Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Gah

[Arquivado] &nbspPc devagar da noite pro dia

Recommended Posts

Boa tarde, já adiantando que nem tenho certeza se estou postando no lugar correto, mas por indicações de amigos, me disseram que este seria o melhor forum para resolver o meu problema, meu computador do nada começou a ficar lento e agora trava os video no youtube, todos os meus jogos dão lag, tenho aqui um log feito pelo hijackthis:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:55:57, on 26/8/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\Arquivos de programas\Bywifi\bywifi.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\micro\Meus documentos\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.twitter.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Arquivos de programas\Bywifi\bywifiie.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: VDownloader Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Microsoft.NETframework5] "C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe"

O4 - HKCU\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing)

O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing)

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU)

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34

O17 - HKLM\System\CS1\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

 

--

End of file - 7364 bytes

 

 

Gostaria muito da ajuda de vocês, lembrando que faço todas as possiveis limpesas, uso o advanced system care c cleaner entre outros, e mesmo assim ele continua lento...

 

Obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

:) Oi Gah!

 

:seta: Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

 

O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing)

 

O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing)

 

O9 - Extra button: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU)

 

O9 - Extra 'Tools' menuitem: Bywifi: Vídeo Downloader - {09E90109-A9AA-4980-BCEF-76F8D924E902} - C:\Program Files\Bywifi\bywifici.exe (file missing) (HKCU)

_______________________________

 

:seta: Faça o download do HostsXpert.zip:

http://www.funkytoad.com/download/HostsXpert.zip

• Extraia (unzip) HostsXpert.zip para uma pasta permanente do seu drive (exemplo C:\HostsXpert)

• Duplo clique em HostsXpert.exe para executar o programa.

• Se disponivel, clique em "Make Hosts Writable?" (estará no canto superior direito).

• Clique em "Restore Microsoft's Hosts file" e depois clique em "OK".

• Clique no X para sair do programa.

________________________________

 

:seta: Siga também, por gentileza, as dicas destes tutoriais:

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-malwarebytes-anti-malware.html"]Tutorial do Malwarebytes Anti-Malware

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-ad-remover.html"]Tutorial do Ad-Remover

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/11/tutorial-do-toolbar-sd.html"]Tutorial do Toolbar S&D

______________________________

 

:seta: Na sua próxima resposta poste o log do Malwarebytes juntamente com um novo log do Hijackthis, o log que estará em C:\ToolBar SD\TB_1.txt e o log do Ad-Remover que estará em C:\Ad-Report-CLEAN[1].log e nos diga como está o seu PC após estes procedimentos.

 

Ficamos na espera.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes' Anti-Malware 1.42

Versão do banco de dados: 3412

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

 

31/8/2010 13:21:38

mbam-log-2010-08-31 (13-21-38).txt

 

Tipo de Verificação: Completa (C:\|D:\|)

Objetos verificados: 158115

Tempo decorrido: 1 hour(s), 13 minute(s), 20 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 3

Valores do Registro infectados: 0

Ítens do Registro infectados: 1

Pastas infectadas: 0

Arquivos infectados: 0

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fcaddc14-bd46-408a-9842-cdbe1c6d37eb} (Trojan.Banker) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\AdobeUpdate (Trojan.Downloader) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

 

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

 

Arquivos infectados:

(Nenhum ítem malicioso foi detectado)

 

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:44:35, on 31/8/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\Arquivos de programas\Bywifi\bywifi.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\Arquivos de programas\Winamp\winamp.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\micro\Meus documentos\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.twitter.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R3 - Default URLSearchHook is missing

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Arquivos de programas\Bywifi\bywifiie.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Microsoft.NETframework5] "C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe"

O4 - HKCU\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent"

O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\micro\CONFIG~1\Temp\dsoqq.exe

O4 - HKCU\..\Run: [api32] C:\DOCUME~1\micro\CONFIG~1\Temp\apiqq.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34

O17 - HKLM\System\CS1\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

 

--

End of file - 6933 bytes

 

 

 

 

 

-----------\\ ToolBar S&D 1.2.9 XP/Vista

 

 

 

 

 

 

 

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : AMD Athlon MP )

BIOS : Default System BIOS

USER : micro ( Administrator )

BOOT : Normal boot

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:37 Go (Free:9 Go)

D:\ (Local Disk) - NTFS - Total:37 Go (Free:26 Go)

 

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [1] ( ter 31/08/2010|11:14 )

 

-----------\\ Procura por Arquivos / Ficheiros ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://fr.msn.com/"

"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

"Search bar"="http://go.microsoft.com/fwlink/?linkid=54896"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page"="http://fr.msn.com/"

"Search bar"="http://search.msn.com/spbasic.htm"

 

 

 

--------------------\\ Procurando por outras infecções

 

 

Não foram encontradas outras infecções.

 

 

1 - "C:\ToolBar SD\TB_1.txt" - ter 31/08/2010|11:16 - Option : [1]

 

 

 

======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======

 

Updated by C_XX on 13/06/10 at 20:40

Contact: AdRemover.contact@gmail.com

website: http://pagesperso-orange.fr/NosTools/ad_remover.html

 

C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 23:52:13 on 30/08/2010, Normal boot

 

Microsoft Windows XP Professional Service Pack 3 (X86)

micro, M2 ( )

 

============== ACTION(S) ==============

 

 

 

 

O pc melhorou de certa forma, mas não muito ;/ os videos continuam travando, e em geral os jogos que eu jogo que antes não travavam continuam dando pequenas travadas, mais o desempenho em si, abrir paginas etc ficou melhor.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:) Alguns problemas foram removidos do seu PC.

