Gah 0 Denunciar post Postado Agosto 26, 2010 Boa tarde, já adiantando que nem tenho certeza se estou postando no lugar correto, mas por indicações de amigos, me disseram que este seria o melhor forum para resolver o meu problema, meu computador do nada começou a ficar lento e agora trava os video no youtube, todos os meus jogos dão lag, tenho aqui um log feito pelo hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:55:57, on 26/8/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\lg_fwupdate\fwupdate.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\Arquivos de programas\Bywifi\bywifi.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\micro\Meus documentos\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.twitter.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Arquivos de programas\Bywifi\bywifiie.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O3 - Toolbar: VDownloader Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Microsoft.NETframework5] "C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe" O4 - HKCU\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU) O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34 O17 - HKLM\System\CS1\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe -- End of file - 7364 bytes Gostaria muito da ajuda de vocês, lembrando que faço todas as possiveis limpesas, uso o advanced system care c cleaner entre outros, e mesmo assim ele continua lento... Obrigado Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Agosto 29, 2010 :) Oi Gah! :seta: Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked: O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU) _______________________________ :seta: Faça o download do HostsXpert.zip: http://www.funkytoad.com/download/HostsXpert.zip • Extraia (unzip) HostsXpert.zip para uma pasta permanente do seu drive (exemplo C:\HostsXpert) • Duplo clique em HostsXpert.exe para executar o programa. • Se disponivel, clique em "Make Hosts Writable?" (estará no canto superior direito). • Clique em "Restore Microsoft's Hosts file" e depois clique em "OK". • Clique no X para sair do programa. ________________________________ :seta: Siga também, por gentileza, as dicas destes tutoriais: '>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-malwarebytes-anti-malware.html"]Tutorial do Malwarebytes Anti-Malware '>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-ad-remover.html"]Tutorial do Ad-Remover '>http://dicasetutoriaisparapc.blogspot.com/2009/11/tutorial-do-toolbar-sd.html"]Tutorial do Toolbar S&D ______________________________ :seta: Na sua próxima resposta poste o log do Malwarebytes juntamente com um novo log do Hijackthis, o log que estará em C:\ToolBar SD\TB_1.txt e o log do Ad-Remover que estará em C:\Ad-Report-CLEAN[1].log e nos diga como está o seu PC após estes procedimentos. Ficamos na espera. Compartilhar este post Link para o post Compartilhar em outros sites
Gah 0 Denunciar post Postado Agosto 31, 2010 Malwarebytes' Anti-Malware 1.42 Versão do banco de dados: 3412 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 31/8/2010 13:21:38 mbam-log-2010-08-31 (13-21-38).txt Tipo de Verificação: Completa (C:\|D:\|) Objetos verificados: 158115 Tempo decorrido: 1 hour(s), 13 minute(s), 20 second(s) Processos da Memória infectados: 0 Módulos de Memória Infectados: 0 Chaves do Registro infectadas: 3 Valores do Registro infectados: 0 Ítens do Registro infectados: 1 Pastas infectadas: 0 Arquivos infectados: 0 Processos da Memória infectados: (Nenhum ítem malicioso foi detectado) Módulos de Memória Infectados: (Nenhum ítem malicioso foi detectado) Chaves do Registro infectadas: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fcaddc14-bd46-408a-9842-cdbe1c6d37eb} (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AdobeUpdate (Trojan.Downloader) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully. Valores do Registro infectados: (Nenhum ítem malicioso foi detectado) Ítens do Registro infectados: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Pastas infectadas: (Nenhum ítem malicioso foi detectado) Arquivos infectados: (Nenhum ítem malicioso foi detectado) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:44:35, on 31/8/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\lg_fwupdate\fwupdate.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe C:\Arquivos de programas\Bywifi\bywifi.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\Arquivos de programas\Winamp\winamp.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\micro\Meus documentos\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.twitter.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Arquivos de programas\Bywifi\bywifiie.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Microsoft.NETframework5] "C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe" O4 - HKCU\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent" O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\micro\CONFIG~1\Temp\dsoqq.exe O4 - HKCU\..\Run: [api32] C:\DOCUME~1\micro\CONFIG~1\Temp\apiqq.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34 O17 - HKLM\System\CS1\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe -- End of file - 6933 bytes -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon MP ) BIOS : Default System BIOS USER : micro ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:37 Go (Free:9 Go) D:\ (Local Disk) - NTFS - Total:37 Go (Free:26 Go) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( ter 31/08/2010|11:14 ) -----------\\ Procura por Arquivos / Ficheiros ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.msn.com/" "Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Search bar"="http://go.microsoft.com/fwlink/?linkid=54896" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://fr.msn.com/" "Search bar"="http://search.msn.com/spbasic.htm" --------------------\\ Procurando por outras infecções Não foram encontradas outras infecções. 1 - "C:\ToolBar SD\TB_1.txt" - ter 31/08/2010|11:16 - Option : [1] ======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 ======= Updated by C_XX on 13/06/10 at 20:40 Contact: AdRemover.contact@gmail.com website: http://pagesperso-orange.fr/NosTools/ad_remover.html C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 23:52:13 on 30/08/2010, Normal boot Microsoft Windows XP Professional Service Pack 3 (X86) micro, M2 ( ) ============== ACTION(S) ============== O pc melhorou de certa forma, mas não muito ;/ os videos continuam travando, e em geral os jogos que eu jogo que antes não travavam continuam dando pequenas travadas, mais o desempenho em si, abrir paginas etc ficou melhor. Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 1, 2010 :) Alguns problemas foram removidos do seu PC. ____________________________ :seta: Siga, por gentileza, as dicas destes tutoriais: '>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-usbfix.html"]Tutorial do USBFix '>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-bankerfix.html"]Tutorial do Bankerfix ______________________________ :seta: Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet: Faça o download do ComboFix Salve-o no Desktop (área de trabalho). * Desabilite as proteções residente de: antivírus, antispywares e firewall ( menos o do Windows! ) * Feche todas as janelas e execute a ferramenta. * Ps: A execução, por comando, também é possível: * Vá em Iniciar --> Executar --> Digite ou cole: "%userprofile%\desktop\Combofix.exe" /killall * Clique em Ok. * Na solicitação: "Negação de garantia de software" --> Clique em Sim. * Não possuindo o "'>http://support.microsoft.com/kb/307654/pt-br"]Console de Recuperação",aceite optar pela instalação do mesmo. * Terminando,clique Sim ou Yes. --> Aguarde. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX :!: Caso aconteça a notificação de: Aplicativo Win32 inválido ou alguma mensagem parecida com esta, delete a ferramenta ComboFix.exe e faça, novamente, seu download. * Salve-a no Desktop,renomeada como: Kombo.exe * Ps: Nomeie durante o salvamento,e não após salvá-la! * Ps: Surgindo alguma mensagem de erro, rode o ComboFix.exe em "'>http://dicasetutoriaisparapc.blogspot.com/2009/11/ferramentas-para-reparar-o-modo-seguro.html"]Modo Seguro". <-- Link! * Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação: * Ps: Anote essas detecções, e dê o OK. Neste caso poste estas detecções que você terá anotado em sua próxima resposta juntamente com os logs pedidos. * Ps: Para completar as remoções, talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde! * Ps: Para evitar problemas, siga todas as recomendações propostas. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX * Abrir-se-á a janela Auto Scan. --> Aguarde! * Para finalizar remoções, o ComboFix poderá reiniciar o computador. * Se houver necessidade, digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão! * Durante o scan, evite manusear o mouse ou teclado! <-- Importante! * Caso, por algum motivo de força maior, precise parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter. <><><><><><><><><><><><> Poste o log do Combofix que estará em C:\ComboFix.txt juntamente com o conteúdo do relatorio.txt do BankerFix que estará em C:\LinhaDefensiva\relatorio.txt, o log do Usbfix que estará em C:\UsbFix.txt e um novo log do Hijackthis e nos diga como está o PC após estes procedimentos. Ficamos no aguardo. Compartilhar este post Link para o post Compartilhar em outros sites
Gah 0 Denunciar post Postado Setembro 5, 2010 ComboFix 10-09-01.02 - micro 01/09/2010 20:48:17.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.293 [GMT -3:00] Executando de: C:\Documents and Settings\micro\desktop\Combofix.exe Comandos utilizados :: /killall ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !! . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\MessengerPlus C:\MessengerPlus\enviado.flg C:\MessengerPlus\juupdate18.log C:\WINDOWS\celn925.dll C:\WINDOWS\system32\Drivers\ovuy.sys C:\WINDOWS\system32\vbzlib1.dll . (((((((((((((((( Arquivos/Ficheiros criados de 2010-08-01 to 2010-09-01 )))))))))))))))))))))))))))) . 2010-09-01 23:35:07 . 2010-09-01 23:35:11 -------- d-----w- C:\LinhaDefensiva 2010-09-01 23:29:44 . 2010-09-01 23:29:47 17007230 ----a-w- C:\UsbFix_Upload_Me_M2.zip 2010-09-01 23:24:44 . 2010-09-01 23:29:47 -------- d-----w- C:\UsbFix 2010-08-31 14:13:54 . 2010-08-31 14:20:35 -------- d-----w- C:\ToolBar SD 2010-08-31 02:52:07 . 2010-08-31 14:08:01 -------- d-----w- C:\Arquivos de programas\Ad-Remover 2010-08-30 20:44:26 . 2010-08-30 20:46:55 -------- d-----w- C:\HostsXpert 2010-08-26 20:49:15 . 2010-08-26 20:50:45 -------- d-----w- C:\Arquivos de programas\Bywifi 2010-08-25 10:44:06 . 2010-08-25 10:44:06 -------- d-----w- C:\Arquivos de programas\Seagate Software 2010-08-25 10:44:01 . 2010-08-25 10:44:05 -------- d-----w- C:\WINDOWS\crystal 2010-08-25 10:44:01 . 2010-08-25 10:44:01 -------- d-----w- C:\Arquivos de programas\AssistLDA 2010-08-24 22:23:47 . 2010-08-24 22:26:37 -------- d-----w- C:\SICON . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-01 23:56:05 . 2009-12-22 16:00:09 -------- d-----w- C:\Arquivos de programas\lg_fwupdate 2010-08-23 22:48:04 . 2009-12-22 23:17:45 -------- d-----w- C:\Arquivos de programas\Garena 2010-08-18 15:30:15 . 2009-12-22 22:37:36 -------- d-----w- C:\Arquivos de programas\WC 3 2010-07-27 16:24:21 . 2009-12-23 18:22:38 -------- d-----w- C:\Arquivos de programas\Winamp 2010-07-27 04:03:47 . 2010-04-14 19:59:08 -------- d-----w- C:\Arquivos de programas\MSN Messenger 2010-07-23 19:27:51 . 2010-07-23 19:27:51 -------- d-----w- C:\Documents and Settings\micro\Dados de aplicativos\WinAVI 2010-07-23 19:27:43 . 2010-07-23 19:27:30 -------- d-----w- C:\Arquivos de programas\WinAVI Video Converter 2010-07-20 18:51:55 . 2010-07-20 18:51:51 -------- d-----w- C:\Arquivos de programas\Guitar Pro 5 2010-07-19 02:50:27 . 2010-07-19 02:50:00 0 ----a-w- C:\Arquivos de programas\properties 2010-07-19 02:50:00 . 2010-07-19 02:50:00 -------- d-----w- C:\Arquivos de programas\Java 2010-07-05 23:43:40 . 2010-07-05 23:43:40 -------- d-----w- C:\Documents and Settings\micro\Dados de aplicativos\CyberLink 2010-07-05 23:43:38 . 2010-07-05 23:43:38 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink 2010-02-10 14:18:42 . 2010-05-07 17:50:38 2131336 ----a-w- C:\Arquivos de programas\Arquivos comuns\AskToolbarInstaller.exe 2009-03-21 14:08:53 . 2008-04-14 09:00:00 164746 --sha-r- C:\WINDOWS\system32\mxouwhc.