[Resolvido!]Problema com Loader.exe

[jorgebonafe 0]

OláEntão, estou com um problema aqui. Acho que alguma coisa relacionada ao MSN foi instalada no meu computador, e agora sempre que o MSN abre, uma tela dizendo que o "Windows não conseguiu encontrar "Loader.exe". certifique-se blablabla". Como deve ter sido meu irmão que instalou o que quer que tenha causado isso, não sei dizer que programa foi responsável. Já desinstalei o msn, reinstalei, e a mensagem continua. Não sei se isso é um Malware, mas não quero arriscar...Aqui está um log do Hijack This:

Logfile of HijackThis v1.99.1Scan saved at 10:32:52, on 19/6/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\ctfmon.exeC:\MATLAB7\webserver\bin\win32\matlabserver.exeC:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exeC:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exeC:\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - F:\Arquivos de programas\FlashGet\jccatch.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - F:\Arquivos de programas\FlashGet\getflash.dllO4 - HKLM\..\Run: [Fresh Desktop] C:\Arquivos de programas\Fresh Desktop\freshdesktop.exeO4 - HKLM\..\Run: [QuickTime Task] "F:\Arquivos de programas\Quicktime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXEO4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [updateMgr] "C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1O4 - HKCU\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" /WinStartO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: &Download All with FlashGet - F:\Arquivos de programas\FlashGet\jc_all.htmO8 - Extra context menu item: &Download with FlashGet - F:\Arquivos de programas\FlashGet\jc_link.htmO8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\j2re1.4.2_05\bin\npjpi142_05.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\j2re1.4.2_05\bin\npjpi142_05.dllO9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\Arquivos de programas\FlashGet\FlashGet.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\Arquivos de programas\FlashGet\FlashGet.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLLO20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dllO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exeO23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB7\webserver\bin\win32\matlabserver.exeO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

Agradeço a ajuda

[jgarcia 1]

Opa jorgebonafe,

 

Baixe o ComboFix em:

ComboFix

 

1) Dê um duplo-clique no combofix.exe e tecle "Y" para prosseguir. O processo vai durar, em média, 10 minutos;

2) O ComboFix reiniciará o PC automaticamente, a fim de que o processo de remoção seja finalizado;

3) Quando a varredura acabar, será gerado um log, que estará em C:\ComboFix.txt;

4) Não clique na janela do ComboFix, nem feche clicando no X, enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco);

5) Para parar ou sair do ComboFix, tecle "N";

6) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta.

 

Abraços.

[jorgebonafe 0]

Olá

 

Então, executei o combo fix, mas não tenho certeza se aconteceu o que devia ocorrer... Ele não pediu pra reiniciar, apenas abriu automatico o log no final. eu reiniciei por conta propria, e logo que o pc logou apareceu a maldita mensagem... Só que agora apareceram 2 ao invéz de uma... Coincidencia, talvez... :( Ta aqui o log:

 

ComboFix 07-06-18.2 - C:\Documents and Settings\Jorge\Desktop\ComboFix.exe
"Jorge" - 2007-06-24  0:23:36 - Service Pack 2  NTFS  


(((((((((((((((((((((((((   Files Created from 2007-05-24 to 2007-06-24  )))))))))))))))))))))))))))))))