____________________________

 

:seta: Siga, por gentileza, as dicas destes tutoriais:

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-usbfix.html"]Tutorial do USBFix

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-bankerfix.html"]Tutorial do Bankerfix

______________________________

 

:seta: Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:

 

Faça o download do ComboFix

Salve-o no Desktop (área de trabalho).

* Desabilite as proteções residente de: antivírus, antispywares e firewall ( menos o do Windows! )

* Feche todas as janelas e execute a ferramenta.

* Ps: A execução, por comando, também é possível:

* Vá em Iniciar --> Executar --> Digite ou cole:

"%userprofile%\desktop\Combofix.exe" /killall

 

combofixejr8.gif

 

* Clique em Ok.

* Na solicitação: "Negação de garantia de software" --> Clique em Sim.

 

RcAuto1.gif

 

* Não possuindo o "'>http://support.microsoft.com/kb/307654/pt-br"]Console de Recuperação",aceite optar pela instalação do mesmo.

* Terminando,clique Sim ou Yes. --> Aguarde.

 

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

:!: Caso aconteça a notificação de: Aplicativo Win32 inválido ou alguma mensagem parecida com esta, delete a ferramenta ComboFix.exe e faça, novamente, seu download.

* Salve-a no Desktop,renomeada como: Kombo.exe

* Ps: Nomeie durante o salvamento,e não após salvá-la!

* Ps: Surgindo alguma mensagem de erro, rode o ComboFix.exe em "'>http://dicasetutoriaisparapc.blogspot.com/2009/11/ferramentas-para-reparar-o-modo-seguro.html"]Modo Seguro". <-- Link!

* Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:

 

Rookit_found.gif

 

* Ps: Anote essas detecções, e dê o OK. Neste caso poste estas detecções que você terá anotado em sua próxima resposta juntamente com os logs pedidos.

* Ps: Para completar as remoções, talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

* Ps: Para evitar problemas, siga todas as recomendações propostas.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

 

* Abrir-se-á a janela Auto Scan. --> Aguarde!

* Para finalizar remoções, o ComboFix poderá reiniciar o computador.

* Se houver necessidade, digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

* Durante o scan, evite manusear o mouse ou teclado! <-- Importante!

* Caso, por algum motivo de força maior, precise parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter.

<><><><><><><><><><><><>

 

Poste o log do Combofix que estará em C:\ComboFix.txt juntamente com o conteúdo do relatorio.txt do BankerFix que estará em C:\LinhaDefensiva\relatorio.txt, o log do Usbfix que estará em C:\UsbFix.txt e um novo log do Hijackthis e nos diga como está o PC após estes procedimentos.

 

Ficamos no aguardo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

ComboFix 10-09-01.02 - micro 01/09/2010 20:48:17.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.293 [GMT -3:00]

Executando de: C:\Documents and Settings\micro\desktop\Combofix.exe

Comandos utilizados :: /killall

 

ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\MessengerPlus

C:\MessengerPlus\enviado.flg

C:\MessengerPlus\juupdate18.log

C:\WINDOWS\celn925.dll

C:\WINDOWS\system32\Drivers\ovuy.sys

C:\WINDOWS\system32\vbzlib1.dll

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-08-01 to 2010-09-01 ))))))))))))))))))))))))))))

.

 

2010-09-01 23:35:07 . 2010-09-01 23:35:11 -------- d-----w- C:\LinhaDefensiva

2010-09-01 23:29:44 . 2010-09-01 23:29:47 17007230 ----a-w- C:\UsbFix_Upload_Me_M2.zip

2010-09-01 23:24:44 . 2010-09-01 23:29:47 -------- d-----w- C:\UsbFix

2010-08-31 14:13:54 . 2010-08-31 14:20:35 -------- d-----w- C:\ToolBar SD

2010-08-31 02:52:07 . 2010-08-31 14:08:01 -------- d-----w- C:\Arquivos de programas\Ad-Remover

2010-08-30 20:44:26 . 2010-08-30 20:46:55 -------- d-----w- C:\HostsXpert

2010-08-26 20:49:15 . 2010-08-26 20:50:45 -------- d-----w- C:\Arquivos de programas\Bywifi

2010-08-25 10:44:06 . 2010-08-25 10:44:06 -------- d-----w- C:\Arquivos de programas\Seagate Software

2010-08-25 10:44:01 . 2010-08-25 10:44:05 -------- d-----w- C:\WINDOWS\crystal

2010-08-25 10:44:01 . 2010-08-25 10:44:01 -------- d-----w- C:\Arquivos de programas\AssistLDA

2010-08-24 22:23:47 . 2010-08-24 22:26:37 -------- d-----w- C:\SICON

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-01 23:56:05 . 2009-12-22 16:00:09 -------- d-----w- C:\Arquivos de programas\lg_fwupdate

2010-08-23 22:48:04 . 2009-12-22 23:17:45 -------- d-----w- C:\Arquivos de programas\Garena

2010-08-18 15:30:15 . 2009-12-22 22:37:36 -------- d-----w- C:\Arquivos de programas\WC 3

2010-07-27 16:24:21 . 2009-12-23 18:22:38 -------- d-----w- C:\Arquivos de programas\Winamp

2010-07-27 04:03:47 . 2010-04-14 19:59:08 -------- d-----w- C:\Arquivos de programas\MSN Messenger

2010-07-23 19:27:51 . 2010-07-23 19:27:51 -------- d-----w- C:\Documents and Settings\micro\Dados de aplicativos\WinAVI

2010-07-23 19:27:43 . 2010-07-23 19:27:30 -------- d-----w- C:\Arquivos de programas\WinAVI Video Converter