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe" [2010-03-14 19:48:45 2937528] "ares"="C:\Arquivos de programas\Ares\Ares.exe" [2009-01-03 16:21:00 893952] "MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" [2007-09-05 02:40:18 6856704] "Microsoft.NETframework5"="C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe" [2010-07-28 03:55:10 1538048] "bywifi"="C:\Arquivos de programas\Bywifi\bywifi.exe" [2010-08-15 07:08:42 2644992] "Google Update"="C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2010-09-01 20:13:05 136176] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 09:00:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LGODDFU"="C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" [2009-12-22 16:01:00 557056] "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 13:44:34 31072] "MessengerPlus3"="C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" [2010-04-15 01:34:51 190024] "bywifi"="C:\Arquivos de programas\Bywifi\bywifi.exe" [2010-08-15 07:08:42 2644992] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 09:00:00 15360] C:\Documents and Settings\micro\Menu Iniciar\Programas\Inicializar\ Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-06-12 04:38:00 34672 ----a-w- C:\Arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3] 2010-08-10 18:10:58 2349776 ----a-w- C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares] BankerFix 3.1 VALKYRIE - Removedor de Bankers Linha Defensiva | http://www.linhadefensiva.org http://www.linhadefensiva.org/bankerfix/ ------------------------------------------------------- Data: 2010-09-01 - 21:08 ------------------------------------------------------- Lista de Definição: 2010-08-03-1 | CORE: 2010-01-14-1 ======================================================= Proxy/Internet Explorer (HKCU): localhost:9000/proxy.pac ----- Fim ------------------------- ############################## | UsbFix 7.022 | [supressão] Usuário: micro (Administrador) # M2 [ ] Atualizado em 29/08/10 por El Desaparecido / C_XX Começou em 20:26:33 | 01/09/2010 Site: http://pagesperso-orange.fr/NosTools/index.html Contato: FindyKill.Contact@gmail.com CPU: AMD Athlon MP Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 6.0.2900.5512 Windows Firewall: Deficientes /!\ RAM -> 511 Mb C:\ (%systemdrive%) -> Disco fixo # 37 Gb (10 Mb livre - 26%) [] # NTFS D:\ -> Disco fixo # 37 Gb (26 Mb livre - 71%) [] # NTFS ################## | Ficheiros # pastas infeciosos | Supprimido ! C:\WINDOWS\IFinst27.exe Supprimido ! C:\biriprg.exe Supprimido ! C:\Autorun.inf Supprimido ! D:\Autorun.inf Supprimido ! C:\09lf.exe Supprimido ! C:\0fpdq2dw.exe Supprimido ! C:\1hqup.exe Supprimido ! C:\1j038ki.exe Supprimido ! C:\1thes92p.exe Supprimido ! C:\2u923g01.exe Supprimido ! C:\2ul.exe Supprimido ! C:\31lyx.exe Supprimido ! C:\33r.exe Supprimido ! C:\3dcs9.exe Supprimido ! C:\3exi.exe Supprimido ! C:\8xcrbho6.exe Supprimido ! C:\9d6tpg.exe Supprimido ! C:\9ffp.exe Supprimido ! C:\9fo3ar0j.exe Supprimido ! C:\9qqigqwf.exe Supprimido ! C:\9rfpp.exe Supprimido ! C:\9xf8.exe Supprimido ! C:\affi8l.exe Supprimido ! C:\anoataly.exe Supprimido ! C:\awb3ryk.exe Supprimido ! C:\ba.exe Supprimido ! C:\bbjl2g.exe Supprimido ! C:\bu8.exe Supprimido ! C:\bveijo.exe Supprimido ! C:\c2e.exe Supprimido ! C:\ca.exe Supprimido ! C:\cgaqyi.exe Supprimido ! C:\chxnxyx.exe Supprimido ! C:\cobn8w3.exe Supprimido ! C:\dqm.exe Supprimido ! C:\e9naq.exe Supprimido ! C:\eyruu.exe Supprimido ! C:\f2kmj.exe Supprimido ! C:\f662sjd.exe Supprimido ! C:\fk.exe Supprimido ! C:\g6jk.exe Supprimido ! C:\ggb6w.exe Supprimido ! C:\h0.exe Supprimido ! C:\hc3hvi0.exe Supprimido ! C:\i8gcgmg.exe Supprimido ! C:\i8ikdjwt.exe Supprimido ! C:\iuvvl9f3.exe Supprimido ! C:\ji83j.exe Supprimido ! C:\k1d.exe Supprimido ! C:\kmj.exe Supprimido ! C:\krwyrv0d.exe Supprimido ! C:\mh.exe Supprimido ! C:\mi9al8rs.exe Supprimido ! C:\mk28sp.exe Supprimido ! C:\mvmdh.exe Supprimido ! C:\n0qls.exe Supprimido ! C:\olu392qj.exe Supprimido ! C:\p3vwxx.exe Supprimido ! C:\p9rs.exe Supprimido ! C:\pbyqfn.exe Supprimido ! C:\q0wfr.exe Supprimido ! C:\qhbfqx.exe Supprimido ! C:\qkm.exe Supprimido ! C:\r3fhr.exe Supprimido ! C:\rhwhin.exe Supprimido ! C:\rpw.exe Supprimido ! C:\rxf.exe Supprimido ! C:\s1.exe Supprimido ! C:\sdfqh.exe Supprimido ! C:\sywyrl0q.exe Supprimido ! C:\tgt.exe Supprimido ! C:\twhvna.exe Supprimido ! C:\utcddeq.exe Supprimido ! C:\vgyn6ewc.exe Supprimido ! C:\vi8f.exe Supprimido ! C:\wa.exe Supprimido ! C:\wkimt.exe Supprimido ! C:\ws.exe Supprimido ! C:\wyskq6lt.exe Supprimido ! C:\x3xh.exe Supprimido ! C:\xjb3.exe Supprimido ! C:\y6cqb2is.exe Supprimido ! C:\yqq8eqil.exe Supprimido ! C:\ysyjq1bs.exe Supprimido ! D:\y.exe Supprimido ! D:\09lf.exe Supprimido ! D:\0fpdq2dw.exe Supprimido ! D:\1hqup.exe Supprimido ! D:\1j038ki.exe Supprimido ! D:\1thes92p.exe Supprimido ! D:\2u923g01.exe Supprimido ! D:\2ul.exe Supprimido ! D:\31lyx.exe Supprimido ! D:\33r.exe Supprimido ! D:\3dcs9.exe Supprimido ! D:\3exi.exe Supprimido ! D:\8xcrbho6.exe Supprimido ! D:\9d6tpg.exe Supprimido ! D:\9ffp.exe Supprimido ! D:\9fo3ar0j.exe Supprimido ! D:\9qqigqwf.exe Supprimido ! D:\9rfpp.exe Supprimido ! D:\9xf8.exe Supprimido ! D:\affi8l.exe Supprimido ! D:\anoataly.exe Supprimido ! D:\awb3ryk.exe Supprimido ! D:\ba.exe Supprimido ! D:\bbjl2g.exe Supprimido ! D:\biriprg.exe Supprimido ! D:\bu8.exe Supprimido ! D:\bveijo.exe Supprimido ! D:\c2e.exe Supprimido ! D:\ca.exe Supprimido ! D:\cgaqyi.exe Supprimido ! D:\chxnxyx.exe Supprimido ! D:\cobn8w3.exe Supprimido ! D:\dqm.exe Supprimido ! D:\e9naq.exe Supprimido ! D:\eyruu.exe Supprimido ! D:\f2kmj.exe Supprimido ! D:\f662sjd.exe Supprimido ! D:\fk.exe Supprimido ! D:\g6jk.exe Supprimido ! D:\ggb6w.exe Supprimido ! D:\h0.exe Supprimido ! D:\hc3hvi0.exe Supprimido ! D:\i8gcgmg.exe Supprimido ! D:\i8ikdjwt.exe Supprimido ! D:\iuvvl9f3.exe Supprimido ! D:\ji83j.exe Supprimido ! D:\k1d.exe Supprimido ! D:\kmj.exe Supprimido ! D:\krwyrv0d.exe Supprimido ! D:\mh.exe Supprimido ! D:\mi9al8rs.exe Supprimido ! D:\mk28sp.exe Supprimido ! D:\mvmdh.exe Supprimido ! D:\n0qls.exe Supprimido ! D:\nymdik.exe Supprimido ! D:\olu392qj.exe Supprimido ! D:\p3vwxx.exe Supprimido ! D:\p9rs.exe Supprimido ! D:\pbyqfn.exe Supprimido ! D:\q0wfr.exe Supprimido ! D:\qhbfqx.exe Supprimido ! D:\qkm.exe Supprimido ! D:\r3fhr.exe Supprimido ! D:\rfg.exe Supprimido ! D:\rhwhin.exe Supprimido ! D:\rpw.exe Supprimido ! D:\rxf.exe Supprimido ! D:\s1.exe Supprimido ! D:\sdfqh.exe Supprimido ! D:\sywyrl0q.exe Supprimido ! D:\tgt.exe Supprimido ! D:\twhvna.exe Supprimido ! D:\utcddeq.exe Supprimido ! D:\vgyn6ewc.exe Supprimido ! D:\vi8f.exe Supprimido ! D:\wa.exe Supprimido ! D:\wkimt.exe Supprimido ! D:\ws.exe Supprimido ! D:\wyskq6lt.exe Supprimido ! D:\x3xh.exe Supprimido ! D:\xjb3.exe Supprimido ! D:\y6cqb2is.exe Supprimido ! D:\yqq8eqil.exe Supprimido ! D:\ysyjq1bs.exe ################## | Registro | Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch Supprimido ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|dso32 ################## | Mountpoints2 | Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\C Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{0aecf870-fb19-11de-a68c-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{14bbbc1d-9f04-11df-a8c8-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{23a8d4ff-579b-11df-a7cc-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{4418eb47-1012-11df-a6c9-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{69dd03e4-f4d3-11de-a67a-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{7b2ef414-888e-11df-a878-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{862ea2a8-3c51-11df-a760-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{9cba8064-9e55-11df-a8c6-000d87b1352a} Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{f51f236b-4983-11df-a796-000d87b1352a} ################## | Listing | [30/08/2010 - 23:54:00 | A | 433] C:\Ad-Report-CLEAN[1].txt [31/08/2010 - 11:08:21 | A | 5118] C:\Ad-Report-CLEAN[2].txt [31/08/2010 - 11:08:17 | RD ] C:\Arquivos de programas [24/08/2010 - 19:23:55 | A | 20] C:\AUTOEXEC.BAT [22/12/2009 - 11:23:03 | SH | 211] C:\boot.ini [14/04/2008 - 06:00:00 | RASH | 4952] C:\Bootfont.bin [24/08/2010 - 19:23:55 | A | 106] C:\CONFIG.SYS [22/12/2009 - 11:48:45 | D ] C:\Documents and Settings [01/09/2010 - 14:29:08 | ASH | 536268800] C:\hiberfil.sys [30/08/2010 - 17:46:55 | D ] C:\HostsXpert [22/12/2009 - 11:30:21 | RASH | 0] C:\IO.SYS [19/08/2010 - 22:32:57 | AHD ] C:\MessengerPlus [22/12/2009 - 11:30:21 | RASH | 0] C:\MSDOS.SYS [22/12/2009 - 13:06:37 | RHD ] C:\MSOCache [23/05/2010 - 16:40:53 | D ] C:\My Games [15/03/2010 - 15:11:45 | D ] C:\nDoors [06/06/2010 - 15:59:16 | D ] C:\Nova pasta [14/04/2008 - 06:00:00 | RASH | 47564] C:\NTDETECT.COM [14/04/2008 - 06:00:00 | RASH | 251696] C:\ntldr [01/09/2010 - 14:29:07 | ASH | 402653184] C:\pagefile.sys [23/03/2010 - 16:11:31 | D ] C:\Program Files [01/09/2010 - 20:29:21 | SHD ] C:\RECYCLER [24/08/2010 - 19:26:37 | D ] C:\SICON [18/06/2010 - 12:17:33 | SHD ] C:\System Volume Information [31/08/2010 - 11:20:35 | A | 1654] C:\TB.txt [31/08/2010 - 11:34:38 | A | 1654] C:\TB2.txt [22/12/2009 - 13:04:19 | D ] C:\Temp [31/08/2010 - 11:20:35 | D ] C:\ToolBar SD [01/09/2010 - 20:29:21 | D ] C:\UsbFix [01/09/2010 - 20:29:22 | A | 5292] C:\UsbFix.txt [24/08/2010 - 19:24:37 | A | 2048] C:\USUAR01.NTX [24/08/2010 - 19:24:37 | A | 2048] C:\USUAR02.NTX [23/03/2010 - 15:59:44 | D ] C:\WeMade Entertainment [01/09/2010 - 20:29:15 | D ] C:\WINDOWS [01/09/2010 - 20:29:21 | SHD ] D:\RECYCLER [26/08/2010 - 18:30:21 | D ] D:\Supernatural [17/06/2010 - 22:51:14 | SHD ] D:\System Volume Information ################## | Vaccin | C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX) ################## | Upload | Favor enviar o arquivo: C:\UsbFix_Upload_Me_M2.zip http://chiquitine.changelog.fr/Sample/Upload.php Obrigado pela sua contribuição. ################## | E.O.F | Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:56:54, on 5/9/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\lg_fwupdate\fwupdate.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe C:\Arquivos de programas\Bywifi\bywifi.exe C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe C:\Arquivos de programas\Winamp\winamp.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\micro\Meus documentos\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Arquivos de programas\Bywifi\bywifiie.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent" O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Microsoft.NETframework5] "C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe" O4 - HKCU\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34 O17 - HKLM\System\CS1\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe -- End of file - 6860 bytes O computador se manteve praticamente, com as mesmas melhoras da primeira vez, eu baixei um programa pra tenta acelera os videos do youtube mas eles continuam dando algumas travadas de 1 segundo a cada 5 que passa, e os jogos continuam dando lag tambem. Desde já obrigado pela atenção. Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 5, 2010 :) Muitos outros problemas foram removidos. ____________________________ :seta: Siga estas dicas: '>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-flash-disinfector.html"]Tutorial do Flash Disinfector '>http://dicasetutoriaisparapc.blogspot.com/2008/09/tutorial-do-antivirus-nod32-online.html"]Tutorial do antivirus Nod32 Online ____________________________ :seta: Faça o download do PenClean: https://dl.getdropbox.com/u/1035720/PenClean.zip ● Descompacte o Penclean.zip usando um descompactor (como o Winrar ou Winzip, por exemplo). ● Conecte o seu pendrive ou outra mídia que estiver infectada (se você tiver um) no computador e siga as etapas abaixo: ● Execute o arquivo PenClean.exe, e marque a opção: Verificar unidade > clique seta voltada para baixo e escolha a opção Todas as unidades. Depois disto clique no botão: Verificar. ● Se algo for detectado, o programa vai pedir para reiniciar o computador. Marque a opção para reiniciar e aguarde. ● Será salvo um log em C:\PenClean\PenClean.txt ____________________________ :seta: Acesse o site " Jotti's malware scan ": http://virusscan.jotti.org/en Clique na caixa Escolher arquivo Copie e cole o seguinte arquivo: C:\WINDOWS\system32\mxouwhc.dll Clique no botão Abrir > Depois disto clique no botão Submite File > O arquivo irá ser examinado por diferentes softwares antivirus, por favor aguarde. Copie e cole o resultado desta análise em sua próxima resposta. Se o site acima estiver muito congestionado, tente em um desses sites: http://virscan.org/ http://www.virustotal.com/ http://www.viruschief.com/ _______________________________ :seta: Na sua próxima resposta poste o log do Nod32 Online que estará em C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt juntamente com um novo log do Hijackthis, o log que estará em C:\PenClean\PenClean.txt e o resultado da análise do arquivo C:\WINDOWS\system32\mxouwhc.dll e nos diga, por gentileza, como está o seu PC após seguir estes procedimentos. Ficamos no aguardo de sua resposta. Compartilhar este post Link para o post Compartilhar em outros sites
