel Pentium 4 3,00 Ghz
ATI RADEON 9100 IGP 64 Mb RAM
2 GB RAM
XP Professional SP3
Ver: 5.1.2600
Please help me!!!!