2010-07-20 18:51:55 . 2010-07-20 18:51:51 -------- d-----w- C:\Arquivos de programas\Guitar Pro 5

2010-07-19 02:50:27 . 2010-07-19 02:50:00 0 ----a-w- C:\Arquivos de programas\properties

2010-07-19 02:50:00 . 2010-07-19 02:50:00 -------- d-----w- C:\Arquivos de programas\Java

2010-07-05 23:43:40 . 2010-07-05 23:43:40 -------- d-----w- C:\Documents and Settings\micro\Dados de aplicativos\CyberLink

2010-07-05 23:43:38 . 2010-07-05 23:43:38 -------- d-----w- C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink

2010-02-10 14:18:42 . 2010-05-07 17:50:38 2131336 ----a-w- C:\Arquivos de programas\Arquivos comuns\AskToolbarInstaller.exe

2009-03-21 14:08:53 . 2008-04-14 09:00:00 164746 --sha-r- C:\WINDOWS\system32\mxouwhc.dll

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Pando Media Booster"="C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe" [2010-03-14 19:48:45 2937528]

"ares"="C:\Arquivos de programas\Ares\Ares.exe" [2009-01-03 16:21:00 893952]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" [2007-09-05 02:40:18 6856704]

"Microsoft.NETframework5"="C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe" [2010-07-28 03:55:10 1538048]

"bywifi"="C:\Arquivos de programas\Bywifi\bywifi.exe" [2010-08-15 07:08:42 2644992]

"Google Update"="C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2010-09-01 20:13:05 136176]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 09:00:00 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LGODDFU"="C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" [2009-12-22 16:01:00 557056]

"GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 13:44:34 31072]

"MessengerPlus3"="C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe" [2010-04-15 01:34:51 190024]

"bywifi"="C:\Arquivos de programas\Bywifi\bywifi.exe" [2010-08-15 07:08:42 2644992]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 09:00:00 15360]

 

C:\Documents and Settings\micro\Menu Iniciar\Programas\Inicializar\

Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-06-12 04:38:00 34672 ----a-w- C:\Arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]

2010-08-10 18:10:58 2349776 ----a-w- C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]

 

 

 

 

BankerFix 3.1 VALKYRIE - Removedor de Bankers

Linha Defensiva | http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

-------------------------------------------------------

Data: 2010-09-01 - 21:08

-------------------------------------------------------

Lista de Definição: 2010-08-03-1 | CORE: 2010-01-14-1

=======================================================

 

Proxy/Internet Explorer (HKCU): localhost:9000/proxy.pac

 

 

 

----- Fim -------------------------

 

 

 

############################## | UsbFix 7.022 | [supressão]

 

Usuário: micro (Administrador) # M2 [ ]

Atualizado em 29/08/10 por El Desaparecido / C_XX

Começou em 20:26:33 | 01/09/2010

Site: http://pagesperso-orange.fr/NosTools/index.html

Contato: FindyKill.Contact@gmail.com

 

CPU: AMD Athlon MP

Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3

Internet Explorer 6.0.2900.5512

 

Windows Firewall: Deficientes /!\

RAM -> 511 Mb

C:\ (%systemdrive%) -> Disco fixo # 37 Gb (10 Mb livre - 26%) [] # NTFS

D:\ -> Disco fixo # 37 Gb (26 Mb livre - 71%) [] # NTFS

 

################## | Ficheiros # pastas infeciosos |

 