Gah 0 Denunciar post Postado Setembro 7, 2010 ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # IEXPLORE.EXE=6.00.2900.5512 (xpsp.080413-2105) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=eaddde348102a64f84626396d95d145f # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2010-09-07 01:37:30 # local_time=2010-09-06 10:37:30 (-0300, Hora oficial do Brasil) # country="Brazil" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=55022 # found=331 # cleaned=331 # scan_time=9316 C:\UsbFix_Upload_Me_M2.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Ad-Remover\Quarantine\C\Arquivos de programas\PokerStars\gx\chips&deck\deck\large\0\cdr50r.exe.vir a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Ad-Remover\Quarantine\C\Arquivos de programas\PokerStars\themes\oldblack\ctrls\jpi_share.exe.vir a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DAO\AdobeUpdate.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\PROOF\NeMP3_Dmo.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\THEMES12\SLATE\nero_API.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\você\Equalize2.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VGX\Onix34.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Esp\pdvd7_aac\VCD_Menu.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Esp\pdvd7_dts_es_neo\images\jsoundd.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Ita\pdvd7_nb\cdr100s.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_dolbyoem\images\cr2200ct.exe a variant of Win32/Spy.Banker.UIQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_h264\images\dcp.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_h264\images\jpi_com.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_ia\dtsocket.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerProducer\Menus\Travel\Text\deploys.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Garena\layout\mfc44.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Google\Picasa3\web\documentation\examples\READ_HD16.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Google\Picasa3\web\templates\whitefrm\assets\AdobeUpdate.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Java\jre6\lib\images\cursors\cdr100s.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Java\jre6\lib\images\cursors\NeroMedia_Con.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\lg_fwupdate\image\Nero_Com.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Microsoft Office\Office12\1046\DataServices\cr2200ct.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Microsoft Office\Office12\1046\PUBFTSCM\AiodLites.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\SHORT_CUT.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Mozilla Firefox\icudt38.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Mozilla Firefox\modules\deploys.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Real Alternative\Browser\Plugins\ISOFSS.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\TechSmith\Camtasia Studio 7\Media\Studio\HTML\ExpressShow\addoutput12\msvc71.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\WC 3\bagsikmh.exe a variant of Win32/Kryptik.GDT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Winamp\Drweb34.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Arquivos de programas\Winamp\Plugins\avs\Winamp 5 Picks\AdobeLinguisticx.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Documents and Settings\micro\Meus documentos\Downloads\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019273.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019274.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019295.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019296.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019314.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019315.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019330.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019331.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019346.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019347.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019358.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019359.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019378.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019379.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019405.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019406.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019424.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019436.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019503.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019504.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019506.exe Win32/PSW.OnLineGames.PNY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019507.exe a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019508.exe a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019509.exe Win32/AutoRun.PSW.OnlineGames.BF worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019510.exe a variant of Win32/PSW.OnLineGames.PMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019511.exe Win32/AutoRun.PSW.OnlineGames.AY worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019512.exe a variant of Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019513.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019514.exe a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019515.exe a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019516.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019517.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019518.exe Win32/PSW.OnLineGames.NWF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019519.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019520.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019521.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019522.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019523.exe Win32/AutoRun.PSW.OnlineGames.AQ worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019524.exe a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019525.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019526.exe Win32/PSW.OnLineGames.PNH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019527.exe a variant of Win32/PSW.OnLineGames.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019528.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019529.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019530.exe Win32/AutoRun.PSW.OnlineGames.AT worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019531.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019532.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019533.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019534.exe a variant of Win32/PSW.OnLineGames.PBO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019535.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019536.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019537.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019538.exe a variant of Win32/PSW.OnLineGames.PNZ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019539.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019540.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019541.exe Win32/PSW.OnLineGames.OTW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019542.