
McAfee(R) Rootkit Detective 1.0 scan report
On 27-07-2007 at 00:17:20
OS-Version 5.1.2600
Service Pack 2.0
====================================

Object-Type: Process
Object-Name: System Idle Process
Pid: 0
Object-Path: 
Status: Visible

Object-Type: Process
Object-Name: mcsysmon.exe
Pid: 1736
Object-Path: C:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe
Status: Visible

Object-Type: Process
Object-Name: mcagent.exe
Pid: 3100
Object-Path: C:\Arquivos de programas\McAfee.com\Agent\mcagent.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 2760
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: lsass.exe
Pid: 748
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible

Object-Type: Process
Object-Name: System
Pid: 4
Object-Path: 
Status: Visible

Object-Type: Process
Object-Name: winamp.exe
Pid: 3880
Object-Path: C:\Arquivos de programas\Winamp\winamp.exe
Status: Visible

Object-Type: Process
Object-Name: ramaint.exe
Pid: 408
Object-Path: C:\Arquivos de programas\LogMeIn\x86\ramaint.exe
Status: Visible

Object-Type: Process
Object-Name: Mcshield.exe
Pid: 1648
Object-Path: C:\ARQUIV~1\McAfee\VIRUSS~1\Mcshield.exe
Status: Visible

Object-Type: Process
Object-Name: msiexec.exe
Pid: 3788
Object-Path: C:\WINDOWS\system32\msiexec.exe
Status: Visible

Object-Type: Process
Object-Name: RedirSvc.exe
Pid: 1556
Object-Path: C:\ARQUIV~1\ARQUIV~1\McAfee\RedirSvc\RedirSvc.exe
Status: Visible

Object-Type: Process
Object-Name: winvnc.exe
Pid: 3044
Object-Path: C:\Arquivos de programas\UltraVNC\winvnc.exe
Status: Visible

Object-Type: Process
Object-Name: MpfSrv.exe
Pid: 224
Object-Path: C:\Arquivos de programas\McAfee\MPF\MpfSrv.exe
Status: Visible

Object-Type: Process
Object-Name: explorer.exe
Pid: 3448
Object-Path: C:\WINDOWS\explorer.exe
Status: Visible

Object-Type: Process
Object-Name: MDM.EXE
Pid: 1868
Object-Path: C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
Status: Visible

Object-Type: Process
Object-Name: SAService.exe
Pid: 1280
Object-Path: C:\Arquivos de programas\SiteAdvisor\6066\SAService.exe
Status: Visible

Object-Type: Process
Object-Name: SiteAdv.exe
Pid: 1156
Object-Path: C:\Arquivos de programas\SiteAdvisor\6066\SiteAdv.exe
Status: Visible

Object-Type: Process
Object-Name: winlogon.exe
Pid: 692
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible

Object-Type: Process
Object-Name: vmnetdhcp.exe
Pid: 3172
Object-Path: C:\WINDOWS\system32\vmnetdhcp.exe
Status: Visible

Object-Type: Process
Object-Name: jusched.exe
Pid: 1312
Object-Path: C:\Arquivos de programas\Java\jre1.6.0_02\bin\jusched.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1468
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: HWAPI.exe
Pid: 1096
Object-Path: C:\Arquivos de programas\Arquivos comuns\McAfee\HackerWatch\HWAPI.exe
Status: Visible

Object-Type: Process
Object-Name: vmware-authd.ex
Pid: 2460
Object-Path: C:\Arquivos de programas\VMware\VMware Workstation\vmware-authd.exe
Status: Visible

Object-Type: Process
Object-Name: alg.exe
Pid: 1592
Object-Path: C:\WINDOWS\system32\alg.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1532
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: ctfmon.exe
Pid: 2772
Object-Path: C:\WINDOWS\system32\ctfmon.exe
Status: Visible

Object-Type: Process
Object-Name: VCDDaemon.exe
Pid: 2556
Object-Path: C:\Arquivos de programas\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
Status: Visible

Object-Type: Process
Object-Name: taskmgr.exe
Pid: 1224
Object-Path: C:\WINDOWS\system32\taskmgr.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 976
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: McNASvc.exe
Pid: 1132
Object-Path: C:\Arquivos de programas\Arquivos comuns\McAfee\MNA\McNASvc.exe
Status: Visible

Object-Type: Process
Object-Name: SMAgent.exe
Pid: 1628
Object-Path: C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 3984
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: csrss.exe
Pid: 668
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible

Object-Type: Process
Object-Name: LogMeIn.exe
Pid: 1040
Object-Path: C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1788
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: mcpromgr.exe
Pid: 1416
Object-Path: C:\ARQUIV~1\McAfee\MSC\mcpromgr.exe
Status: Visible

Object-Type: Process
Object-Name: LogMeInSystray.
Pid: 1168
Object-Path: C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe
Status: Visible

Object-Type: Process
Object-Name: msmsgs.exe
Pid: 1912
Object-Path: C:\Arquivos de programas\Messenger\msmsgs.exe
Status: Visible

Object-Type: Process
Object-Name: smss.exe
Pid: 612
Object-Path: C:\WINDOWS\system32\smss.exe
Status: Visible

Object-Type: Process
Object-Name: services.exe
Pid: 736
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible

Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 2256
Object-Path: D:\Softs\Mcafee\McafeeRootkitDetective\Rootkit_Detective.exe
Status: Visible

Object-Type: Process
Object-Name: PDVDServ.exe
Pid: 2008
Object-Path: C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
Status: Visible

Object-Type: Process
Object-Name: firefox.exe
Pid: 1172
Object-Path: C:\Arquivos de programas\Mozilla Firefox\firefox.exe
Status: Visible

Object-Type: Process
Object-Name: wdfmgr.exe
Pid: 2412
Object-Path: C:\WINDOWS\system32\wdfmgr.exe
Status: Visible

Object-Type: Process
Object-Name: usnsvc.exe
Pid: 2908
Object-Path: C:\Arquivos de programas\MSN Messenger\usnsvc.exe
Status: Visible

Object-Type: Process
Object-Name: msnmsgr.exe
Pid: 1916
Object-Path: C:\Arquivos de programas\MSN Messenger\msnmsgr.exe
Status: Visible

Object-Type: Process
Object-Name: mcmscsvc.exe
Pid: 1112
Object-Path: C:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe
Status: Visible

Object-Type: Process
Object-Name: vmount2.exe
Pid: 2600
Object-Path: C:\Arquivos de programas\Arquivos comuns\VMware\VMware Virtual Image Editing\vmount2.exe
Status: Visible

Object-Type: Process
Object-Name: vmnat.exe
Pid: 2972
Object-Path: C:\WINDOWS\system32\vmnat.exe
Status: Visible

Object-Type: Process
Object-Name: mcods.exe
Pid: 1392
Object-Path: C:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 928
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: spoolsv.exe
Pid: 2044
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible

Scan complete. No hidden processes/files found.
Total files scanned: 55113