Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:17, on 30-03-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHEI~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHEI~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Programas\Mozy\mozybackup.exe
C:\Programas\McAfee\MPF\MPFSrv.exe
C:\Programas\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
c:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programas\Mozy\mozybackup.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Programas\PC Connectivity Solution\ServiceLayer.exe
C:\Programas\iPod\bin\iPodService.exe
C:\Programas\Mozy\mozybackup.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe
C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programas\Logitech\Video\LogiTray.exe
C:\Programas\Java\jre1.6.0_03\bin\jusched.exe
C:\Programas\Logitech\Video\FxSvr2.exe
C:\Documents and Settings\Ana\Os meus documentos\MsgPlus.exe
C:\Programas\SimpleCenter\bin\win\sclauncher.exe
C:\Programas\Windows Live\Family Safety\fssui.exe
C:\Programas\QuickTime\QTTask.exe
C:\Programas\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
C:\Programas\uTorrent\uTorrent.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\DOCUME~1\PROPRI~1\DEFINI~1\Temp\Rar$EX00.015\HijackThis.exe
C:\Programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh....ar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarerefer...=...6Ojg5&lid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programas\free-downloads.net\tbfree.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Programas\McAfee\MSK\mcapbho.dll
O2 - BHO: GNX Bingo - {46E48593-8967-498C-8ED6-1064BAA584C2} - C:\WINDOWS\svpekgonnof.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programas\Windows Live\Family Safety\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programas\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\Windows Live Toolbar\msntb.dll
O2 - BHO: GNX Bingo - {D8DEBC69-6F5D-477A-853C-8777433E1C04} - C:\WINDOWS\kdftlboenbg.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programas\free-downloads.net\tbfree.dll
O3 - Toolbar: The leosrv - {C31D988D-A314-49BB-BA51-7F57DEE5EA34} - C:\WINDOWS\leosrv.dll (file missing)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Programas\free-downloads.net\tbfree.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: stfngdvw - {34D6D8F6-6935-4002-B823-F49AF24DEA2D} - C:\WINDOWS\stfngdvw.dll
O3 - Toolbar: qvdntlmw - {0660F240-E20C-4B30-AD15-81CBC69B8846} - C:\WINDOWS\qvdntlmw.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] C:\Programas\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programas\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programas\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Programas\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [NSLauncher] C:\Programas\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Ana\Os meus documentos\MsgPlus.exe"
O4 - HKLM\..\Run: [sclauncher] C:\Programas\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [fssui] "C:\Programas\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programas\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programas\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [MsgCenterExe] "C:\Programas\Ficheiros comuns\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-21-527237240-115176313-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Highscreen')
O4 - HKUS\S-1-5-21-527237240-115176313-725345543-1003\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background (User 'Highscreen')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-527237240-115176313-725345543-1003 Startup: OpenOffice.org 2.2.lnk = C:\Programas\OpenOffice.org 2.2\program\quickstart.exe (User 'Highscreen')
O4 - S-1-5-21-527237240-115176313-725345543-1003 User Startup: OpenOffice.org 2.2.lnk = C:\Programas\OpenOffice.org 2.2\program\quickstart.exe (User 'Highscreen')
O4 - Startup: Yahoo! Widgets.lnk = C:\Programas\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...html?p=ZCfox000
O8 - Extra context menu item: &Windows Live Search - res://C:\Programas\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programas\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/b...lineScanner.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zon...wn.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1183658465531
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {F2D35D99-63B1-46D3-970C-6E22320D5DCB} (kSoloCntrlIE Class) - http://www.ksolo.com...kSoloIEHDSD.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O21 - SSODL: sxfnewqb - {C7598363-DACC-4997-9402-7D0491E5E3FE} - C:\WINDOWS\sxfnewqb.dll
O21 - SSODL: fkdnrwsv - {72C1D028-9E4D-461B-AD7D-0BF16388F629} - C:\WINDOWS\fkdnrwsv.dll
O21 - SSODL: dwnrpofk - {77C5B393-BB2D-44DD-878E-CE9AD9876A21} - C:\WINDOWS\dwnrpofk.dll
O21 - SSODL: vbgtorfd - {01C7BF14-66B4-4FC7-A87B-8D7236127E4F} - C:\WINDOWS\vbgtorfd.dll
O23 - Service: McAfee Application Installer Cleanup (0215741206879300) (0215741206879300mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\021574~1.EXE
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Programas\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHEI~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHEI~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: Mozy Backup Service (mozybackup) - Unknown owner - C:\Programas\Mozy\mozybackup.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Programas\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Programas\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - C:\Programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Programas\Ficheiros comuns\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programas\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 13626 bytes
Sign In
Create Account
