[Resolvido!] ie não abre o hotmail nem imprime

prrsilva · Agosto 26, 2008

olá preciso de ajuda, pois meu antivirus virusscan plus deu problema entrei em contato com suporte técnico e me aconselharam a fazer o seguinte procedimento:

Descarregue e execute a ferramenta MCPR para remover os rastros que foram deixados do software no computador.

http://download.mcafee.com/products/licens...atches/MCPR.exe

Abra o Internet Explorer e

Vá para menu Ferramentas >> Opções da Internet

Na guia Geral. Terá de excluir os cookies e os ficheiros temporários.

Na guia Segurança. Selecione Internet e coloque o nível "medio", se não consegue alterar

estas configurações dê clique em "nível padrão".

Na guia Privacidade. A privacidade da zona de internet deve estar "aceitar todos os coockies", se não consegue alterar

estas configurações dê clique no botão de "nível padrão".

na mesma guia de Privacidade dê um clique no botão avançado

Ignorar manipulação automatica de cookies deve estar ACTIVADO

Coockies primarios ACEITAR

Coockies secundarios ACEITAR

Permitir sempre coockies por sessão deve estar ACTIVADO

Clique em OK

Na guia Programas. Certifique-se que o Internet Explorer é o Aplicativo padrão de navegação.

Na guia Avançadas. Procure Segurança(do lado tem o desenho dum aloquete amarelo)

embaixo de segurança procure Verificar revogação de certificados do servidor, DEVE ESTAR DESACTIVADA

Dê clique em "restaurar padrões".

Para terminar clique em "aplicar" e depois "Ok".

No menu iniciar, clique em executar e coloque %temp%, e apague as pastas e/ou ficheiros lá contidos

Agora na caixa de executar coloque PREFETCH e apague as pastas e/ou ficheiros lá contidos também

Vai na tua conta

http://br.mcafee.com/root/MyAccount.asp

Coloca o teu e-mail registrado e a palavra-passe padrão "mcafee123"

irás ter acesso ao software que tens comprado numa versão mais actualizada, clica na seta (botão DOWNLOAD)

e faz o download da ferramenta que irá reinstalar o mcafee.

fiz estes procedimentos so que não resolveu o problema e apartir dai meu ie 7 não abre o site do hotmail e fui imprimir um formulario nem abriu a caixa de impressão muito menos imprimiu, ja tentei desistalar e instalar de novo o ie não estou conseguindo. o que devo fazer?

tomwp · Agosto 27, 2008

Olá prrsilva.

- Primeiramente quando voce poem para imprimir da algum erro? ou apenas nao imprimi?

- voce tem outro browser para testar a impressao? e a entrada no site do hotmail?

- e seu usuario nao eh restrito neh?

Tente Desativar o Modo Protegido através das opções da Internet, guia segurança.

ou se nao, e veja se isso te ajuda:

http://support.microsoft.com/kb/303360/pt-br

Tom :thumbsup:

prrsilva · Agosto 27, 2008

olá, tomwp

- apenas não imprime

- ja tentei outro navegador o firefox e imprime normal e tambem entra no hotmail

- como desativo o modo protegido? pois não vejo esta opção na guia de segurança

prrsilva · Agosto 28, 2008

olá, tomwp

- apenas não imprime

- ja tentei outro navegador o firefox e imprime normal e tambem entra no hotmail

- como desativo o modo protegido? pois não vejo esta opção na guia de segurança

para completar não abre a pagina do windows update dar concluido e fica toda em branco.

como posso resolver este problema?

Laurentino Mello · Agosto 28, 2008

Restaure o Windows para uma data anterior a data que você fez as alterações nas opções da internet.

Se tiver dúvida de como restaurar use o link abaixo:

http://www.microsoft.com/brasil/windowsxp/.../restaurar.mspx

Após realizar os precedimentos, poste aqui o resultado.

prrsilva · Agosto 29, 2008

olá TINOtec quando tento restaurar fica só uma tela branca não abre a tela de restauração não sei o que esta acontecendo.

Edvan · Agosto 29, 2008

Já pensou na ipotise de ser um vírus prrsilva??

Não custa nada ver isso cara, vamos lá aos procedimentos iniciais:

Baixe o HijackThis versão 2.0.2.

Depois > Iniciar > Meu Computador > 02 cliques no C > Coloca o HijackThis no C (para uma pasta própria tipo c:/Hijack).

Execute o Hijack a partir do C, fechando os demais programas (deixando somente a área de trabalho).

