[Arquivado] Problema no msn e windows installer

[mauricio_cg 0]

Olá pessoal, to com um pc aqui q aparentemente está normal, mas apresenta atitudes estranhas as vezes..

ele tava com um vírus de MSN q creio ter removido..

mas ele tb apresenta um problema com a instalação de remoção de alguns softwares..

diz q não consegue acessar o windows installer, sendo q ele está devidamente instalado no pc e até ja tentei sobrescreve-lo com uma versão baixada do site da MS...

impossibilitando de instalçar tb algumas atualizações do win, como MSXML...

 

segue log do hijack, erro q aparece nos eventos do sistema (sobre windows installer) e log do combofix

 

Logfile of HijackThis v1.99.1

Scan saved at 20:08:39, on 20/3/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\tsnpstd3.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R3 - URLSearchHook: CUOLSearchHook Object - {1FE8243E-0A3A-41B9-B9CE-EFFEE51974D3} - C:\Arquivos de programas\Arquivos comuns\uol\urlsearch\UOLSearchHook.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Arquivos de programas\Spyware Terminator\sp_rsser.exe

 

 

 

eventos windows erro windows installer

 

A descrição para Event ID ( 1015 ) na fonte ( MsiInstaller ) não pode ser encontrado. O computador local pode não ter as informações de registro ou arquivos DLL de mensagem necessários para exibir mensagens de um computador remoto. Talvez você possa usar o sinalizador /AUXSOURCE= para recuperar esta descrição; consulte a 'Ajuda e suporte' para obter detalhes. As informações seguintes são parte do evento: 0x80080005; (NULL); (NULL); (NULL).

 

 

ComboFix 08-03-20.5 - Den 2008-03-20 20:30:15.2 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.469 [GMT -3:00]

Executando de: C:\Documents and Settings\Den\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((( Ficheiros criados de 2008-02-20 to 2008-03-20 ))))))))))))))))))))))))))))))))

.

2008-03-20 20:23 . 2008-03-20 20:23 <DIR> d-------- C:\WINDOWS\LastGood

2008-03-20 19:56 . 2008-03-20 19:56 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

2008-03-20 19:36 . 2008-03-20 19:36 <DIR> d-------- C:\WINDOWS\Application Data\Spyware Terminator

2008-03-20 19:36 . 2008-03-20 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Spyware Terminator

2008-03-20 19:36 . 2008-03-20 19:36 <DIR> d-------- C:\Arquivos de programas\Spyware Terminator

2008-03-20 19:36 . 2008-03-20 19:36 138,752 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sp_rsdrv2.sys

2008-03-20 19:06 . 2008-03-20 19:06 <DIR> d-------- C:\Arquivos de programas\AnalogX

2008-03-20 19:04 . 2008-03-20 19:04 <DIR> d-------- C:\hijackthis

2008-03-18 22:35 . 2008-03-20 19:06 1,374 --a------ C:\WINDOWS\imsins.BAK

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador.DEN\Modelos

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> d-------- C:\Documents and Settings\Administrador.DEN\Meus documentos

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> dr------- C:\Documents and Settings\Administrador.DEN\Menu Iniciar

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> d-------- C:\Documents and Settings\Administrador.DEN\Favoritos

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> dr-h----- C:\Documents and Settings\Administrador.DEN\Dados de aplicativos

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador.DEN\Configurações locais

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador.DEN\Ambiente de rede

2008-03-18 20:06 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador.DEN\Ambiente de impressão

2008-03-18 19:56 . 2008-03-18 19:56 <DIR> d-------- C:\WINDOWS\Application Data\AVG7

2008-03-18 19:56 . 2008-03-18 19:56 <DIR> d-------- C:\Documents and Settings\LocalService\Dados de aplicativos\AVG7

2008-03-18 19:56 . 2008-03-18 19:56 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft

2008-03-18 19:50 . 2008-03-18 19:50 <DIR> d-------- C:\Arquivos de programas\CCleaner

2008-03-18 19:44 . 2008-03-18 19:44 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Avg7

2008-03-18 19:25 . 2008-03-18 19:26 268 --ah----- C:\sqmdata01.sqm

2008-03-18 19:25 . 2008-03-18 19:26 244 --ah----- C:\sqmnoopt01.sqm

2008-03-18 19:15 . 2008-03-18 19:15 <DIR> d--h----- C:\WINDOWS\$hf_mig$

2008-03-18 19:09 . 2008-03-18 19:10 268 --ah----- C:\sqmdata00.sqm

2008-03-18 19:09 . 2008-03-18 19:10 244 --ah----- C:\sqmnoopt00.sqm

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador\Modelos

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> d-------- C:\Documents and Settings\Administrador\Meus documentos

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> dr------- C:\Documents and Settings\Administrador\Menu Iniciar

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> d-------- C:\Documents and Settings\Administrador\Favoritos

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> dr-h----- C:\Documents and Settings\Administrador\Dados de aplicativos

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador\Configurações locais

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador\Ambiente de rede

2008-03-18 18:53 . 2006-11-22 12:28 <DIR> d--h----- C:\Documents and Settings\Administrador\Ambiente de impressão

2008-03-16 16:28 . 2001-07-06 11:41 569,344 -ra------ C:\WINDOWS\SYSTEM32\imagr5.dll

2008-03-16 16:28 . 2001-07-06 09:44 544,768 -ra------ C:\WINDOWS\SYSTEM32\imagx5.dll

2008-03-16 16:28 . 2001-07-06 15:24 283,920 -ra------ C:\WINDOWS\SYSTEM32\ImagXpr5.dll