2007-06-24 00:22	49,152	--a------	C:\WINDOWS\nircmd.exe
2007-06-20 23:25	<DIR>	d--------	C:\DOCUME~1\Jorge\DADOSD~1\DivX
2007-06-20 23:24	<DIR>	d--------	C:\Arquivos de programas\DivX
2007-06-20 17:53	<DIR>	d--------	C:\Arquivos de programas\Bonjour
2007-06-20 17:37	<DIR>	d--------	C:\Arquivos de programas\Arquivos comuns\Macrovision Shared
2007-06-19 10:31	<DIR>	d--------	C:\HijackThis
2007-06-19 10:22	<DIR>	d--------	C:\LinhaDefensiva
2007-06-19 10:15	<DIR>	d--------	C:\Arquivos de programas\MessengerPlus! 3
2007-06-19 00:51	<DIR>	d---s----	C:\WINDOWS\Historico
2007-06-19 00:51	<DIR>	d--------	C:\DOCUME~1\Jorge\Configuracoes locais
2007-06-19 00:29	23	--ahs----	C:\WINDOWS\system32\dedabadfeece6_r.dll
2007-06-18 09:21	<DIR>	d---s----	C:\DOCUME~1\Jorge\UserData
2007-06-17 18:27	<DIR>	d--------	C:\DOCUME~1\Jorge\DADOSD~1\Autodesk
2007-06-17 14:57	<DIR>	d--------	C:\DOCUME~1\Jorge\DADOSD~1\Aladdin Systems
2007-06-17 14:43	<DIR>	d--------	C:\DOCUME~1\Jorge\DADOSD~1\Help
2007-06-16 21:42	<DIR>	d--------	C:\Jorge
2007-06-16 13:02	<DIR>	d--------	C:\Arquivos de programas\MessengerDiscovery
2007-06-16 02:30	81,768	--a------	C:\WINDOWS\system32\xinput1_3.dll
2007-06-16 02:30	62,744	--a------	C:\WINDOWS\system32\xinput1_2.dll
2007-06-16 02:30	443,752	--a------	C:\WINDOWS\system32\d3dx10_34.dll
2007-06-16 02:30	443,752	--a------	C:\WINDOWS\system32\d3dx10_33.dll
2007-06-16 02:30	3,497,832	--a------	C:\WINDOWS\system32\d3dx9_34.dll
2007-06-16 02:30	3,495,784	--a------	C:\WINDOWS\system32\d3dx9_33.dll
2007-06-16 02:30	3,426,072	--a------	C:\WINDOWS\system32\d3dx9_32.dll
2007-06-16 02:30	266,088	--a------	C:\WINDOWS\system32\xactengine2_8.dll
2007-06-16 02:30	261,480	--a------	C:\WINDOWS\system32\xactengine2_7.dll
2007-06-16 02:30	255,848	--a------	C:\WINDOWS\system32\xactengine2_6.dll
2007-06-16 02:30	251,672	--a------	C:\WINDOWS\system32\xactengine2_5.dll
2007-06-16 02:30	237,848	--a------	C:\WINDOWS\system32\xactengine2_4.dll
2007-06-16 02:30	236,824	--a------	C:\WINDOWS\system32\xactengine2_3.dll
2007-06-16 02:30	2,414,360	--a------	C:\WINDOWS\system32\d3dx9_31.dll
2007-06-16 02:30	2,297,552	--a------	C:\WINDOWS\system32\d3dx9_26.dll
2007-06-16 02:30	18,280	--a------	C:\WINDOWS\system32\x3daudio1_2.dll
2007-06-16 02:30	15,128	--a------	C:\WINDOWS\system32\x3daudio1_1.dll
2007-06-16 02:30	1,124,720	--a------	C:\WINDOWS\system32\D3DCompiler_34.dll
2007-06-16 02:30	1,123,696	--a------	C:\WINDOWS\system32\D3DCompiler_33.dll
2007-06-16 02:14	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DADOSD~1\Windows Genuine Advantage
2007-06-13 16:33	<DIR>	d--------	C:\DOCUME~1\Beatriz\DADOSD~1\AdobeUM
2007-06-09 16:31	9,216	--a------	C:\WINDOWS\system32\kbdnecAT.dll
2007-06-09 16:31	7,680	--a------	C:\WINDOWS\system32\kbdnecNT.dll
2007-06-09 16:31	7,168	--a------	C:\WINDOWS\system32\kbdnec95.dll
2007-06-09 16:31	7,168	--a------	C:\WINDOWS\system32\kbdibm02.dll
2007-06-09 16:31	6,656	--a------	C:\WINDOWS\system32\kbdlk41a.dll
2007-06-09 16:31	6,144	--a------	C:\WINDOWS\system32\kbdlk41j.dll
2007-06-09 16:31	6,144	--a------	C:\WINDOWS\system32\kbdax2.dll
2007-06-09 16:31	6,144	--a------	C:\WINDOWS\system32\kbd106n.dll
2007-06-09 16:31	6,144	--a------	C:\WINDOWS\system32\kbd101a.dll
2007-06-09 16:31	6,144	--a------	C:\WINDOWS\system32\kbd101.dll
2007-06-09 16:30	811,064	--a------	C:\WINDOWS\system32\imjp81k.dll
2007-06-09 16:30	8,704	--a------	C:\WINDOWS\system32\kbdjpn.dll
2007-06-09 16:30	8,192	--a------	C:\WINDOWS\system32\kbdkor.dll
2007-06-09 16:30	76,288	--a------	C:\WINDOWS\system32\uniime.dll
2007-06-09 16:30	6,144	--a------	C:\WINDOWS\system32\kbd106.dll
2007-06-09 16:30	6,144	--a------	C:\WINDOWS\system32\kbd101c.dll
2007-06-09 16:30	6,144	--a------	C:\WINDOWS\system32\kbd101b.dll
2007-06-09 16:30	5,632	--a------	C:\WINDOWS\system32\kbd103.dll
2007-06-09 16:25	<DIR>	d--------	C:\WINDOWS\system32\appmgmt
2007-06-07 16:06	92,208	--a------	C:\WINDOWS\system32\WING.DLL
2007-06-07 16:06	12,800	--a------	C:\WINDOWS\system\WING32.DLL
2007-06-07 16:03	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DADOSD~1\ONScripter-En
2007-06-07 16:03	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\DADOSD~1\ONScripter
2007-06-07 13:32	<DIR>	d--------	C:\Arquivos de programas\HelpExplorer Software
2007-06-07 13:27	<DIR>	d--------	C:\teste
2007-06-07 01:13	<DIR>	d--------	C:\DOCUME~1\Jorge\DADOSD~1\WNR
2007-06-06 20:43	<DIR>	d--------	C:\WINDOWS\A3W_DATA
2007-06-06 20:38	92,208	--a------	C:\WINDOWS\system\WING.DLL
2007-06-06 20:38	774,960	--a------	C:\WINDOWS\system\IR41.DLL
2007-06-06 20:38	7,168	--a------	C:\WINDOWS\system\DISPDIB.DLL
2007-06-06 20:38	50,096	--a------	C:\WINDOWS\system\IYVU9.DLL
2007-06-06 20:38	49,616	--a------	C:\WINDOWS\system\MSACM.DLL
2007-06-06 20:38	188,960	--a------	C:\WINDOWS\system\WINGDE.DLL
2007-06-06 20:38	151,744	--a------	C:\WINDOWS\system\IR32.DLL
2007-06-06 20:38	14,208	--a------	C:\WINDOWS\system\CTL3D.DLL
2007-06-06 20:38	12,800	--a------	C:\WINDOWS\system32\WING32.DLL
2007-06-06 20:38	12,800	--a------	C:\WINDOWS\system\ACMCMPRS.DLL
2007-06-06 20:37	<DIR>	d--------	C:\MPS
2007-06-05 23:44	<DIR>	d--------	C:\DOCUME~1\USURIO~1\DADOSD~1\AdobeUM
2007-06-05 12:55	<DIR>	d--------	C:\Temp
2007-06-03 02:05	<DIR>	d--------	C:\WINDOWS\RegisteredPackages
2007-05-31 22:49	<DIR>	d--------	C:\DOCUME~1\USURIO~1\DADOSD~1\Real
2007-05-31 03:45	524,288	--a------	C:\WINDOWS\system32\DivXsm.exe
2007-05-31 03:44	823,296	--a------	C:\WINDOWS\system32\divx_xx0c.dll
2007-05-31 03:44	823,296	--a------	C:\WINDOWS\system32\divx_xx07.dll
2007-05-31 03:44	802,816	--a------	C:\WINDOWS\system32\divx_xx11.dll
2007-05-31 03:44	740,442	--a------	C:\WINDOWS\system32\DivX.dll
2007-05-29 00:20	<DIR>	d--------	C:\DOCUME~1\Beatriz\DADOSD~1\Real
2007-05-26 19:59	<DIR>	d--------	C:\FLEXLM
2007-05-26 18:39	<DIR>	d--------	C:\Arquivos de programas\Arquivos comuns\Autodesk Shared
2007-05-26 18:38	73,728	--a------	C:\WINDOWS\system32\drivers\SENTINEL.SYS
2007-05-26 18:38	49,664	--a------	C:\WINDOWS\system32\SNTI386.DLL
2007-05-26 18:38	18,432	--a------	C:\WINDOWS\system32\RNBOVDD.DLL
2007-05-26 18:37	7,328	--a------	C:\WINDOWS\system32\drivers\ds1410d.sys
2007-05-26 18:37	6,656	--a------	C:\WINDOWS\system32\haspvdd.dll
2007-05-26 18:37	47,616	--a------	C:\WINDOWS\system32\drivers\Haspnt.sys
2007-05-26 18:37	383	--a------	C:\WINDOWS\system32\haspdos.sys
2007-05-26 18:37	20,032	-ra------	C:\WINDOWS\system32\drivers\SNTNLUSB.SYS
2007-05-26 18:37	<DIR>	d--------	C:\WINDOWS\system32\RNBOSENT
2007-05-26 18:37	<DIR>	d--------	C:\Arquivos de programas\GLOBEtrotter Software Inc
2007-05-26 18:32	<DIR>	d--------	C:\Arquivos de programas\Arquivos comuns\Alias Shared
2007-05-26 17:31	<DIR>	d--------	C:\Arquivos de programas\MagicISO