Supprimido ! C:\WINDOWS\IFinst27.exe

Supprimido ! C:\biriprg.exe

Supprimido ! C:\Autorun.inf

Supprimido ! D:\Autorun.inf

Supprimido ! C:\09lf.exe

Supprimido ! C:\0fpdq2dw.exe

Supprimido ! C:\1hqup.exe

Supprimido ! C:\1j038ki.exe

Supprimido ! C:\1thes92p.exe

Supprimido ! C:\2u923g01.exe

Supprimido ! C:\2ul.exe

Supprimido ! C:\31lyx.exe

Supprimido ! C:\33r.exe

Supprimido ! C:\3dcs9.exe

Supprimido ! C:\3exi.exe

Supprimido ! C:\8xcrbho6.exe

Supprimido ! C:\9d6tpg.exe

Supprimido ! C:\9ffp.exe

Supprimido ! C:\9fo3ar0j.exe

Supprimido ! C:\9qqigqwf.exe

Supprimido ! C:\9rfpp.exe

Supprimido ! C:\9xf8.exe

Supprimido ! C:\affi8l.exe

Supprimido ! C:\anoataly.exe

Supprimido ! C:\awb3ryk.exe

Supprimido ! C:\ba.exe

Supprimido ! C:\bbjl2g.exe

Supprimido ! C:\bu8.exe

Supprimido ! C:\bveijo.exe

Supprimido ! C:\c2e.exe

Supprimido ! C:\ca.exe

Supprimido ! C:\cgaqyi.exe

Supprimido ! C:\chxnxyx.exe

Supprimido ! C:\cobn8w3.exe

Supprimido ! C:\dqm.exe

Supprimido ! C:\e9naq.exe

Supprimido ! C:\eyruu.exe

Supprimido ! C:\f2kmj.exe

Supprimido ! C:\f662sjd.exe

Supprimido ! C:\fk.exe

Supprimido ! C:\g6jk.exe

Supprimido ! C:\ggb6w.exe

Supprimido ! C:\h0.exe

Supprimido ! C:\hc3hvi0.exe

Supprimido ! C:\i8gcgmg.exe

Supprimido ! C:\i8ikdjwt.exe

Supprimido ! C:\iuvvl9f3.exe

Supprimido ! C:\ji83j.exe

Supprimido ! C:\k1d.exe

Supprimido ! C:\kmj.exe

Supprimido ! C:\krwyrv0d.exe

Supprimido ! C:\mh.exe

Supprimido ! C:\mi9al8rs.exe

Supprimido ! C:\mk28sp.exe

Supprimido ! C:\mvmdh.exe

Supprimido ! C:\n0qls.exe

Supprimido ! C:\olu392qj.exe

Supprimido ! C:\p3vwxx.exe

Supprimido ! C:\p9rs.exe

Supprimido ! C:\pbyqfn.exe

Supprimido ! C:\q0wfr.exe

Supprimido ! C:\qhbfqx.exe

Supprimido ! C:\qkm.exe

Supprimido ! C:\r3fhr.exe

Supprimido ! C:\rhwhin.exe

Supprimido ! C:\rpw.exe

Supprimido ! C:\rxf.exe

Supprimido ! C:\s1.exe

Supprimido ! C:\sdfqh.exe

Supprimido ! C:\sywyrl0q.exe

Supprimido ! C:\tgt.exe

Supprimido ! C:\twhvna.exe

Supprimido ! C:\utcddeq.exe

Supprimido ! C:\vgyn6ewc.exe

Supprimido ! C:\vi8f.exe

Supprimido ! C:\wa.exe

Supprimido ! C:\wkimt.exe

Supprimido ! C:\ws.exe

Supprimido ! C:\wyskq6lt.exe

Supprimido ! C:\x3xh.exe

Supprimido ! C:\xjb3.exe

Supprimido ! C:\y6cqb2is.exe

Supprimido ! C:\yqq8eqil.exe

Supprimido ! C:\ysyjq1bs.exe

Supprimido ! D:\y.exe

Supprimido ! D:\09lf.exe

Supprimido ! D:\0fpdq2dw.exe

Supprimido ! D:\1hqup.exe

Supprimido ! D:\1j038ki.exe

Supprimido ! D:\1thes92p.exe

Supprimido ! D:\2u923g01.exe

Supprimido ! D:\2ul.exe

Supprimido ! D:\31lyx.exe

Supprimido ! D:\33r.exe

Supprimido ! D:\3dcs9.exe

Supprimido ! D:\3exi.exe

Supprimido ! D:\8xcrbho6.exe

Supprimido ! D:\9d6tpg.exe

Supprimido ! D:\9ffp.exe

Supprimido ! D:\9fo3ar0j.exe

Supprimido ! D:\9qqigqwf.exe

Supprimido ! D:\9rfpp.exe

Supprimido ! D:\9xf8.exe

Supprimido ! D:\affi8l.exe

Supprimido ! D:\anoataly.exe

Supprimido ! D:\awb3ryk.exe

Supprimido ! D:\ba.exe

Supprimido ! D:\bbjl2g.exe

Supprimido ! D:\biriprg.exe

Supprimido ! D:\bu8.exe

Supprimido ! D:\bveijo.exe

Supprimido ! D:\c2e.exe

Supprimido ! D:\ca.exe

Supprimido ! D:\cgaqyi.exe

Supprimido ! D:\chxnxyx.exe

Supprimido ! D:\cobn8w3.exe

Supprimido ! D:\dqm.exe

Supprimido ! D:\e9naq.exe

Supprimido ! D:\eyruu.exe

Supprimido ! D:\f2kmj.exe

Supprimido ! D:\f662sjd.exe

Supprimido ! D:\fk.exe

Supprimido ! D:\g6jk.exe

Supprimido ! D:\ggb6w.exe

Supprimido ! D:\h0.exe

Supprimido ! D:\hc3hvi0.exe

Supprimido ! D:\i8gcgmg.exe

Supprimido ! D:\i8ikdjwt.exe

Supprimido ! D:\iuvvl9f3.exe

Supprimido ! D:\ji83j.exe

Supprimido ! D:\k1d.exe

Supprimido ! D:\kmj.exe

Supprimido ! D:\krwyrv0d.exe

Supprimido ! D:\mh.exe

Supprimido ! D:\mi9al8rs.exe

Supprimido ! D:\mk28sp.exe

Supprimido ! D:\mvmdh.exe

Supprimido ! D:\n0qls.exe

Supprimido ! D:\nymdik.exe

Supprimido ! D:\olu392qj.exe

Supprimido ! D:\p3vwxx.exe

Supprimido ! D:\p9rs.exe

Supprimido ! D:\pbyqfn.exe

Supprimido ! D:\q0wfr.exe

Supprimido ! D:\qhbfqx.exe

Supprimido ! D:\qkm.exe

Supprimido ! D:\r3fhr.exe

Supprimido ! D:\rfg.exe

Supprimido ! D:\rhwhin.exe

Supprimido ! D:\rpw.exe

Supprimido ! D:\rxf.exe

Supprimido ! D:\s1.exe

Supprimido ! D:\sdfqh.exe

Supprimido ! D:\sywyrl0q.exe

Supprimido ! D:\tgt.exe

Supprimido ! D:\twhvna.exe

Supprimido ! D:\utcddeq.exe

Supprimido ! D:\vgyn6ewc.exe

Supprimido ! D:\vi8f.exe

Supprimido ! D:\wa.exe

Supprimido ! D:\wkimt.exe

Supprimido ! D:\ws.exe

Supprimido ! D:\wyskq6lt.exe

Supprimido ! D:\x3xh.exe

Supprimido ! D:\xjb3.exe

Supprimido ! D:\y6cqb2is.exe

Supprimido ! D:\yqq8eqil.exe

Supprimido ! D:\ysyjq1bs.exe

 

