Mr. Wolf na verdade amigo o post não era do ano passado, mas é que eu uso um programa de gerenciamento que está com bug, e o suporte ainda não conseguiu a solução então eu uso sempre a data de dezembro do ano passado, mas por via das duvidas arrumei a data e um outro log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:45, on 14/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\McAfee\Common Framework\UdaterUI.exe
C:\Arquivos de programas\DAEMON Tools\daemon.exe
C:\Arquivos de programas\Lexmark X5100 Series\lxbabmgr.exe
C:\Arquivos de programas\McAfee\Common Framework\McTray.exe
C:\Arquivos de programas\Lexmark X5100 Series\lxbabmon.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe
C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.BIN
C:\Arquivos de programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Arquivos de programas\Super_DVD_Creator_9.8\NMSAccessU.exe
C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\ARQUIV~1\MEGAUP~1\MEGAMA~1\MegaManager.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\Arquivos de programas\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de programas\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Arquivos de programas\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Arquivos de programas\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{44176DE1-63BB-4E3F-A709-CC906FC77943}: NameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{44176DE1-63BB-4E3F-A709-CC906FC77943}: NameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{44176DE1-63BB-4E3F-A709-CC906FC77943}: NameServer = 10.1.1.1
O23 - Service: Adobe LM Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Arquivos de programas\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Arquivos de programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\Super_DVD_Creator_9.8\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
--
End of file - 9840 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:45, on 14/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\McAfee\Common Framework\UdaterUI.exe
C:\Arquivos de programas\DAEMON Tools\daemon.exe
C:\Arquivos de programas\Lexmark X5100 Series\lxbabmgr.exe
C:\Arquivos de programas\McAfee\Common Framework\McTray.exe
C:\Arquivos de programas\Lexmark X5100 Series\lxbabmon.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe
C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.BIN
C:\Arquivos de programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Arquivos de programas\Super_DVD_Creator_9.8\NMSAccessU.exe
C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\ARQUIV~1\MEGAUP~1\MEGAMA~1\MegaManager.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\Arquivos de programas\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\SPOOL\DRIVERS\W32X86\3\LXBAPSWX.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Arquivos de programas\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Arquivos de programas\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Arquivos de programas\Lexmark X5100 Series\lxbabmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{44176DE1-63BB-4E3F-A709-CC906FC77943}: NameServer = 10.1.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{44176DE1-63BB-4E3F-A709-CC906FC77943}: NameServer = 10.1.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{44176DE1-63BB-4E3F-A709-CC906FC77943}: NameServer = 10.1.1.1
O23 - Service: Adobe LM Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Arquivos de programas\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Arquivos de programas\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\Super_DVD_Creator_9.8\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe
--
End of file - 9840 bytes