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-23 20:41:24	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\dvdcss
2007-06-22 17:16:26	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\uTorrent
2007-06-21 13:32:55	--------	d-----w	C:\Arquivos de programas\Google
2007-06-21 13:30:32	48,512	----a-w	C:\WINDOWS\system32\perfc016.dat
2007-06-21 13:30:32	344,036	----a-w	C:\WINDOWS\system32\perfh016.dat
2007-06-19 03:52:22	--------	d-----w	C:\Arquivos de programas\MSN Messenger
2007-06-19 03:18:40	--------	d--h--w	C:\Arquivos de programas\InstallShield Installation Information
2007-06-07 01:14:03	12,400	----a-w	C:\WINDOWS\system32\drivers\secdrv.sys
2007-05-12 19:47:13	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\Screenshot Sender
2007-05-12 13:38:19	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\InstallShield
2007-05-12 13:35:49	--------	d-----w	C:\Arquivos de programas\MSXML 4.0
2007-05-06 18:14:35	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\Real
2007-05-06 18:13:59	--------	d-----w	C:\Arquivos de programas\Media Player Classic
2007-05-06 16:53:18	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\Apple Computer
2007-05-06 16:47:20	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\FlashGet
2007-05-05 21:33:55	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\ACD Systems
2007-05-05 21:20:25	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\ACD Systems
2007-05-05 19:30:21	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\AdobeUM
2007-04-30 07:51:39	--------	d-----w	C:\Arquivos de programas\MediaInfo
2007-04-30 07:45:26	--------	d-----w	C:\Arquivos de programas\AviSynth 2.5
2007-04-30 07:36:23	--------	d-----w	C:\Arquivos de programas\MKVtoolnix
2007-04-30 07:32:04	--------	d-----w	C:\Arquivos de programas\Combined Community Codec Pack
2007-04-29 17:05:19	--------	d-----w	C:\Arquivos de programas\Winamp
2007-04-29 13:41:34	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\Google
2007-04-28 13:04:38	--------	d-----w	C:\Arquivos de programas\LevelUpGames
2007-04-28 06:00:50	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\Media Player Classic
2007-04-28 05:26:06	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\BSplayer Pro
2007-04-28 05:08:42	--------	d-----w	C:\Arquivos de programas\VideoLAN
2007-04-28 05:07:54	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\vlc
2007-04-28 00:49:52	--------	d-----w	C:\DOCUME~1\Jorge\DADOSD~1\Pegasys Inc
2007-04-28 00:20:12	0	----a-w	C:\WINDOWS\nsreg.dat
2007-04-28 00:20:05	107,134	----a-w	C:\WINDOWS\UninstallFirefox.exe
2007-04-28 00:20:00	2,387	----a-w	C:\WINDOWS\mozver.dat
2007-04-28 00:18:59	--------	d-----w	C:\Arquivos de programas\Blender Foundation
2007-04-25 12:52:50	--------	d-----w	C:\Arquivos de programas\Ahead
2007-04-25 12:52:33	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\Ahead
2007-04-25 12:40:19	--------	d-----w	C:\Arquivos de programas\Programas SRF
2007-04-24 20:46:38	--------	d-----w	C:\Arquivos de programas\Analog Devices
2007-04-24 20:45:43	--------	d-----w	C:\Arquivos de programas\Intel Desktop Board Audio Driver
2007-04-24 20:43:18	--------	d-----w	C:\Arquivos de programas\Intel
2007-04-24 20:24:49	--------	d-----w	C:\Arquivos de programas\Microsoft.NET
2007-04-24 20:23:48	--------	d-----w	C:\Arquivos de programas\Microsoft Works
2007-04-24 20:09:54	499,712	----a-w	C:\WINDOWS\system32\msvcp71.dll
2007-04-24 12:51:26	--------	d-----w	C:\Arquivos de programas\microsoft frontpage
2007-04-24 12:51:05	0	--sha-r	C:\MSDOS.SYS
2007-04-24 12:51:05	0	--sha-r	C:\IO.SYS
2007-04-24 12:51:05	0	----a-w	C:\CONFIG.SYS
2007-04-24 12:51:05	0	----a-w	C:\AUTOEXEC.BAT
2007-04-24 12:49:42	--------	d--h--w	C:\Arquivos de programas\WindowsUpdate
2007-04-24 12:49:38	--------	d-----w	C:\Arquivos de programas\Serviços on-line
2007-04-24 12:48:43	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\Serviços
2007-04-24 12:48:38	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\MSSoap
2007-04-24 12:48:27	--------	d-----w	C:\Arquivos de programas\Movie Maker
2007-04-24 12:47:27	21,844	----a-w	C:\WINDOWS\system32\emptyregdb.dat
2007-04-24 12:47:01	--------	d-----w	C:\Arquivos de programas\Messenger
2007-04-24 12:46:55	--------	d-----w	C:\Arquivos de programas\MSN Gaming Zone
2007-04-24 12:46:44	--------	d-----w	C:\Arquivos de programas\Windows NT
2007-04-24 09:28:12	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\ODBC
2007-04-24 09:28:09	--------	d-----w	C:\Arquivos de programas\Arquivos comuns\SpeechEngines
2007-04-23 00:15:29	3,596,288	----a-w	C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:18	200,704	----a-w	C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18	1,044,480	----a-w	C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34	73,728	----a-w	C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:34	196,608	----a-w	C:\WINDOWS\system32\dtu100.dll
2007-04-23 00:02:33	53,248	----a-w	C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 00:02:31	593,920	----a-w	C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31	57,344	----a-w	C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31	344,064	----a-w	C:\WINDOWS\system32\dpus11.dll
2007-04-23 00:02:31	294,912	----a-w	C:\WINDOWS\system32\dpu11.dll
2007-04-23 00:02:31	294,912	----a-w	C:\WINDOWS\system32\dpu10.dll
2007-04-23 00:01:47	12,288	----a-w	C:\WINDOWS\system32\DivXWMPExtType.dll
2007-04-23 00:01:46	124,472	----a-w	C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-18 11:51:20	2,113,536	----a-w	C:\WINDOWS\system32\python25.dll