################## | Registro |

 

Supprimido ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch

Supprimido ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|dso32

 

################## | Mountpoints2 |

 

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\C

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{0aecf870-fb19-11de-a68c-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{14bbbc1d-9f04-11df-a8c8-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{23a8d4ff-579b-11df-a7cc-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{4418eb47-1012-11df-a6c9-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{69dd03e4-f4d3-11de-a67a-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{7b2ef414-888e-11df-a878-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{862ea2a8-3c51-11df-a760-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{9cba8064-9e55-11df-a8c6-000d87b1352a}

Supprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{f51f236b-4983-11df-a796-000d87b1352a}

 

################## | Listing |

 

[30/08/2010 - 23:54:00 | A | 433] C:\Ad-Report-CLEAN[1].txt

[31/08/2010 - 11:08:21 | A | 5118] C:\Ad-Report-CLEAN[2].txt

[31/08/2010 - 11:08:17 | RD ] C:\Arquivos de programas

[24/08/2010 - 19:23:55 | A | 20] C:\AUTOEXEC.BAT

[22/12/2009 - 11:23:03 | SH | 211] C:\boot.ini

[14/04/2008 - 06:00:00 | RASH | 4952] C:\Bootfont.bin

[24/08/2010 - 19:23:55 | A | 106] C:\CONFIG.SYS

[22/12/2009 - 11:48:45 | D ] C:\Documents and Settings

[01/09/2010 - 14:29:08 | ASH | 536268800] C:\hiberfil.sys

[30/08/2010 - 17:46:55 | D ] C:\HostsXpert

[22/12/2009 - 11:30:21 | RASH | 0] C:\IO.SYS

[19/08/2010 - 22:32:57 | AHD ] C:\MessengerPlus

[22/12/2009 - 11:30:21 | RASH | 0] C:\MSDOS.SYS

[22/12/2009 - 13:06:37 | RHD ] C:\MSOCache

[23/05/2010 - 16:40:53 | D ] C:\My Games

[15/03/2010 - 15:11:45 | D ] C:\nDoors

[06/06/2010 - 15:59:16 | D ] C:\Nova pasta

[14/04/2008 - 06:00:00 | RASH | 47564] C:\NTDETECT.COM

[14/04/2008 - 06:00:00 | RASH | 251696] C:\ntldr

[01/09/2010 - 14:29:07 | ASH | 402653184] C:\pagefile.sys

[23/03/2010 - 16:11:31 | D ] C:\Program Files

[01/09/2010 - 20:29:21 | SHD ] C:\RECYCLER

[24/08/2010 - 19:26:37 | D ] C:\SICON

[18/06/2010 - 12:17:33 | SHD ] C:\System Volume Information

[31/08/2010 - 11:20:35 | A | 1654] C:\TB.txt

[31/08/2010 - 11:34:38 | A | 1654] C:\TB2.txt

[22/12/2009 - 13:04:19 | D ] C:\Temp

[31/08/2010 - 11:20:35 | D ] C:\ToolBar SD

[01/09/2010 - 20:29:21 | D ] C:\UsbFix

[01/09/2010 - 20:29:22 | A | 5292] C:\UsbFix.txt

[24/08/2010 - 19:24:37 | A | 2048] C:\USUAR01.NTX

[24/08/2010 - 19:24:37 | A | 2048] C:\USUAR02.NTX

[23/03/2010 - 15:59:44 | D ] C:\WeMade Entertainment

[01/09/2010 - 20:29:15 | D ] C:\WINDOWS

[01/09/2010 - 20:29:21 | SHD ] D:\RECYCLER

[26/08/2010 - 18:30:21 | D ] D:\Supernatural

[17/06/2010 - 22:51:14 | SHD ] D:\System Volume Information

 

################## | Vaccin |

 

C:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

D:\Autorun.inf -> Folder criado por UsbFix (El Desaparecido & C_XX)

 

################## | Upload |

 

Favor enviar o arquivo: C:\UsbFix_Upload_Me_M2.zip

http://chiquitine.changelog.fr/Sample/Upload.php

Obrigado pela sua contribuição.

 

################## | E.O.F |

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:56:54, on 5/9/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\Arquivos de programas\Bywifi\bywifi.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Winamp\winamp.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\micro\Meus documentos\Downloads\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9000/proxy.pac

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: BywifiBHO - {C4743D3E-20D7-4B52-84F2-5E4E277B2D82} - C:\Arquivos de programas\Bywifi\bywifiie.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent"

O4 - HKCU\..\Run: [Pando Media Booster] C:\Arquivos de programas\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Microsoft.NETframework5] "C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe"

O4 - HKCU\..\Run: [bywifi] "C:\Arquivos de programas\Bywifi\bywifi.exe" "-silent"

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\micro\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34

O17 - HKLM\System\CS1\Services\Tcpip\..\{34357880-EC07-413A-9BAD-2427955B913F}: NameServer = 200.225.197.37 200.225.197.34

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

 

--

End of file - 6860 bytes

 

 

O computador se manteve praticamente, com as mesmas melhoras da primeira vez, eu baixei um programa pra tenta acelera os videos do youtube

mas eles continuam dando algumas travadas de 1 segundo a cada 5 que passa, e os jogos continuam dando lag tambem.

 

Desde já obrigado pela atenção.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:) Muitos outros problemas foram removidos.