Clique em Do a system scan and save a logfile, mas não marque nada, apenas poste o log gerado em um TÓPICO PRÓPRIO, que no seu caso você vai postar esse log em Segurança & Malwares... :thumbsup: :thumbsup:

Vamos ver se resolve essa bronca pois está cheirando a vírus isso aí viu!!.. :blink: :blink:

Laurentino Mello · Agosto 29, 2008

Movido: Softwares :seta: Segurança & Malwares

Poste seu log, conforme orientações do Edvan e aguarde as instruções dos especialistas em segurança.

prrsilva · Agosto 29, 2008

olá pessoal conforme orientação do EDVAN logfile do hijacktis espero que alguem me ajude pois ele esta suspeitando de virus, de antemão agradeço pela atenção.

Logfile of HijackThis v1.99.1

Scan saved at 20:43:47, on 29/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe

C:\WINDOWS\system32\carpserv.exe

C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Ahead\InCD\InCD.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe

C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Arquivos de programas\Motherboard Monitor 5\MBM5.EXE

C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\wuauclt.exe

C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gbiehCef.dll

O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Arquivos de programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn2\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar3.dll

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Arquivos de programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\sisUSBrg.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [MBM 5] "C:\Arquivos de programas\Motherboard Monitor 5\MBM5.EXE"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Arquivos de programas\Windows Media Player\WMPNSCFG.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O9 - Extra button: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O11 - Options group: [iNTERNATIONAL] International*

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.oi.com.br

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168391894562

O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) -

O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by113fd.bay113.hotmail.msn.com/activex/HMAtchmt.ocx

O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) -

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: rmh - {23C585BB-48FF-4865-8934-185F0A7EB84C} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/msword - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter: application/vnd-viewer - {CD4527E8-4FC7-48DB-9806-10537B501237} - (no file)

O18 - Filter: application/vnd.ms-excel - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter: application/vnd.ms-powerpoint - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

prrsilva · Agosto 31, 2008

olá pessoal conforme orientação do EDVAN logfile do hijacktis espero que alguem me ajude pois ele esta suspeitando de virus, de antemão agradeço pela atenção.

Logfile of HijackThis v1.99.1

Scan saved at 20:43:47, on 29/08/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe

C:\WINDOWS\system32\carpserv.exe

C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Ahead\InCD\InCD.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe

C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Arquivos de programas\Motherboard Monitor 5\MBM5.EXE

C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\wuauclt.exe

C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60327

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gbiehCef.dll

O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Arquivos de programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn2\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar3.dll

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Arquivos de programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\sisUSBrg.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [MBM 5] "C:\Arquivos de programas\Motherboard Monitor 5\MBM5.EXE"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Arquivos de programas\Windows Media Player\WMPNSCFG.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O9 - Extra button: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\WINDOWS\System32\shdocvw.dll (HKCU)

O11 - Options group: [iNTERNATIONAL] International*

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.oi.com.br

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168391894562

O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) -

O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by113fd.bay113.hotmail.msn.com/activex/HMAtchmt.ocx

O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) -

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: rmh - {23C585BB-48FF-4865-8934-185F0A7EB84C} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/msword - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter: application/vnd-viewer - {CD4527E8-4FC7-48DB-9806-10537B501237} - (no file)

O18 - Filter: application/vnd.ms-excel - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter: application/vnd.ms-powerpoint - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - (no file)

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

favor analisar meu log do hijackthis

PedroN · Setembro 1, 2008

Baixe o Combofix e salve no seu desktop.

Feche todas as janelas e programas

Dê um duplo-clique no combofix e tecle "1" em seguida enter para prosseguir com o fix. Vai durar uma média de 10 minutos (seja paciente). O combofix reiniciará o PC automaticamente para completar o processo de remoção.

Quando acabar, será gerado um log, que vai estar em C:\ComboFix.txt.

Atenção:

Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, pois senão irá parar e seu desktop ficará em branco.

Para parar ou sair do ComboFix, tecle "2" e Enter.

Depois gere um novo log com o HijackThis e poste, juntamente com o ComboFix.txt.

prrsilva · Setembro 2, 2008

boa noite Sr. Perfect segue o log do combofix

ComboFix 08-09-01.01 - ROBERTO 2008-09-01 20:58:26.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1046.18.1640 [GMT -3:00]

Executando de: C:\Documents and Settings\ROBERTO\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

ATENÇAO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!

.