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}=F:\Arquivos de programas\FlashGet\jccatch.dll [2007-04-13 05:34]
{F156768E-81EF-470C-9057-481BA8380DBA}=F:\Arquivos de programas\FlashGet\getflash.dll [2007-04-13 06:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fresh Desktop"="C:\Arquivos de programas\Fresh Desktop\freshdesktop.exe" [2004-08-11 15:20]
"QuickTime Task"="F:\Arquivos de programas\Quicktime\qttask.exe" [2007-04-27 09:41]
"MessengerPlus3"="C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" [2007-06-19 10:15]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45]
"updateMgr"="C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]
"MessengerPlus3"="C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" [2007-06-19 10:15]
"MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-08-04 00:56]
"msnmsgr"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Arquivos de programas\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)


**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2007-06-24 00:30:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

 cmd.exe [6076]


scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-24  0:31:37

--- E O F ---

[jgarcia 1]

Opa jorgebonafe,

 

1. Baixe o SmitfraudFix;

 

2. Desabilite a proteção do seu anti-vírus (temporariamente);

 

3. Extraia o arquivo SmitFraudFix para o seu desktop;

 

4. Reinicie em Modo Seguro;

 

5. Execute o SmitfraudFix dando um duplo clique sobre smitfraudfix.cmd --> escolha a Opção 2;

 

6. Responda sim (y) à pergunta sobre a limpeza no registro (Do you want to clean the registry?);

 

7. Aguarde o término do scan e a geração do log;

 

8. Reinicie em Modo Normal;

 

9. Reabilite o seu anti-vírus;

 

10. Poste o log do SmitfraudFix (opção 2) + log HijackThis (gerado em Modo Normal).

 

Abraços.

[jorgebonafe 0]

Log do Hijack This

 

Logfile of HijackThis v1.99.1

Scan saved at 22:14:08, on 29/6/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\MATLAB7\webserver\bin\win32\matlabserver.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - F:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - F:\Arquivos de programas\FlashGet\getflash.dll

O4 - HKLM\..\Run: [Fresh Desktop] C:\Arquivos de programas\Fresh Desktop\freshdesktop.exe

O4 - HKLM\..\Run: [QuickTime Task] "F:\Arquivos de programas\Quicktime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Download All with FlashGet - F:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Download with FlashGet - F:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\j2re1.4.2_05\bin\npjpi142_05.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB7\webserver\bin\win32\matlabserver.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

 

Log do SmitfraudFix:

 

SmitFraudFix v2.197

 

Scan done at 22:09:30,23, --- 29/06/2007

Run from C:\Documents and Settings\Jorge\Desktop\SmitfraudFix\SmitfraudFix

OS: Microsoft Windows XP [versao 5.1.2600] - Windows_NT

The filesystem type is NTFS

Fix run in safe mode

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

 

 

»»»»»»»»»»»»»»»»»»»»»»»» hosts

 

 

127.0.0.1 localhost

 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

 

GenericRenosFix by S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» DNS

 

HKLM\SYSTEM\CCS\Services\Tcpip\..\{FE798BF4-3DEF-4736-82FA-F51FBA3C9A4F}: DhcpNameServer=200.174.144.14 200.174.144.15

HKLM\SYSTEM\CS1\Services\Tcpip\..\{FE798BF4-3DEF-4736-82FA-F51FBA3C9A4F}: DhcpNameServer=200.174.144.14 200.174.144.15

HKLM\SYSTEM\CS2\Services\Tcpip\..\{FE798BF4-3DEF-4736-82FA-F51FBA3C9A4F}: DhcpNameServer=200.174.144.14 200.174.144.15

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=200.174.144.14 200.174.144.15

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=200.174.144.14 200.174.144.15

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

 

Registry Cleaning done.

 

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» End

 

Loader.exe permanece...

[jgarcia 1]

Opa jorgebonafe,

 

Vamos tentar resolver o problema remanescente por meio do CCleaner -> baixe aqui.

 

1. Para efetivar a limpeza basta marcar a opção Limpador – no alto e à esquerda – e clicar em Executar Cleaner – abaixo e à direita. Neste caso você poderá optar pela limpeza do Windows, de Programas ou de ambos;

 

2. Para a correção de erros basta escolher a opção Erros – no alto e à esquerda – clicar em Localizar erros – abaixo e à esquerda – e depois em Corrigir Erros Selecionados – abaixo e à direita (por padrão todos serão selecionados);

 

3. Em Ferramentas – no alto e à esquerda – você poderá efetivar a desinstalação de programas (os mesmos contidos em Adicionar / Remover programas) ou ainda remover processos de programas contidos na inicialização (somente para usuários experientes);

 

4. Em Opções encontram-se os dispositivos de configuração do CCleaner, os quais sugiro que permaneçam inalterados.

 

Execute as ações acima (apenas 1. e 2.) e retorne com o resultado.

 

Abraços.

[jorgebonafe 0]

A limpeza deletou um monte de coisas. A lista ta aqui em baixo. A correção de erros corrigiu um monte de coisa tbm, mas não deixou um log nem nada assim... Mas a maldita tela ainda está lá. Isso é malware mesmo?