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019543.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019544.exe Win32/AutoRun.PSW.OnlineGames.AO worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019545.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019546.exe Win32/PSW.OnLineGames.POQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019547.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019548.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019549.exe a variant of Win32/Pacex.AI virus (deleted - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019550.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019551.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019552.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019553.exe Win32/AutoRun.PSW.OnlineGames.AP worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019554.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019555.exe a variant of Win32/PSW.OnLineGames.POC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019556.exe Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019557.exe Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019558.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019559.exe a variant of Win32/PSW.OnLineGames.OTI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019560.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019561.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019562.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019563.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019564.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019565.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019566.exe a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019567.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019568.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019569.exe Win32/AutoRun.PSW.OnlineGames.AW worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019570.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019571.exe a variant of Win32/Kryptik.BIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019572.exe a variant of Win32/PSW.OnLineGames.OTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019573.exe a variant of Win32/PSW.OnLineGames.PLW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019574.exe a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019575.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019576.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019577.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019578.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019579.exe Win32/AutoRun.PSW.OnlineGames.AS worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019580.exe a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019581.exe a variant of Win32/PSW.OnLineGames.POF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019582.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019583.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019584.exe a variant of Win32/Kryptik.DYR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019585.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019991.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019992.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019993.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019994.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019995.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019996.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019997.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019998.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019999.exe a variant of Win32/Spy.Banker.UIQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020000.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020001.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020002.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020003.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020004.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020005.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020006.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020007.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020008.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020009.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020010.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020011.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020012.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020013.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020014.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020015.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020016.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020017.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020018.exe a variant of Win32/Kryptik.GDT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020019.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020020.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\09lf.exe.vir Win32/PSW.OnLineGames.PNY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\0fpdq2dw.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\1hqup.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\1j038ki.exe.vir Win32/AutoRun.PSW.OnlineGames.BF worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\1thes92p.exe.vir a variant of Win32/PSW.OnLineGames.PMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\2u923g01.exe.vir Win32/AutoRun.PSW.OnlineGames.AY worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\2ul.exe.vir a variant of Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\31lyx.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\33r.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\3dcs9.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\3exi.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\8xcrbho6.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\9d6tpg.exe.vir Win32/PSW.OnLineGames.NWF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\9ffp.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\9fo3ar0j.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\9qqigqwf.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\9rfpp.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\9xf8.exe.vir Win32/AutoRun.PSW.OnlineGames.AQ worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\affi8l.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\anoataly.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\Autorun.inf.