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\ROBERTO\Dados de aplicativos\inst.exe

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\activextest.bat

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\Music\Level01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\Music\Level01B.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ALARM01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ALARM02.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ALARM03.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ANYLOOP.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BONUS100.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BUMPSCENERY01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BUMPSWEET01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_BUTTONCLICK.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_CASCADEGOOD.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_COMBOGOOD.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_FAILED.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_FIREWOOSH01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_KATEHURRAY01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_KATEHURRAY02.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_KEYSTROKE.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_LAUNCHERDOWN.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_POP01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PRODUCTION01.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PUREWIND.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PUSHERBONUS.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_PUSHERPOP.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ROLLINGEND.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ROLLINGLOOP.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_ROLLINGSTART.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SHERBETDONE.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SHUFFLE.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SUCKEREND.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SUCKERLOOP.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SUCKERSTART.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_SWAP.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Audio\sfx\SND_TRANSITION.ogg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\arcadepanel.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\dialog.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\fullscreendialoglocal.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\infodialog.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\longdialog.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\panel.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\screenshots.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\submitdialog.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\textfield.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\backgrounds\yesnodialog.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowdown_down.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowdown_over.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowdown_up.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowleft_down.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowleft_over.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowleft_up.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowright_down.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowright_over.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowright_up.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowup_down.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowup_over.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\bluearrowup_up.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\buttondown.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\buttonrollover.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\buttonup.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\checkdown.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\checkup.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\choosenamedown.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\choosenameover.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\long_button_down.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\long_button_over.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\long_button_up.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\sliderknob.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\sliderknobover.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\buttons\sliderrail.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\cursor\cursor.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\cursor\nocursor.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\fonts\main.mvec

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Comic\Intros.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Comic\TipWindow.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Flame.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Hot.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_PowerUp.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Ring.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Sherbet.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_Steam.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_SugarFloor.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\FX\FX_White.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach01_PistonA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach02_RingA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach02A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach03_HammerA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach03A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach04_CrankA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach04A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach05A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach06_CrossA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach06_PistonA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach06A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach07A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach08A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Machines\Mach09A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerBase01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerBase02A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop01B.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop02A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Mixers\MixerTop02B.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleBase.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleDoor.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHead.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHead2.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHole.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHoleA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHoleB.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHurray1.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleHurray2.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateAhead.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateFire.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateLeft.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleKateRight.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleSling.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleSlingA.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleTop.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Paddle\PaddleTunnel.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Sucker\SuckerTop.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Sucker\SuckerWind.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Glass\Glass01.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Ingredients\Ingredient02.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Machines\Mach02A.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Textures\Walls\Wall02.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vats\Vat01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vats\Vat01B.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vats\Vat01C.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vents\Joints\JointCross01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vents\Joints\JointStraight01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Vents\Vent01.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall01A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall01B.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall02A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall02B.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall03A.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Models\Walls\Wall03B.mesh

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Channels\Channel06.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Channels\ChannelShadow.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Channels\InsChannel.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Floors\Floor01.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Pusher\Pusher.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Pusher\PusherBang.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Pusher\PusherWheel.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Shadows\Shadow01.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Shadows\Shadow02.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetA.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetC.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetC_S.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetG.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetG_S.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetH.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetP.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetP_S.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetPUs.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetR.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetR_S.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetS.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetS_S.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Sweets\SweetShine.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Vat\MacLight01.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\Textures\Vat\VatPipes01.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\InGame\PUDialog.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Instructions\InstBackdrop.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Instructions\SweetTypes.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Loading\LoadingBar.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Loading\LoadingScreen.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\MainMenu\MainMenuScreen.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Pointers\InGameHole.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Game\UI\Pointers\InGamePointer.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\global-hs-bb_large.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\global-hs-bb_small.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\hi.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\local-hs-bb.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\hiscore\p1icon.png

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A01.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A02.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A03.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A04.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A05.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A06.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A07.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A08.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A09.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\A10.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C01.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C02.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C03.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C04.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C05.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C06.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C07.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C08.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C09.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\C10.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Levels\TestPlay.lev

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Complete.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\CPaused.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Ins.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\MoreInfo.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\TIP_K1.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L1C.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L1D.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L1E.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Pages\Tip_L5A.Pag

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\arcade.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\chooseplayer.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\complete.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\continue.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\credits.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\entername.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\game.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\hiscore.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\hiscoreinfo.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\hiscoresubmit.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\instructions.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\loading.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\mainloop.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\mainmenu.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\moreinfo.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\ok.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\options.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\pause.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\pieye.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\style.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Scripts\yesno.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Splash\PiEyeGames_logo.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Splash\playfirst_aol_logo.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\Splash\playfirst_logo.jpg

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\strings.xml

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\assets\xsellstyle.lua

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\EULA.txt

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\readme.htm

C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.20\Sweetopia.exe

.