2008-03-16 16:28 . 2001-06-26 05:15 38,912 -ra------ C:\WINDOWS\SYSTEM32\picn20.dll

2008-03-09 21:20 . 2008-03-09 21:20 <DIR> d-------- C:\WINDOWS\Application Data\Nokia Multimedia Player

2008-03-09 21:20 . 2008-03-09 21:20 <DIR> d-------- C:\Documents and Settings\Den\Phone Browser

2008-03-09 21:14 . 2008-03-09 21:14 <DIR> d-------- C:\WINDOWS\Application Data\Nokia

2008-03-09 21:14 . 2008-03-09 21:14 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\PC Suite

2008-03-09 21:12 . 2008-03-09 21:12 <DIR> d-------- C:\WINDOWS\Application Data\PC Suite

2008-03-09 21:12 . 2008-03-09 21:12 <DIR> d-------- C:\Arquivos de programas\PC Connectivity Solution

2008-03-09 21:12 . 2008-03-09 21:12 <DIR> d-------- C:\Arquivos de programas\Nokia

2008-03-09 21:12 . 2008-03-09 21:12 <DIR> d-------- C:\Arquivos de programas\DIFX

2008-03-09 21:12 . 2008-03-09 21:12 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\PCSuite

2008-03-09 21:12 . 2008-03-09 21:12 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Nokia

2008-03-09 21:12 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcd.sys

2008-03-09 21:12 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\SYSTEM32\nmwcdcls.dll

2008-03-09 21:12 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\SYSTEM32\nmwcdcocls.dll

2008-03-09 21:12 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcm.sys

2008-03-09 21:12 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdcj.sys

2008-03-09 21:12 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nmwcdc.sys

2008-03-09 21:01 . 2008-03-09 21:01 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Installations

2008-03-09 21:01 . 2008-03-09 21:01 20,992 --a------ C:\WINDOWS\jestertb.dll

2008-03-09 13:59 . 2008-03-09 13:59 <DIR> d-------- C:\Arqs K-Lite.com.br

2008-03-04 20:14 . 2008-03-04 20:14 4,408 --------- C:\BEER_SOL.MDS

2008-03-04 20:12 . 2008-03-04 20:14 788,869,120 --------- C:\BEER_SOL.I03

2008-03-04 20:10 . 2008-03-04 20:12 1,073,741,824 --------- C:\BEER_SOL.I02

2008-03-04 20:08 . 2008-03-04 20:10 1,073,741,824 --------- C:\BEER_SOL.I01

2008-03-04 20:06 . 2008-03-04 20:14 1,073,741,824 --------- C:\BEER_SOL.I00

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-11 05:37 44,544 ------w C:\WINDOWS\SYSTEM32\dllcache\pngfilt.dll

2007-05-19 00:19 1,463,912 ----a-w C:\Arquivos de programas\XxBoYxX.exe

2007-05-19 00:19 1,463,912 ----a-w C:\Arquivos de programas\My_Love.MSNFix

2006-11-22 15:08 266 --sh--w C:\Arquivos de programas\desktop.ini

2006-11-22 15:08 11,280 ---h--w C:\Arquivos de programas\folder.htt

2004-10-01 18:00 40,960 ----a-w C:\Arquivos de programas\Uninstall_CDS.exe

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]

@={7D688A77-C613-11D0-999B-00C04FD655E1}

[HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]

2007-10-25 13:57 8484352 --a------ C:\WINDOWS\SYSTEM32\SHELL32.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-06-19 13:21 114688]

"SystemTray"="SysTray.Exe" [2001-10-28 15:07 3072 C:\WINDOWS\SYSTEM32\systray.exe]

"SoundMan"="SOUNDMAN.EXE" [2004-12-22 07:09 77824 C:\WINDOWS\SOUNDMAN.EXE]

"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-09-05 15:55 339968]

"RemoteControl"="C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]

"AVG7_CC"="C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe" [2008-03-19 07:17 579072]

"PCSuiteTrayApplication"="C:\Arquivos de programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]

"LGODDFU"="C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" [2007-04-16 22:02 249856]

"MSConfig"="C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.exe" [2004-08-04 00:45 159744]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360]

"Nokia.PCSync"="C:\Arquivos de programas\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]

"AVG7_Run"="C:\ARQUIV~1\Grisoft\AVG7\avgw.exe" [2008-03-19 07:17 219136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

C:\Arquivos de programas\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--------- 2004-10-13 13:24 1694208 C:\Arquivos de programas\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

-ra------ 2001-07-09 08:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]

--------- 2002-02-04 22:32 53248 C:\Arquivos de programas\REGSHAVE\REGSHAVE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]

"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\WINDOWS\\System32\\rundll32.exe"=

"C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"=

"C:\\Arquivos de programas\\K-LiteNitro\\giFT\\giFTl.exe"=

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avginet.exe"=

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avgamsvr.exe"=

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avgcc.exe"=

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avgemc.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

 

.

Conteúdo da pasta 'Tarefas Agendadas'

"2008-02-03 02:00:02 C:\WINDOWS\Tasks\Aplicativo de ajuste.job"

"2008-03-20 22:58:02 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job"

- C:\Arquivos de programas\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-20 20:32:30

Windows 5.1.2600 Service Pack 2 FAT NTAPI

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusão: 2008-03-20 20:33:15

.

2008-03-20 23:25:23 --- E O F ---

 

 

Obrigado

[]'s

[jgarcia 1]

Opa mauricio_cg,

 

Vá em Iniciar -> Executar -> digite msconfig -> dê Ok -> aba Inicializar -> marque todas as caixas. Feito isto poste um novo log.

 

Abraços.

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 20 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.