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\awb3ryk.exe.vir Win32/PSW.OnLineGames.PNH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\ba.exe.vir a variant of Win32/PSW.OnLineGames.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\bbjl2g.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\biriprg.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\bu8.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\bveijo.exe.vir Win32/AutoRun.PSW.OnlineGames.AT worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\c2e.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\ca.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\cgaqyi.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\chxnxyx.exe.vir a variant of Win32/PSW.OnLineGames.PBO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\cobn8w3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\dqm.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\e9naq.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\eyruu.exe.vir a variant of Win32/PSW.OnLineGames.PNZ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\f2kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\f662sjd.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\fk.exe.vir Win32/PSW.OnLineGames.OTW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\g6jk.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\ggb6w.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\h0.exe.vir Win32/AutoRun.PSW.OnlineGames.AO worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\hc3hvi0.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\i8gcgmg.exe.vir Win32/PSW.OnLineGames.POQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\i8ikdjwt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\iuvvl9f3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\ji83j.exe.vir a variant of Win32/Pacex.AI virus (deleted - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\k1d.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\krwyrv0d.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\mh.exe.vir Win32/AutoRun.PSW.OnlineGames.AP worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\mi9al8rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\mk28sp.exe.vir a variant of Win32/PSW.OnLineGames.POC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\mvmdh.exe.vir Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\n0qls.exe.vir Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\olu392qj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\p3vwxx.exe.vir a variant of Win32/PSW.OnLineGames.OTI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\p9rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\pbyqfn.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\q0wfr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\qhbfqx.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\qkm.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\r3fhr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\rhwhin.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\rpw.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\rxf.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\s1.exe.vir Win32/AutoRun.PSW.OnlineGames.AW worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\sdfqh.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\sywyrl0q.exe.vir a variant of Win32/Kryptik.BIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\tgt.exe.vir a variant of Win32/PSW.OnLineGames.OTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\twhvna.exe.vir a variant of Win32/PSW.OnLineGames.PLW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\utcddeq.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\vgyn6ewc.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\vi8f.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\wa.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\wkimt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\ws.exe.vir Win32/AutoRun.PSW.OnlineGames.AS worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\wyskq6lt.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\x3xh.exe.vir a variant of Win32/PSW.OnLineGames.POF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\xjb3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\y6cqb2is.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\yqq8eqil.exe.vir a variant of Win32/Kryptik.DYR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\C\ysyjq1bs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\09lf.exe.vir Win32/PSW.OnLineGames.PNY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\0fpdq2dw.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\1hqup.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\1j038ki.exe.vir Win32/AutoRun.PSW.OnlineGames.BF worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\1thes92p.exe.vir a variant of Win32/PSW.OnLineGames.PMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\2u923g01.exe.vir Win32/AutoRun.PSW.OnlineGames.AY worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\2ul.exe.vir a variant of Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\31lyx.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\33r.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\3dcs9.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\3exi.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\8xcrbho6.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\9d6tpg.exe.vir Win32/PSW.OnLineGames.NWF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\9ffp.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\9fo3ar0j.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\9qqigqwf.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\9rfpp.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\9xf8.exe.vir Win32/AutoRun.PSW.OnlineGames.AQ worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\affi8l.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\anoataly.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\Autorun.inf.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\awb3ryk.exe.vir Win32/PSW.OnLineGames.PNH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\ba.exe.vir a variant of Win32/PSW.OnLineGames.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\bbjl2g.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\biriprg.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\bu8.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\bveijo.exe.vir Win32/AutoRun.PSW.OnlineGames.AT worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\c2e.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\ca.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\cgaqyi.