((((((((((((((((((((((( Ficheiros criados de 2008-08-02 to 2008-09-02 ))))))))))))))))))))))))))))))))

.

2010-01-01 21:53 . 2008-04-13 23:21 23,552 --a------ C:\WINDOWS\system32\wdmaud.drv

2010-01-01 18:05 . 1997-04-18 11:53 298,496 --a------ C:\WINDOWS\unin0416.exe

2010-01-01 17:55 . 2010-01-01 17:55 <DIR> d-------- C:\Arquivos de programas\ABBYY FineReader 6.0

2010-01-01 17:54 . 2010-01-01 17:54 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software

2010-01-01 17:54 . 2007-05-06 22:18 <DIR> d-------- C:\Arquivos de programas\FaxTools

2010-01-01 17:39 . 2008-08-26 22:39 527 --a------ C:\WINDOWS\LEXSTAT.INI

2010-01-01 17:38 . 2008-04-13 15:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2010-01-01 17:22 . 2006-11-03 00:13 1,674,240 --a------ C:\WINDOWS\system32\dllcache\setup_wm.exe

2010-01-01 17:07 . 2008-04-13 23:20 2,113,536 --a------ C:\WINDOWS\system32\dxdiagn.dll

2010-01-01 16:49 . 2001-08-17 20:57 16,128 --a------ C:\WINDOWS\system32\drivers\MODEMCSA.sys

2010-01-01 16:49 . 2001-08-17 20:57 16,128 --a------ C:\WINDOWS\system32\dllcache\modemcsa.sys

2010-01-01 16:43 . 2008-05-11 20:44 <DIR> d-------- C:\WINDOWS\PeerNet

2010-01-01 16:41 . 2008-04-13 23:20 1,710,592 --a------ C:\WINDOWS\system32\netshell.dll

2010-01-01 16:41 . 2008-04-13 23:20 483,840 --a------ C:\WINDOWS\system32\wzcsvc.dll

2010-01-01 16:41 . 2008-04-13 23:20 383,488 --a------ C:\WINDOWS\system32\wzcdlg.dll

2010-01-01 16:41 . 2008-04-13 23:20 52,736 --a------ C:\WINDOWS\system32\wzcsapi.dll

2010-01-01 16:40 . 2008-04-30 22:14 <DIR> d-------- C:\WINDOWS\Downloaded Installations

2010-01-01 16:40 . 2010-01-01 16:40 <DIR> d-------- C:\Arquivos de programas\HighMAT CD Writing Wizard

2010-01-01 10:27 . 2002-07-10 12:39 32,256 -ra------ C:\WINDOWS\system32\drivers\sisnic.sys

2010-01-01 10:25 . 2008-04-13 16:19 146,048 --a------ C:\WINDOWS\system32\drivers\portcls.sys

2010-01-01 10:25 . 2008-04-13 15:45 60,160 --a------ C:\WINDOWS\system32\drivers\drmk.sys

2010-01-01 10:24 . 2010-01-01 10:24 <DIR> d-------- C:\Arquivos de programas\Gigabyte

2010-01-01 10:24 . 2001-09-05 23:50 98,304 --a------ C:\WINDOWS\system32\dllcache\a3d.dll

2010-01-01 10:24 . 2001-09-05 23:50 98,304 --a------ C:\WINDOWS\system32\a3d.dll

2010-01-01 10:24 . 2004-02-26 05:53 65,024 --a------ C:\WINDOWS\SOUNDMAN(3).EXE

2010-01-01 10:24 . 2004-02-26 05:53 65,024 --a------ C:\WINDOWS\soundman(2).exe

2010-01-01 10:19 . 2004-05-12 05:25 106,496 --------- C:\WINDOWS\system32\TVMode.dll

2010-01-01 10:16 . 2003-07-17 22:58 36,992 -ra------ C:\WINDOWS\system32\drivers\SISAGPX.SYS

2010-01-01 10:06 . 2008-04-13 15:45 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys

2010-01-01 10:06 . 2001-08-17 21:00 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys

2010-01-01 10:06 . 2001-08-17 21:00 2,944 --a------ C:\WINDOWS\system32\dllcache\msmpu401.sys

2010-01-01 03:09 . 2008-04-13 23:20 240,640 --a------ C:\WINDOWS\system32\srrstr.dll

2010-01-01 03:09 . 2008-04-13 23:20 153,088 --a------ C:\WINDOWS\system32\shmedia.dll

2010-01-01 03:09 . 2008-04-13 23:20 153,088 --a------ C:\WINDOWS\system32\dllcache\shmedia.dll