Limpeza completa - (46,617 segundos)------------------------------------------------------------------------------------------109,6MB removidos.------------------------------------------------------------------------------------------Detalhes dos arquivos removidos------------------------------------------------------------------------------------------Arquivos temporários do Internet Explorer (12808 arquivos) 52,9MBCookie:jorge@google.com/mail/(&H100001) 267 bytesCookie:jorge@google.com.br/(&H100001) 133 bytesCookie:jorge@rad.msn.com/(&H100001) 690 bytesCookie:jorge@download.blender.org/release/Blender2.44/(&H100001) 541 bytesCookie:jorge@us.playstation.com/(&H100001) 94 bytesCookie:jorge@forum.narutounlimited.com/(&H100001) 186 bytesCookie:jorge@doubleclick.net/(&H100001) 83 bytesCookie:jorge@google.com/(&H100001) 130 bytesCookie:jorge@forums.toonzone.net/(&H100001) 487 bytesCookie:jorge@ad.adnetwork.com.br/(&H100001) 259 bytesCookie:jorge@messenger.msn.com/(&H100001) 96 bytesCookie:jorge@forums.narutofan.com/(&H100001) 537 bytesCookie:jorge@as-eu.falkag.net/(&H100001) 107 bytesCookie:jorge@img.mixplay.tv/(&H100001) 104 bytesCookie:jorge@www.unicamp.br/webmail/src/(&H100001) 433 bytesCookie:jorge@ig.com.br/(&H100001) 80 bytesCookie:jorge@google.com/accounts/(&H100001) 277 bytesCookie:jorge@youtube.com/(&H100001) 218 bytesCookie:jorge@yahoo.com/(&H100001) 82 bytesCookie:jorge@forum.jogos.uol.com.br/(&H100001) 98 bytesCookie:jorge@ads.pointroll.com/(&H100001) 380 bytesCookie:jorge@atdmt.com/(&H100001) 95 bytesCookie:jorge@uol.com.br/(&H100001) 111 bytesCookie:jorge@www.icover.com.br/(&H100001) 88 bytesCookie:jorge@cmt.us.playstation.com/(&H100001) 1,16KBCookie:jorge@terra.com.br/(&H100001) 108 bytesCookie:jorge@boardsus.playstation.com/(&H100001) 97 bytesCookie:jorge@onlinestores.metaservices.microsoft.com/serviceswitching/(&H100001) 147 bytesCookie:jorge@www.dukaramba.com/(&H100001) 80 bytesCookie:jorge@www.kinoplex.com.br/(&H100001) 87 bytesCookie:jorge@web2.checkm8.com/(&H100001) 847 bytesCookie:jorge@www.unicamp.br/webmail/(&H100001) 99 bytesCookie:jorge@mail.google.com/mail(&H100001) 107 bytesCookie:jorge@www.bandaicg.com/naruto/(&H100001) 182 bytesCookie:jorge@hotmail.msn.com/(&H100001) 70 bytesCookie:jorge@iglc.ad.adnetwork.com.br/(&H100001) 143 bytesCookie:jorge@de.uol.com.br/(&H100001) 98 bytesCookie:jorge@adserver.easyad.info/(&H100001) 182 bytesCookie:jorge@live.com/(&H100001) 333 bytesCookie:jorge@www.winamp.com/(&H100001) 534 bytesCookie:jorge@forum.ievolutionweb.com/(&H100001) 308 bytesCookie:jorge@download.divx.com/divx/(&H100001) 1,01KBCookie:jorge@login.live.com/(&H100001) 181 bytesCookie:jorge@msn.com/(&H100001) 432 bytesCookie:jorge@ehg-sonycomputer.hitbox.com/(&H100001) 103 bytesCookie:jorge@narutofan.com/(&H100001) 585 bytesCookie:jorge@dukaramba.com/(&H100001) 417 bytesMarcado para ser removido: C:\Documents and Settings\Jorge\Cookies\index.datC:\WINDOWS\TEMP\ASPNETSetup_00000.log 4,89KBC:\WINDOWS\TEMP\ASPNETSetup_00001.log 4,89KBC:\WINDOWS\TEMP\Perflib_Perfdata_140.dat 16,00KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\1vo49.tmp 0 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\alm.log 12,63KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\amt.log 16,62KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\dw.log 78 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\joq45.tmp 0 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\+qioymCkyluhELaMCy3E+EnvSwA= 10,46KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\5ISrCc3tyboIiQBnopbYqjS8l94= 18,64KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\asazxL8PKtyjCdjBrXeENDzI+SU= 2,13KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\Ds+v3o01wG62F8baF+qVT6HuAKnk= 17,73KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\dZAz5AwGHceXzvtb3mVeLoDIiW4= 5,30KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\ECHzDxcwAMi6UnYuIJNZLRFi2FDA= 0,15MBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\gWhHsXlVwSrjlLmTElNbRWghhY8= 16,14KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\IVWUyHGRUczHV9ONZl2BF3nxfc0= 2,24KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\kH9U+Xo5JIYxjBqRgwyjs5HlGPQ= 1,61KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\kqzqqTHn4jNULKzvTVd83aa2F1fs= 2,43KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\lB6H5iG3mDSerSkqWe5NkzJyMDk= 23,70KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\m3hYktgoIgF2FOhVQyiLQz+BPmWs= 9,39KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\n1SBLrjwXw9DBFBxVLnITkVo+Ps= 9,25KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\nZIH1qNnraN50bCOQ46iD8+hMQE= 22,58KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\rz07xgqXbvRXDr7AgNC2FetJsG5Y= 12,59KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\sqrRZDBVFbhaTziKTiXHRKPF19A= 2,66KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\TgLb4aumxN2FrWg6VkkubFWU4tKc= 3,32KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\TWqcRVAFn3556lUwCh8wmHpuNGg= 28,10KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\MessengerCache\XClbCoQ7EWe1VZIux8F3f2FUdAA4= 50,37KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\msiutil(1).log 3,52KBC:\DOCUME~1\Jorge\CONFIG~1\Temp\TWAIN.LOG 693 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\Twain001.Mtx 2 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\Twunk001.MTX 156 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\Twunk002.MTX 0 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\xfe7A.tmp 0 bytesC:\DOCUME~1\Jorge\CONFIG~1\Temp\ycomp_setup.exe 1,56MBC:\WINDOWS\system32\wbem\Logs\FrameWork.log 32,99KBC:\WINDOWS\system32\wbem\Logs\mofcomp.log 12,23KBC:\WINDOWS\system32\wbem\Logs\replog.log 404 bytesC:\WINDOWS\system32\wbem\Logs\setup.log 4,84KBC:\WINDOWS\system32\wbem\Logs\wbemcore.log 143 bytesC:\WINDOWS\system32\wbem\Logs\wbemess.log 62,43KBC:\WINDOWS\system32\wbem\Logs\wbemprox.log 2,72KBC:\WINDOWS\system32\wbem\Logs\wmiadap.log 1,65KBC:\WINDOWS\system32\wbem\Logs\wmiprov.log 34,39KBC:\WINDOWS\system32\wbem\Logs\wbemess.lo_ 64,03KBC:\WINDOWS.log 0 bytesC:\WINDOWS\aksdrvsetup.log 56,54KBC:\WINDOWS\chipset.log 653 bytesC:\WINDOWS\cmsetacl.log 200 bytesC:\WINDOWS\comsetup.log 0,17MBC:\WINDOWS\DirectX.log 100,87KBC:\WINDOWS\DPINST.LOG 6,15KBC:\WINDOWS\DtcInstall.log 133 bytesC:\WINDOWS\FaxSetup.log 0,48MBC:\WINDOWS\iis6.log 0,55MBC:\WINDOWS\imsins.log 1,34KBC:\WINDOWS\InstalaRecnet.log 3,48KBC:\WINDOWS\KB873339.log 37,27KBC:\WINDOWS\KB885835.log 43,77KBC:\WINDOWS\KB885836.log 43,42KBC:\WINDOWS\KB886185.log 17,98KBC:\WINDOWS\KB887472.log 37,26KBC:\WINDOWS\KB888302.log 