____________________________

 

:seta: Siga estas dicas:

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-flash-disinfector.html"]Tutorial do Flash Disinfector

 

'>http://dicasetutoriaisparapc.blogspot.com/2008/09/tutorial-do-antivirus-nod32-online.html"]Tutorial do antivirus Nod32 Online

____________________________

 

:seta: Faça o download do PenClean:

https://dl.getdropbox.com/u/1035720/PenClean.zip

 

● Descompacte o Penclean.zip usando um descompactor (como o Winrar ou Winzip, por exemplo).

● Conecte o seu pendrive ou outra mídia que estiver infectada (se você tiver um) no computador e siga as etapas abaixo:

● Execute o arquivo PenClean.exe, e marque a opção: Verificar unidade > clique seta voltada para baixo e escolha a opção Todas as unidades. Depois disto clique no botão: Verificar.

● Se algo for detectado, o programa vai pedir para reiniciar o computador. Marque a opção para reiniciar e aguarde.

 

● Será salvo um log em C:\PenClean\PenClean.txt

____________________________

 

:seta: Acesse o site " Jotti's malware scan ":

http://virusscan.jotti.org/en

 

Clique na caixa Escolher arquivo

Copie e cole o seguinte arquivo:

C:\WINDOWS\system32\mxouwhc.dll

 

Clique no botão Abrir > Depois disto clique no botão Submite File >

 

O arquivo irá ser examinado por diferentes softwares antivirus, por favor aguarde.

 

Copie e cole o resultado desta análise em sua próxima resposta.

 

Se o site acima estiver muito congestionado, tente em um desses sites:

http://virscan.org/

http://www.virustotal.com/

http://www.viruschief.com/

_______________________________

 

:seta: Na sua próxima resposta poste o log do Nod32 Online que estará em C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt juntamente com um novo log do Hijackthis, o log que estará em C:\PenClean\PenClean.txt e o resultado da análise do arquivo C:\WINDOWS\system32\mxouwhc.dll e nos diga, por gentileza, como está o seu PC após seguir estes procedimentos. Ficamos no aguardo de sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# IEXPLORE.EXE=6.00.2900.5512 (xpsp.080413-2105)

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=eaddde348102a64f84626396d95d145f