2010-01-01 03:07 . 2008-04-13 23:21 216,064 --a------ C:\WINDOWS\system32\osk.exe

2010-01-01 03:06 . 2008-04-13 23:20 605,184 --a------ C:\WINDOWS\system32\crypt32.dll

2010-01-01 03:06 . 2008-04-13 23:20 249,344 --a------ C:\WINDOWS\system32\newdev.dll

2010-01-01 03:06 . 2008-04-13 23:21 75,264 --a------ C:\WINDOWS\system32\locator.exe

2010-01-01 03:06 . 2008-04-13 23:21 72,192 --a------ C:\WINDOWS\system32\magnify.exe

2010-01-01 03:06 . 2008-04-13 23:20 62,464 --a------ C:\WINDOWS\system32\cryptsvc.dll

2010-01-01 03:06 . 2008-04-13 23:21 53,760 --a------ C:\WINDOWS\system32\narrator.exe

2010-01-01 03:05 . 2008-04-13 23:20 188,416 --a------ C:\WINDOWS\system32\accwiz.exe

2010-01-01 03:03 . 2008-04-13 23:20 33,792 --a------ C:\WINDOWS\system32\msgsvc.dll

2010-01-01 03:03 . 2004-04-10 11:24 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe

2010-01-01 03:02 . 2008-04-13 23:20 614,912 --a------ C:\WINDOWS\system32\h323msp.dll

2010-01-01 03:02 . 2008-04-13 23:20 331,264 --a------ C:\WINDOWS\system32\ipnathlp.dll

2010-01-01 03:02 . 2008-04-13 23:20 40,960 --a------ C:\WINDOWS\system32\mf3216.dll

2010-01-01 03:01 . 2008-04-13 23:21 266,240 --a------ C:\WINDOWS\system32\h323.tsp

2010-01-01 03:01 . 2008-04-13 23:20 101,376 --a------ C:\WINDOWS\system32\txflog.dll

2010-01-01 03:01 . 2004-03-29 22:52 40,960 --a------ C:\WINDOWS\system32\dllcache\evtgprov.dll

2010-01-01 03:00 . 2008-04-13 23:20 584,704 --a------ C:\WINDOWS\system32\rpcrt4.dll

2010-01-01 03:00 . 2008-04-13 23:20 161,792 --a------ C:\WINDOWS\system32\msdtcuiu.dll

2010-01-01 03:00 . 2008-04-13 23:20 91,648 --a------ C:\WINDOWS\system32\mtxoci.dll

2010-01-01 03:00 . 2008-04-13 23:20 66,560 --a------ C:\WINDOWS\system32\mtxclu.dll

2010-01-01 02:59 . 2008-04-13 23:20 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll

2010-01-01 02:59 . 2008-04-13 23:20 956,928 --a------ C:\WINDOWS\system32\msdtctm.dll

2010-01-01 02:59 . 2008-04-13 23:20 539,648 --a------ C:\WINDOWS\system32\comuid.dll

2010-01-01 02:59 . 2008-04-13 23:20 427,008 --a------ C:\WINDOWS\system32\msdtcprx.dll

2010-01-01 02:59 . 2008-07-07 17:28 253,952 --a------ C:\WINDOWS\system32\es.dll

2010-01-01 02:59 . 2008-04-13 23:20 60,416 --a------ C:\WINDOWS\system32\colbact.dll

2010-01-01 02:58 . 2008-04-13 23:20 625,664 --a------ C:\WINDOWS\system32\catsrvut.dll

2010-01-01 02:58 . 2008-04-13 23:20 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll

2010-01-01 02:58 . 2008-04-13 23:20 226,304 --a------ C:\WINDOWS\system32\catsrv.dll

2010-01-01 02:58 . 2008-04-13 23:20 110,592 --a------ C:\WINDOWS\system32\clbcatex.dll

2010-01-01 02:56 . 2010-01-01 02:56 <DIR> d-------- C:\Arquivos de programas\Common Files

2010-01-01 01:43 . 2010-01-01 01:43 <DIR> d-------- C:\WINDOWS\OPTIONS

2010-01-01 01:43 . 2008-07-05 22:35 <DIR> d--h----- C:\Arquivos de programas\InstallShield Installation Information

2010-01-01 01:43 . 2002-03-31 22:47 45,312 --a------ C:\WINDOWS\system32\drivers\R8139n51.sys

2010-01-01 01:40 . 2008-04-13 15:45 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys

2010-01-01 01:40 . 2008-04-13 13:39 142,592 --a------ C:\WINDOWS\system32\drivers\aec.sys