25,80KBC:\WINDOWS\KB890046.log 33,93KBC:\WINDOWS\KB890859.log 22,62KBC:\WINDOWS\KB891781.log 34,40KBC:\WINDOWS\KB893756.log 42,04KBC:\WINDOWS\KB893803v2.log 23,48KBC:\WINDOWS\KB894391.log 23,46KBC:\WINDOWS\KB896358.log 39,08KBC:\WINDOWS\KB896423.log 38,27KBC:\WINDOWS\KB896428.log 23,13KBC:\WINDOWS\KB898461.log 8,33KBC:\WINDOWS\KB899587.log 50,79KBC:\WINDOWS\KB899591.log 42,40KBC:\WINDOWS\KB900485.log 42,14KBC:\WINDOWS\KB900725.log 28,26KBC:\WINDOWS\KB901017.log 42,35KBC:\WINDOWS\KB901190.log 24,93KBC:\WINDOWS\KB901214.log 33,47KBC:\WINDOWS\KB902400.log 40,96KBC:\WINDOWS\KB904706.log 24,39KBC:\WINDOWS\KB905414.log 32,78KBC:\WINDOWS\KB905749.log 25,12KBC:\WINDOWS\KB908519.log 21,20KBC:\WINDOWS\KB908531.log 26,25KBC:\WINDOWS\KB910437.log 29,02KBC:\WINDOWS\KB911280.log 41,90KBC:\WINDOWS\KB911562.log 42,39KBC:\WINDOWS\KB911564.log 25,59KBC:\WINDOWS\KB911927.log 43,39KBC:\WINDOWS\KB913580.log 26,00KBC:\WINDOWS\KB914388.log 35,19KBC:\WINDOWS\KB914389.log 20,98KBC:\WINDOWS\KB916595.log 25,03KBC:\WINDOWS\KB917344.log 33,56KBC:\WINDOWS\KB917734.log 39,62KBC:\WINDOWS\KB917953.log 34,33KBC:\WINDOWS\KB918118.log 31,92KBC:\WINDOWS\KB918439.log 36,94KBC:\WINDOWS\KB919007.log 32,91KBC:\WINDOWS\KB920213.log 27,08KBC:\WINDOWS\KB920670.log 35,48KBC:\WINDOWS\KB920683.log 21,42KBC:\WINDOWS\KB920685.log 41,70KBC:\WINDOWS\KB920872.log 35,56KBC:\WINDOWS\KB922582.log 23,03KBC:\WINDOWS\KB922819.log 46,12KBC:\WINDOWS\KB923191.log 31,12KBC:\WINDOWS\KB923414.log 44,36KBC:\WINDOWS\KB923689.log 27,85KBC:\WINDOWS\KB923980.log 44,14KBC:\WINDOWS\KB924191.log 46,51KBC:\WINDOWS\KB924270.log 42,02KBC:\WINDOWS\KB924496.log 39,54KBC:\WINDOWS\KB924667.log 39,99KBC:\WINDOWS\KB925398.log 33,13KBC:\WINDOWS\KB925902.log 37,56KBC:\WINDOWS\KB926255.log 27,54KBC:\WINDOWS\KB926436.log 35,01KBC:\WINDOWS\KB927779.log 50,47KBC:\WINDOWS\KB927802.log 47,01KBC:\WINDOWS\KB927891.log 31,55KBC:\WINDOWS\KB928255.log 45,49KBC:\WINDOWS\KB928843.log 18,31KBC:\WINDOWS\KB929123.log 36,19KBC:\WINDOWS\KB929969.log 43,88KBC:\WINDOWS\KB930178.log 36,26KBC:\WINDOWS\KB930916.log 24,71KBC:\WINDOWS\KB931261.log 38,28KBC:\WINDOWS\KB931784.log 45,56KBC:\WINDOWS\KB931836.log 49,83KBC:\WINDOWS\KB932168.log 35,21KBC:\WINDOWS\KB933566.log 44,60KBC:\WINDOWS\KB935839.log 24,36KBC:\WINDOWS\KB935840.log 24,79KBC:\WINDOWS\MedCtrOC.log 34,24KBC:\WINDOWS\msgsocm.log 24,69KBC:\WINDOWS\msmqinst.log 0,16MBC:\WINDOWS\netfxocm.log 86,28KBC:\WINDOWS\ntdtcsetup.log 0,10MBC:\WINDOWS\ocgen.log 0,23MBC:\WINDOWS\ocmsn.log 30,64KBC:\WINDOWS\regopt.log 1,63KBC:\WINDOWS\sessmgr.setup.log 1022 bytesC:\WINDOWS\setupact.log 0,18MBC:\WINDOWS\setupapi.log 0,50MBC:\WINDOWS\setuperr.log 0 bytesC:\WINDOWS\spupdsvc.log 923 bytesC:\WINDOWS\tabletoc.log 25,22KBC:\WINDOWS\tsoc.log 0,22MBC:\WINDOWS\updspapi.log 26,70KBC:\WINDOWS\wmsetup.log 84,39KBC:\WINDOWS\wmsetup10.log 460 bytesC:\WINDOWS\imsins.BAK 1,34KBC:\WINDOWS\IE4 Error Log.txt 1,02KBC:\WINDOWS\ntbtlog.txt 0,11MBC:\WINDOWS\OEWABLog.txt 1,83KBC:\WINDOWS\setuplog.txt 478 bytesC:\WINDOWS\Debug\blastcln.log 286 bytesC:\WINDOWS\Debug\NetSetup.LOG 4,06KBC:\WINDOWS\Debug\UserMode\userenv.log 0,10MBC:\WINDOWS\Debug\UserMode\userenv.bak 0,30MBC:\WINDOWS\security\logs\backup.log 2,78KBC:\WINDOWS\security\logs\SceRoot.log 558 bytesC:\WINDOWS\security\logs\scesetup.log 0,40MBC:\WINDOWS\security\logs\scecomp.old 326 bytesArquivos temporários do Mozilla/Firefox (178 arquivos) 47,0MBC:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\profiles\dckf4d1n.default\history.dat 0,75MBC:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\profiles\dckf4d1n.default\downloads.rdf 206 bytesCookie removido: youtube.comCookie removido: tribalfusion.comCookie removido: doubleclick.netCookie removido: google.comCookie removido: gamepatch.seCookie removido: uol.com.brCookie removido: babylon.comCookie removido: google.com.brCookie removido: ad.uol.com.brCookie removido: google.comCookie removido: mail.google.comCookie removido: google.comCookie removido: www.torrentphase.comCookie removido: imasters.com.brCookie removido: forum.imasters.com.brCookie removido: imasters.com.brCookie removido: motigo.comCookie removido: m1.webstats.motigo.comCookie removido: www.seizu.orgCookie removido: ads1.mediaops.com.brCookie removido: mediaops.com.brCookie removido: webstats4u.comCookie removido: www.haitou.orgCookie removido: animeblade.com.brCookie removido: cgsociety.orgCookie removido: forums.cgsociety.orgCookie removido: cgsociety.orgCookie removido: forums.3dtotal.comCookie removido: www.cgart.com.brCookie removido: yahoo.comCookie removido: softpedia.uk.intellitxt.comCookie removido: news.softpedia.comCookie removido: sedentario.orgCookie removido: uploading.comCookie removido: fastclick.netCookie removido: ad.yieldmanager.comCookie removido: img.uploading.comCookie removido: etology.comCookie removido: animemusicvideos.orgCookie removido: specificclick.netCookie removido: statcounter.comCookie removido: 209.85.165.104Cookie removido: statcounter.comCookie removido: trankera.orgCookie removido: degracaemaisgostoso.blogspot.comCookie removido: mybloglog.comCookie removido: animepaper.netCookie removido: tv.comCookie removido: www.tv.comCookie removido: tv.comCookie removido: com.comCookie removido: popsci.comCookie removido: www.ansktracker.netCookie removido: www.paypal.comCookie removido: i28.photobucket.comCookie removido: www.abc.net.auCookie removido: miarroba.comCookie removido: mininova.orgCookie removido: 3.adbrite.comCookie removido: adbrite.comCookie removido: auctionads.comCookie removido: www.torrentz.comCookie removido: torrentz.comCookie removido: www.temppic.comCookie removido: temppic.comCookie removido: www.temppic.comCookie removido: nedstatbasic.netCookie removido: lvs.truehits.in.thCookie removido: www.g-collections.comCookie removido: aus2.mozilla.orgCookie removido: atdmt.comCookie removido: mediaplex.comCookie removido: animenewsnetwork.comCookie removido: www.animeacademy.comCookie removido: advertising.comCookie removido: amazon.comCookie removido: animenfo.comCookie removido: anidb.infoCookie removido: hongfire.comCookie removido: tnnac.netCookie removido: www.tnnac.netCookie removido: ig.com.brCookie removido: imageshack.usCookie removido: about.comCookie removido: msgshit.comCookie removido: website.wsCookie removido: hotlog.ruCookie removido: new.vnews.com.brCookie removido: dukaramba.comCookie removido: www.dukaramba.comCookie removido: dukaramba.comCookie removido: zagaia.com.brCookie removido: reddit.comCookie removido: www.kinoplex.com.brCookie removido: sparkpeople.comCookie removido: tacoda.netCookie removido: nspmotion.comCookie