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2010-09-07 01:37:30

# local_time=2010-09-06 10:37:30 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=55022

# found=331

# cleaned=331

# scan_time=9316

C:\UsbFix_Upload_Me_M2.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Ad-Remover\Quarantine\C\Arquivos de programas\PokerStars\gx\chips&deck\deck\large\0\cdr50r.exe.vir a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Ad-Remover\Quarantine\C\Arquivos de programas\PokerStars\themes\oldblack\ctrls\jpi_share.exe.vir a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DAO\AdobeUpdate.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\PROOF\NeMP3_Dmo.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\THEMES12\SLATE\nero_API.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\você\Equalize2.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VGX\Onix34.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Esp\pdvd7_aac\VCD_Menu.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Esp\pdvd7_dts_es_neo\images\jsoundd.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Ita\pdvd7_nb\cdr100s.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_dolbyoem\images\cr2200ct.exe a variant of Win32/Spy.Banker.UIQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_h264\images\dcp.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_h264\images\jpi_com.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerDVD\Language\Plk\pdvd7_ia\dtsocket.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerProducer\Menus\Travel\Text\deploys.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\CyberLink\PowerProducer\OEMLib\Generatrs.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Garena\layout\mfc44.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Google\Picasa3\web\documentation\examples\READ_HD16.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Google\Picasa3\web\templates\whitefrm\assets\AdobeUpdate.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Java\jre6\lib\images\cursors\cdr100s.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Java\jre6\lib\images\cursors\NeroMedia_Con.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\lg_fwupdate\image\Nero_Com.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Microsoft Office\Office12\1046\DataServices\cr2200ct.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Microsoft Office\Office12\1046\PUBFTSCM\AiodLites.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Microsoft Office\Office12\Groove\ToolData\groove.net\GrooveForms4\FormsStyles\Swirl\SHORT_CUT.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Mozilla Firefox\icudt38.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Mozilla Firefox\modules\deploys.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Real Alternative\Browser\Plugins\ISOFSS.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\TechSmith\Camtasia Studio 7\Media\Studio\HTML\ExpressShow\addoutput12\msvc71.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\WC 3\bagsikmh.exe a variant of Win32/Kryptik.GDT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Winamp\Drweb34.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Arquivos de programas\Winamp\Plugins\avs\Winamp 5 Picks\AdobeLinguisticx.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\micro\Meus documentos\Downloads\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019273.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019274.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019295.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019296.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019314.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019315.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019330.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019331.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019346.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019347.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019358.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019359.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019378.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019379.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019405.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019406.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019424.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019436.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019503.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019504.inf Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019506.exe Win32/PSW.OnLineGames.PNY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019507.exe a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019508.exe a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019509.exe Win32/AutoRun.PSW.OnlineGames.BF worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019510.exe a variant of Win32/PSW.OnLineGames.PMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019511.exe Win32/AutoRun.PSW.OnlineGames.AY worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019512.exe a variant of Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019513.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019514.exe a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019515.exe a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019516.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019517.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019518.exe Win32/PSW.OnLineGames.NWF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019519.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019520.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019521.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019522.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019523.exe Win32/AutoRun.PSW.OnlineGames.AQ worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019524.exe a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019525.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019526.exe Win32/PSW.OnLineGames.PNH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019527.exe a variant of Win32/PSW.OnLineGames.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019528.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019529.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019530.exe Win32/AutoRun.PSW.OnlineGames.AT worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019531.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019532.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019533.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019534.exe a variant of Win32/PSW.OnLineGames.PBO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019535.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019536.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019537.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019538.exe a variant of Win32/PSW.OnLineGames.PNZ trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019539.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019540.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019541.exe Win32/PSW.OnLineGames.OTW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019542.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019543.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019544.exe Win32/AutoRun.PSW.OnlineGames.AO worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019545.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019546.exe Win32/PSW.OnLineGames.POQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019547.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019548.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019549.exe a variant of Win32/Pacex.AI virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019550.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019551.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019552.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019553.exe Win32/AutoRun.PSW.OnlineGames.AP worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019554.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019555.exe a variant of Win32/PSW.OnLineGames.POC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019556.exe Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019557.exe Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019558.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019559.exe a variant of Win32/PSW.OnLineGames.OTI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019560.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019561.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019562.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019563.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019564.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019565.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019566.exe a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019567.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019568.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019569.exe Win32/AutoRun.PSW.OnlineGames.AW worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019570.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019571.exe a variant of Win32/Kryptik.BIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019572.exe a variant of Win32/PSW.OnLineGames.OTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019573.exe a variant of Win32/PSW.OnLineGames.PLW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019574.exe a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019575.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019576.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019577.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019578.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019579.exe Win32/AutoRun.PSW.OnlineGames.AS worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019580.exe a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019581.exe a variant of Win32/PSW.OnLineGames.POF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019582.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019583.exe Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019584.exe a variant of Win32/Kryptik.DYR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP32\A0019585.exe Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019991.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019992.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019993.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019994.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019995.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019996.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019997.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019998.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0019999.exe a variant of Win32/Spy.Banker.UIQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020000.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020001.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020002.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020003.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020004.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020005.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020006.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020007.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020008.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020009.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020010.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020011.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020012.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020013.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020014.exe a variant of Win32/Spy.Banker.TQA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020015.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020016.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020017.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020018.exe a variant of Win32/Kryptik.GDT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020019.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{1D8FA3B4-136E-4014-83BA-AAABC6DCD6CC}\RP35\A0020020.exe a variant of Win32/Spy.Banker.UKR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\09lf.exe.vir Win32/PSW.OnLineGames.PNY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\0fpdq2dw.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\1hqup.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\1j038ki.exe.vir Win32/AutoRun.PSW.OnlineGames.BF worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\1thes92p.exe.vir a variant of Win32/PSW.OnLineGames.PMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\2u923g01.exe.vir Win32/AutoRun.PSW.OnlineGames.AY worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\2ul.exe.vir a variant of Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\31lyx.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\33r.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\3dcs9.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\3exi.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\8xcrbho6.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\9d6tpg.exe.vir Win32/PSW.OnLineGames.NWF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\9ffp.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\9fo3ar0j.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\9qqigqwf.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\9rfpp.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\9xf8.exe.vir Win32/AutoRun.PSW.OnlineGames.AQ worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\affi8l.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\anoataly.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\Autorun.inf.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\awb3ryk.exe.vir Win32/PSW.OnLineGames.PNH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\ba.exe.vir a variant of Win32/PSW.OnLineGames.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\bbjl2g.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\biriprg.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\bu8.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\bveijo.exe.vir Win32/AutoRun.PSW.OnlineGames.AT worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\c2e.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\ca.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\cgaqyi.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\chxnxyx.exe.vir a variant of Win32/PSW.OnLineGames.PBO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\cobn8w3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\dqm.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\e9naq.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\eyruu.exe.vir a variant of Win32/PSW.OnLineGames.PNZ trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\f2kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\f662sjd.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\fk.exe.vir Win32/PSW.OnLineGames.OTW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\g6jk.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\ggb6w.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\h0.exe.vir Win32/AutoRun.PSW.OnlineGames.AO worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\hc3hvi0.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\i8gcgmg.exe.vir Win32/PSW.OnLineGames.POQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\i8ikdjwt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\iuvvl9f3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\ji83j.exe.vir a variant of Win32/Pacex.AI virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\k1d.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\krwyrv0d.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\mh.exe.vir Win32/AutoRun.PSW.OnlineGames.AP worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\mi9al8rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\mk28sp.exe.vir a variant of Win32/PSW.OnLineGames.POC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\mvmdh.exe.vir Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\n0qls.exe.vir Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\olu392qj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\p3vwxx.exe.vir a variant of Win32/PSW.OnLineGames.OTI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\p9rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\pbyqfn.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\q0wfr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\qhbfqx.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\qkm.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\r3fhr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\rhwhin.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\rpw.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\rxf.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\s1.exe.vir Win32/AutoRun.PSW.OnlineGames.AW worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\sdfqh.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\sywyrl0q.exe.vir a variant of Win32/Kryptik.BIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\tgt.exe.vir a variant of Win32/PSW.OnLineGames.OTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\twhvna.exe.vir a variant of Win32/PSW.OnLineGames.PLW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\utcddeq.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\vgyn6ewc.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\vi8f.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\wa.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\wkimt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\ws.exe.vir Win32/AutoRun.PSW.OnlineGames.AS worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\wyskq6lt.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\x3xh.exe.vir a variant of Win32/PSW.OnLineGames.POF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\xjb3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\y6cqb2is.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\yqq8eqil.exe.vir a variant of Win32/Kryptik.DYR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\C\ysyjq1bs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\09lf.exe.vir Win32/PSW.OnLineGames.PNY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\0fpdq2dw.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\1hqup.exe.vir a variant of Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\1j038ki.exe.vir Win32/AutoRun.PSW.OnlineGames.BF worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\1thes92p.exe.vir a variant of Win32/PSW.OnLineGames.PMF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\2u923g01.exe.vir Win32/AutoRun.PSW.OnlineGames.AY worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\2ul.exe.vir a variant of Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\31lyx.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\33r.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\3dcs9.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\3exi.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\8xcrbho6.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\9d6tpg.exe.vir Win32/PSW.OnLineGames.NWF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\9ffp.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\9fo3ar0j.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\9qqigqwf.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\9rfpp.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\9xf8.exe.vir Win32/AutoRun.PSW.OnlineGames.AQ worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\affi8l.exe.vir a variant of Win32/PSW.OnLineGames.PLX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\anoataly.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\Autorun.inf.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\awb3ryk.exe.vir Win32/PSW.OnLineGames.PNH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\ba.exe.vir a variant of Win32/PSW.OnLineGames.PBM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\bbjl2g.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\biriprg.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\bu8.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\bveijo.exe.vir Win32/AutoRun.PSW.OnlineGames.AT worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\c2e.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\ca.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\cgaqyi.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\chxnxyx.exe.vir a variant of Win32/PSW.OnLineGames.PBO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\cobn8w3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\dqm.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\e9naq.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\eyruu.exe.vir a variant of Win32/PSW.OnLineGames.PNZ trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\f2kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\f662sjd.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\fk.exe.vir Win32/PSW.OnLineGames.OTW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\g6jk.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\ggb6w.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\h0.exe.vir Win32/AutoRun.PSW.OnlineGames.AO worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\hc3hvi0.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\i8gcgmg.exe.vir Win32/PSW.OnLineGames.POQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\i8ikdjwt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\iuvvl9f3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\ji83j.exe.vir a variant of Win32/Pacex.AI virus (deleted - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\k1d.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\kmj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\krwyrv0d.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\mh.exe.vir Win32/AutoRun.PSW.OnlineGames.AP worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\mi9al8rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\mk28sp.exe.vir a variant of Win32/PSW.OnLineGames.POC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\mvmdh.exe.vir Win32/PSW.OnLineGames.OSS trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\n0qls.exe.vir Win32/PSW.OnLineGames.PNT trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\nymdik.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\olu392qj.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\p3vwxx.exe.vir a variant of Win32/PSW.OnLineGames.OTI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\p9rs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\pbyqfn.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\q0wfr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\qhbfqx.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\qkm.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\r3fhr.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\rfg.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\rhwhin.exe.vir a variant of Win32/PSW.OnLineGames.PMV trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\rpw.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\rxf.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\s1.exe.vir Win32/AutoRun.PSW.OnlineGames.AW worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\sdfqh.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\sywyrl0q.exe.vir a variant of Win32/Kryptik.BIM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\tgt.exe.vir a variant of Win32/PSW.OnLineGames.OTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\twhvna.exe.vir a variant of Win32/PSW.OnLineGames.PLW trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\utcddeq.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\vgyn6ewc.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\vi8f.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\wa.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\wkimt.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\ws.exe.vir Win32/AutoRun.PSW.OnlineGames.AS worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\wyskq6lt.exe.vir a variant of Win32/PSW.OnLineGames.PLU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\x3xh.exe.vir a variant of Win32/PSW.OnLineGames.POF trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\xjb3.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\y.exe.vir Win32/AutoRun.PSW.OnlineGames.AR worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\y6cqb2is.exe.vir Win32/PSW.OnLineGames.NNU trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\yqq8eqil.exe.vir a variant of Win32/Kryptik.DYR trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\UsbFix\Quarantine\D\ysyjq1bs.exe.vir Win32/PSW.OnLineGames.OUM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