2010-01-01 01:40 . 2008-04-13 16:17 83,072 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys

2010-01-01 01:40 . 2008-04-13 16:15 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys

2010-01-01 01:40 . 2008-04-13 15:45 56,576 --a------ C:\WINDOWS\system32\drivers\swmidi.sys

2010-01-01 01:40 . 2008-04-13 15:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys

2010-01-01 01:40 . 2008-04-13 15:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys

2010-01-01 01:40 . 2008-04-13 15:45 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys

2010-01-01 01:39 . 2009-12-31 23:20 <DIR> d-------- C:\Arquivos de programas\C-Media 3D Audio

2010-01-01 01:36 . 2002-08-20 03:58 139,264 -ra------ C:\WINDOWS\system32\IDEproperty.dll

2010-01-01 01:36 . 2002-05-28 05:21 48,896 -ra------ C:\WINDOWS\system32\drivers\sisidex.sys

2010-01-01 01:36 . 2002-08-20 06:19 9,472 -ra------ C:\WINDOWS\system32\drivers\sisperf.sys

2010-01-01 01:32 . 2002-03-18 22:29 45,056 --a------ C:\WINDOWS\winio.dll

2010-01-01 01:32 . 2002-10-30 06:40 28,672 --a------ C:\WINDOWS\htpatch.exe

2010-01-01 01:32 . 2002-04-09 03:31 3,072 -ra------ C:\WINDOWS\winio.sys

2010-01-01 01:28 . 2010-01-01 01:28 <DIR> d---s---- C:\WINDOWS\system32\Microsoft

2010-01-01 01:28 . 2009-12-31 23:17 33,818 --a------ C:\WINDOWS\system32\1_ssetup.ini

2010-01-01 01:28 . 2002-04-25 13:06 32,768 --a------ C:\WINDOWS\SiSUSBrg.exe

2010-01-01 01:28 . 2002-01-02 04:40 32,768 --a------ C:\WINDOWS\SIS_LIB.DLL

2010-01-01 01:28 . 2009-12-31 23:17 16,083 --a------ C:\WINDOWS\system32\sunistlog.ini

2010-01-01 01:28 . 2001-12-06 23:11 3,583 --a------ C:\WINDOWS\SISPORT.SYS

2010-01-01 01:27 . 2010-01-01 01:27 <DIR> d-------- C:\WINDOWS\SiSAGP

2010-01-01 01:27 . 2007-02-06 21:53 <DIR> d-------- C:\WINDOWS\SiS

2010-01-01 01:27 . 2001-12-26 09:52 27,136 --a------ C:\WINDOWS\system32\drivers\SISAGP.SYS

2010-01-01 01:27 . 2001-12-26 09:52 27,136 --a------ C:\WINDOWS\system32\dllcache\sisagp.sys

2010-01-01 01:26 . 2007-02-06 21:53 <DIR> d-------- C:\WINDOWS\system32\trayres

2010-01-01 01:26 . 2009-12-31 23:17 <DIR> d-------- C:\WINDOWS\SiSInf

2010-01-01 01:26 . 2010-01-01 01:26 <DIR> d-------- C:\Arquivos de programas\SiS Compatible VGA V2.09L

2010-01-01 01:26 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe

2010-01-01 01:25 . 1998-10-09 16:56 327,168 --a------ C:\WINDOWS\IsUn0416.exe

2010-01-01 01:25 . 2003-02-17 04:04 180,224 --a------ C:\WINDOWS\system32\setuplib.dll

2010-01-01 01:25 . 2002-08-28 04:35 73,728 --a------ C:\WINDOWS\system32\waitwnd.exe

2010-01-01 01:20 . 2010-01-01 01:20 <DIR> d-------- C:\WINDOWS\system32\Tools

2010-01-01 01:05 . 2008-04-13 23:19 175,104 --a------ C:\WINDOWS\system32\dllcache\pintlcsa.dll

2010-01-01 01:05 . 2008-04-13 22:51 103,424 --a------ C:\WINDOWS\system32\dpcdll.dll

2010-01-01 01:05 . 2008-04-13 23:18 102,456 --a------ C:\WINDOWS\system32\dllcache\imlang.dll

2010-01-01 01:05 . 2008-04-13 23:20 26,112 --a------ C:\WINDOWS\system32\dllcache\romanime.ime

2010-01-01 01:03 . 2010-01-01 01:03 <DIR> d-------- C:\WINDOWS\ServicePackFiles

2010-01-01 01:02 . 2008-04-13 23:20 2,843,136 --a------ C:\WINDOWS\system32\msi.dll