removido: www.unicamp.brCookie removido: iglc.ad.adnetwork.com.brCookie removido: ad.adnetwork.com.brCookie removido: www.gofish.comCookie removido: 247realmedia.comCookie removido: gofish.comCookie removido: crwdcntrl.netCookie removido: cs.sexcounter.comCookie removido: mercadolivre.com.brCookie removido: dsml.clickexperts.netCookie removido: submarino.com.brCookie removido: met-art.comCookie removido: paycounter.comCookie removido: adultfriendfinder.comCookie removido: toplist.czCookie removido: searchportal.information.comCookie removido: revenue.netCookie removido: levelupgames.com.brCookie removido: orkut.comCookie removido: br.yahoo.comCookie removido: terra.com.brCookie removido: de.uol.com.brCookie removido: www.icover.com.brCookie removido: naja.tur.brCookie removido: buscape.com.brCookie removido: sonovivoenonhopiupaura.blogspot.comCookie removido: snap.comCookie removido: as-eu.falkag.netCookie removido: repubblica.itCookie removido: videos.mp4playerss.comCookie removido: bombhare.netCookie removido: vocesa.abril.uol.com.brCookie removido: nytimes.comCookie removido: esl.about.comCookie removido: www.tolib.comCookie removido: tolib.comCookie removido: visual-novels.netCookie removido: www.visual-novels.netCookie removido: visual-novels.netCookie removido: tripod.comCookie removido: hongfire.us.intellitxt.comCookie removido: servico202.addintelligence.com.brCookie removido: fl01.ct2.comclick.comCookie removido: ad.firstadsolution.comCookie removido: rotator.its.adjuggler.comCookie removido: ad.firstadsolution.comCookie removido: ads.infinite-ads.comCookie removido: adecn.comCookie removido: rotator.its.adjuggler.comCookie removido: adecn.comCookie removido: ad2.adecn.comCookie removido: ads.infinite-ads.comCookie removido: ads.marketingsector.comCookie removido: richardwiseman.comCookie removido: webpower.comCookie removido: doom3world.orgCookie removido: www.ogre3d.orgCookie removido: sourceforge.netCookie removido: blender.orgCookie removido: blenderartists.orgCookie removido: forums.introversion.co.ukCookie removido: estudiolivre.orgCookie removido: shopfacil.com.brCookie removido: www.divx.comCookie removido: divx.comCookie removido: www.divx.comCookie removido: www.blendernation.comCookie removido: www.divx.comCookie removido: desktop.google.comCookie removido: ssl-hints.netflame.ccCookie removido: divx.112.2o7.netCookie removido: stats.adbrite.comCookie removido: cccp-project.netCookie removido: forums.gotwoot.netCookie removido: narutofan.comCookie removido: forums.narutofan.comCookie removido: www.mangaka.co.zaCookie removido: mangahelpers.comCookie removido: stoptazmo.comCookie removido: revsci.netCookie removido: offermatica.comCookie removido: www.cosforums.comCookie removido: cosforums.comCookie removido: www.cosforums.comCookie removido: www.bandaicg.comCookie removido: www.ananova.comCookie removido: ananova.comCookie removido: hits.e.clCookie removido: pontofrio.com.brC:\Documents and Settings\Jorge\Dados de aplicativos\Apple Computer\QuickTime\QTPlayerSession.xml 2,91KBC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent2_ficha_de_cadastro.doc.LNK 755 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent\ATTODIASSENSO.doc.LNK 720 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent\DCELab05.doc.url 67 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent\Desktop.LNK 580 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent\index.dat 159 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent\Templates.LNK 785 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Microsoft\Office\Recent\~adson em www.ene.unb.br.url 55 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\br.youtube.com\soundData.sol 58 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\cartoonnetwork.com.br\CN_users.sol 438 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\com.br\CN_users.sol 156 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\fhm.permissiontv.com\_com_ptv_.ptv.sol 92 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\images.metacafe.com\MetacafeFlashVideoPlayer.sol 64 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\kaze.fr\flash\club.swf\TestMovie_Config_Info.sol 341 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\oddcast.com\vhsssecure.php\oddcast_vhss.sol 67 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\pagead2.googlesyndication.com\pagead\googleadplayer.swf\mediaPlayerUserSettings.sol 94 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\uk.2mdn.net\ft659-282.sol 74 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol 97 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\wp.vizu.com\vizuUserData.sol 203 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\www.gofish.com\pervol2.sol 80 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\www.skinvideo.com\f\skinVideoRoot.swf\guba_video.sol 73 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\www.youtube.com\soundData.sol 58 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\#SharedObjects\HAWJJJG4\youtube.com\soundData.sol 58 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#br.youtube.com\settings.sol 84 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cartoonnetwork.com.br\settings.sol 91 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#com.br\settings.sol 76 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#fhm.permissiontv.com\settings.sol 90 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#images.metacafe.com\settings.sol 89 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#kaze.fr\settings.sol 77 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#oddcast.com\settings.sol 81 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#pagead2.googlesyndication.com\settings.sol 99 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#uk.2mdn.net\settings.sol 81 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#video.google.com\settings.sol 86 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#wp.vizu.com\settings.sol 81 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.gofish.com\settings.sol 84 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.skinvideo.com\settings.sol 87 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com\settings.sol 85 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#youtube.com\settings.sol 81 bytesC:\Documents and Settings\Jorge\Dados de aplicativos\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 644 bytesC:\Arquivos de programas\Ahead\Nero\NeroHistory.log 87,28KB------------------------------------------------------------------------------------------