 

 

 

O arquivo do penclean não estava lá, a pesquisa do arquivo lá dizia que ele não existia, e eu procurei ele realmente não estava dentro do system32, mais agora sim um melhora muito significativa aconteceu, os video não estão mais travado, e os jogos não estão 100% como antes mais 85% (digamos que antes de todas as limpezas eles estavam 15% djsaodpjsad) e é isso, caso mais algum programa seja indicado para obter mais melhoras eu agradeceria, se não muito obrigado pois a grande maioria dos problemas foram resolvidos.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:) Muitos outros problemas foram retirados do seu PC.

_________________________

 

:seta: Você executou o Flash Disinfector? Caso não tenha executado, execute por gentileza.

__________________________

 

:seta: Siga, por gentileza, as dicas destes tutoriais:

 

Tutorial do antivírus BitDefender Online

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/11/tutorial-do-norman-malware-cleaner.html"]Tutorial do Norman Malware Cleaner

____________________________

 

:seta: Nos seus logs está constando que seu PC está sem antivirus e é muito importante ter um.

 

Sugiro um ótimo antivirus gratuito para você, como o '>http://freedownloads2000.blogspot.com/2008/10/avira-antivir-personal-edition-classic.html"]Avira Antivir Personal 10 Free.

 

Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais:

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/03/tutorial-de-instalacao-e-configuracao.html"]Tutorial do Avira Antivir 10 free (instalação e configuração)

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/03/escaneando-seu-computador-com-o-avira.html]Tutorial do Avira Antivir 10 free (como usá-lo corretamente)

___________________________________

 

* Depois de instalar e configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Scan system now > e aguarde a conclusão do escaneamento.

 

Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal.

_______________________________________________________________

 

:seta: Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Reports > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um novo log do Hijackthis, o log do BitDefender Online que estará em C:\Windows\BDOSCAN8\bdoscan.log e o log do Norman Malware Cleaner para que eles possam ser analizados e nos diga, por gentileza, como está o seu PC após seguir estes procedimentos.

 

Ficamos no aguardo de sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.