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\chxnxyx.exe.vir a variant of Win32/PSW.OnLineGames.PBO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\cobn8w3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\dqm.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\e9naq.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\eyruu.exe.vir a variant of Win32/PSW.OnLineGames.PNZ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\f2kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\f662sjd.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\fk.exe.vir Win32/PSW.OnLineGames.OTW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\g6jk.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\ggb6w.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\h0.exe.vir Win32/AutoRun.PSW.OnlineGames.AO worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\hc3hvi0.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\i8gcgmg.exe.vir Win32/PSW.OnLineGames.POQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\i8ikdjwt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\iuvvl9f3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\ji83j.exe.vir a variant of Win32/Pacex.AI virus (deleted - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\k1d.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\krwyrv0d.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\mh.exe.vir Win32/AutoRun.PSW.OnlineGames.AP worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\mi9al8rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\mk28sp.exe.vir a variant of Win32/PSW.OnLineGames.POC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\mvmdh.exe.vir Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\n0qls.exe.vir Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\nymdik.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\olu392qj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\p3vwxx.exe.vir a variant of Win32/PSW.OnLineGames.OTI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\p9rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\pbyqfn.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\q0wfr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\qhbfqx.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\qkm.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\r3fhr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\rfg.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\rhwhin.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\rpw.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\rxf.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\s1.exe.vir Win32/AutoRun.PSW.OnlineGames.AW worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\sdfqh.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\sywyrl0q.exe.vir a variant of Win32/Kryptik.BIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\tgt.exe.vir a variant of Win32/PSW.OnLineGames.OTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\twhvna.exe.vir a variant of Win32/PSW.OnLineGames.PLW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\utcddeq.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\vgyn6ewc.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\vi8f.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\wa.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\wkimt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\ws.exe.vir Win32/AutoRun.PSW.OnlineGames.AS worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\wyskq6lt.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\x3xh.exe.vir a variant of Win32/PSW.OnLineGames.POF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\xjb3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\y.exe.vir Win32/AutoRun.PSW.OnlineGames.AR worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\y6cqb2is.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\yqq8eqil.exe.vir a variant of Win32/Kryptik.DYR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\UsbFix\Quarantine\D\ysyjq1bs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C O arquivo do penclean não estava lá, a pesquisa do arquivo lá dizia que ele não existia, e eu procurei ele realmente não estava dentro do system32, mais agora sim um melhora muito significativa aconteceu, os video não estão mais travado, e os jogos não estão 100% como antes mais 85% (digamos que antes de todas as limpezas eles estavam 15% djsaodpjsad) e é isso, caso mais algum programa seja indicado para obter mais melhoras eu agradeceria, se não muito obrigado pois a grande maioria dos problemas foram resolvidos. Compartilhar este post Link para o post Compartilhar em outros sites
Power Max 54 Denunciar post Postado Setembro 7, 2010 :) Muitos outros problemas foram retirados do seu PC. _________________________ :seta: Você executou o Flash Disinfector? Caso não tenha executado, execute por gentileza. __________________________ :seta: Siga, por gentileza, as dicas destes tutoriais: Tutorial do antivírus BitDefender Online '>http://dicasetutoriaisparapc.blogspot.com/2009/11/tutorial-do-norman-malware-cleaner.html"]Tutorial do Norman Malware Cleaner ____________________________ :seta: Nos seus logs está constando que seu PC está sem antivirus e é muito importante ter um. Sugiro um ótimo antivirus gratuito para você, como o '>http://freedownloads2000.blogspot.com/2008/10/avira-antivir-personal-edition-classic.html"]Avira Antivir Personal 10 Free. Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais: '>http://dicasetutoriaisparapc.blogspot.com/2009/03/tutorial-de-instalacao-e-configuracao.html"]Tutorial do Avira Antivir 10 free (instalação e configuração) '>http://dicasetutoriaisparapc.blogspot.com/2009/03/escaneando-seu-computador-com-o-avira.html]Tutorial do Avira Antivir 10 free (como usá-lo corretamente) ___________________________________ * Depois de instalar e configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Scan system now > e aguarde a conclusão do escaneamento. Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal. _______________________________________________________________ :seta: Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Reports > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um novo log do Hijackthis, o log do BitDefender Online que estará em C:\Windows\BDOSCAN8\bdoscan.log e o log do Norman Malware Cleaner para que eles possam ser analizados e nos diga, por gentileza, como está o seu PC após seguir estes procedimentos. Ficamos no aguardo de sua resposta. Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Outubro 8, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