2010-01-01 01:01 . 2004-07-17 15:38 176,760 --a------ C:\WINDOWS\system32\xenroll.dll

2010-01-01 01:01 . 2004-07-17 15:38 176,760 --a------ C:\WINDOWS\system32\dllcache\xenroll.dll

2009-12-31 23:53 . 2008-04-13 23:20 278,528 --a------ C:\WINDOWS\system32\mstask.dll

2009-12-31 23:53 . 2008-04-13 23:20 193,536 --a------ C:\WINDOWS\system32\schedsvc.dll

2009-12-31 23:53 . 2008-04-13 23:21 12,288 --a------ C:\WINDOWS\system32\mstinit.exe

2009-12-31 23:52 . 2008-05-11 20:44 <DIR> d-------- C:\WINDOWS\system32\bits

2009-12-31 23:52 . 2008-04-13 23:20 138,240 --a------ C:\WINDOWS\system32\itss.dll

2009-12-31 23:51 . 2008-04-13 23:20 354,304 --a------ C:\WINDOWS\system32\winhttp.dll

2009-12-31 23:51 . 2008-04-13 23:20 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll

2009-12-31 23:51 . 2008-04-13 23:20 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll

2009-12-31 23:51 . 2008-04-13 23:20 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll

2009-12-31 23:23 . 2003-12-31 00:58 69,504 --a------ C:\WINDOWS\system32\drivers\Rtlnic51.sys

2009-12-31 23:20 . 2003-08-20 07:46 233,472 -ra------ C:\WINDOWS\system32\cmirmdrv.exe

2009-12-31 23:20 . 2003-02-18 07:26 28,672 -ra------ C:\WINDOWS\system32\cmirmdrv.dll

2009-12-31 23:19 . 2003-03-25 06:50 4,096 -ra------ C:\WINDOWS\system32\drivers\siside.sys

2009-12-31 23:17 . 2001-08-17 19:11 66,591 --a------ C:\WINDOWS\system32\drivers\el90xbc5.sys

2009-12-31 23:17 . 2001-08-17 19:11 66,591 --a------ C:\WINDOWS\system32\dllcache\el90xbc5.sys

2009-12-31 23:16 . 2009-12-31 23:16 <DIR> d-------- C:\Arquivos de programas\SiS Compatible VGA V2.18

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-01 03:07 --------- d-----w C:\Arquivos de programas\microsoft frontpage

2010-01-01 03:05 --------- d-----w C:\Arquivos de programas\Serviços on-line

2010-01-01 03:04 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Serviços

2008-09-01 15:18 --------- d-----w C:\Documents and Settings\IOMA\Dados de aplicativos\Free Download Manager

2008-08-31 21:07 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2008-08-31 02:40 --------- d-----w C:\Documents and Settings\ROBERTO\Dados de aplicativos\Free Download Manager

2008-08-30 01:34 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-08-30 00:12 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink

2008-08-28 00:31 --------- d-----w C:\Documents and Settings\ROBERTO\Dados de aplicativos\Vso

2008-08-27 01:28 --------- d-----w C:\Documents and Settings\ROBERTO\Dados de aplicativos\Skype

2008-08-26 22:29 --------- d-----w C:\Documents and Settings\ROBERTO\Dados de aplicativos\skypePM

2008-08-25 02:26 --------- d-----w C:\Documents and Settings\ROBERTO\Dados de aplicativos\SiteAdvisor

2008-08-24 02:29 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\nView_Profiles

2008-08-23 23:14 --------- d-----w C:\Documents and Settings\ROBERTO\Dados de aplicativos\Uniblue

2008-08-23 21:37 --------- d-----w C:\Documents and Settings\LocalService\Dados de aplicativos\SiteAdvisor

2008-08-20 20:22 --------- d-----w C:\Arquivos de programas\Lexmark X1100 Series

2008-07-27 17:58 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center

2008-07-27 16:43 --------- d-----w C:\Arquivos de programas\Lingoes

2008-07-27 16:34 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\LogMeIn

2008-07-27 16:19 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys

2008-07-27 16:19 47,360 ----a-w C:\Documents and Settings\ROBERTO\Dados de aplicativos\pcouffin.sys

2008-07-24 01:09 --------- d-----w C:\Arquivos de programas\CCleaner

2008-07-17 23:51 --------- d-----w C:\Arquivos de programas\Sun

2008-07-17 23:51 --------- d-----w C:\Arquivos de programas\Java

2008-07-06 01:43 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Ulead Systems

2008-07-06 01:35 --------- d-----w C:\Arquivos de programas\Ulead Systems

2008-07-06 00:55 --------- d-----w C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft

2008-03-18 03:40 9,299,672 ----a-w C:\Arquivos de programas\cureit.exe

2008-03-14 18:20 14,574,336 ----a-w C:\Arquivos de programas\TU2008TrialEN.exe

2008-03-10 21:38 14 ----a-w C:\Documents and Settings\ROBERTO\getfile.dat

2007-12-23 23:00 32 ----a-w C:\Documents and Settings\All Users\Dados de aplicativos\ezsid.dat

2007-02-13 19:26 32 ----a-r C:\Documents and Settings\All Users\hash.dat

2006-02-14 14:35 774,144 ----a-w C:\Arquivos de programas\RngInterstitial.dll

2004-10-01 18:00 40,960 ----a-w C:\Arquivos de programas\Uninstall_CDS.exe

2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL

2005-11-21 03:23 56 --sh--r C:\WINDOWS\system32\50B51C10E3.sys

2005-11-21 03:23 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

2008-05-11 23:51 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\MSHist012008051120080512\index.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 23:20 15360]

"WMPNSCFG"="C:\Arquivos de programas\Windows Media Player\WMPNSCFG.exe" [2006-11-02 23:32 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 02:23 294912]

"SiSUSBRG"="C:\WINDOWS\sisUSBrg.exe" [2002-04-25 13:06 32768]

"NeroCheck"="C:\WINDOWS\System32\\NeroCheck.exe" [2003-09-10 06:07 155648]

"Lexmark X1100 Series"="C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 08:12 57344]

"Adobe Photo Downloader"="C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 15:09 57344]

"RemoteControl"="C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]

"InCD"="C:\Arquivos de programas\Ahead\InCD\InCD.exe" [2006-03-13 23:06 1397760]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]

"MBM 5"="C:\Arquivos de programas\Motherboard Monitor 5\MBM5.EXE" [2004-06-12 09:40 594944]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-01-26 13:07 5529600]

"GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-01-26 13:07 86016]

"avgnt"="C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]

"CARPService"="carpserv.exe" [2002-11-19 08:17 4608 C:\WINDOWS\system32\carpserv.exe]

"SoundMan"="SOUNDMAN.EXE" [2005-08-17 18:39 90112 C:\WINDOWS\soundman.exe]

"nwiz"="nwiz.exe" [2005-01-26 13:07 1490944 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-13 23:20 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399003}"= "C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gbiehCef.dll" [2007-03-07 11:09 219456]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.I420"= i420vfw.dll

"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\WINDOWS\\system32\\LEXPPS.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"C:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"13782:TCP"= 13782:TCP:BitComet 13782 TCP

"13782:UDP"= 13782:UDP:BitComet 13782 UDP

.

Conte£do da pasta 'Tarefas Agendadas'

.

------- Ccan Suplementar -------

.

FireFox -: Profile - C:\Documents and Settings\ROBERTO\Dados de aplicativos\Mozilla\Firefox\Profiles\gitr4foz.default\

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-upgrd&p=

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://br.msn.com/

FF -: plugin - C:\Arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF -: plugin - C:\Arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF -: plugin - C:\Arquivos de programas\Mozilla Firefox\plugins\NPAdbESD.dll

FF -: plugin - C:\Arquivos de programas\Mozilla Firefox\plugins\npracplug.dll

FF -: plugin - C:\Arquivos de programas\Mozilla Firefox\plugins\NPZoneSB.dll

FF -: plugin - C:\Arquivos de programas\Real\RealArcade\Plugins\Mozilla\npracplug.dll

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-01 21:05:51

Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializ veis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

------------------------ Outros Processos em Execu‡Æo ------------------------

.

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Windows Media Player\wmpnetwk.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe

C:\WINDOWS\system32\rundll32.exe

.

**************************************************************************

.

Tempo para conclusÆo: 2008-09-01 21:15:51 - Maquina reiniciou

ComboFix-quarantined-files.txt 2008-09-02 00:15:44

Pre-Run: 26 pasta(s) 17,117,753,344 bytes disponíveis

Post-Run: 30 pasta(s) 17,233,096,704 bytes dispon¡veis

511 --- E O F --- 2008-08-28 02:33:20

prrsilva · Setembro 2, 2008

boa noite Sr. Perfect segue novo logfile do hijackthis

Logfile of HijackThis v1.99.1

Scan saved at 21:31:44, on 01/09/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe

C:\WINDOWS\system32\carpserv.exe

C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe

C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Ahead\InCD\InCD.exe

C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Arquivos de programas\Motherboard Monitor 5\MBM5.EXE

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\explorer.exe