[jgarcia 1]

Opa jorgebonafe,

 

Qual é o caminho do arquivo Loader.exe que aparece na mensagem?

[Marcio Veloso 0]

Opa jorgebonafe,

 

Qual é o caminho do arquivo Loader.exe que aparece na mensagem?

 

 

Esse arquivo está no C:\Arquivos de programas\MessengerDiscovery\Loader.exe estava com um problema semelhante esses dias ...

 

esse programa é algum adendo do windows live messenger!!! não é um malware! para desativar esse aviso desative a inicialização automáica do windows live messenger no windows e não aparecerá mais a mensagem ... um detalhe importante pra quem quiser pesquisar sobre, é que achei varias entradas no editor de registro ... procurei como MessengerDiscovery, tinha bastante coisa lá!

 

Espero que tenha ajudado!

 

Att.

 

Márcio Veloso

[jorgebonafe 0]

Opa jorgebonafe,

 

Qual é o caminho do arquivo Loader.exe que aparece na mensagem?

 

 

Esse arquivo está no C:\Arquivos de programas\MessengerDiscovery\Loader.exe estava com um problema semelhante esses dias ...

 

esse programa é algum adendo do windows live messenger!!! não é um malware! para desativar esse aviso desative a inicialização automáica do windows live messenger no windows e não aparecerá mais a mensagem ... um detalhe importante pra quem quiser pesquisar sobre, é que achei varias entradas no editor de registro ... procurei como MessengerDiscovery, tinha bastante coisa lá!

 

Espero que tenha ajudado!

 

Att.

 

Márcio Veloso

 

Valew! Eu concertei o problema. A mensagem de erro não dizia o caminho do arquivo loader.exe, mas eu conferi o que você falou, e realmente essa pasta, MessengerDiscovery, existia. Eu nem saberia onde procurar, pq não fui eu quem instalou isso. Acho que meu irmão deve ter instalado esse discovery aqui, e talvez eu tenha desinstalado o msn pra atualizar ou algo assim, e o discovery não desistalou direito. O arquivo loader.exe não existia mais, mas acho que alguma configuração deve ter permanecido, pq o menu do discovery tbm aparecia no msn. Aliás, o menu estava lá, mas nenhuma das opções dele funcionavam, então deve ter sido mesmo um uninstall porco. Ele tentava abrir o discovery, mas como o arquivo não estava lá, dava pau. Eu reinstalei o discovery e desinstalei de novo, e o erro parou de ocorrer, finalmente.

 

Obrigado a vcs pela ajuda

[jgarcia 1]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto é preciso enviar uma Mensagem Privada para um Moderador com um link para o tópico.