Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 9 usuários online :: 0 registrados, 0 invisíveis e 9 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
awesomehp alguem sabe tirar
2 participantes
Página 2 de 3
Página 2 de 3 • 1, 2, 3
Re: awesomehp alguem sabe tirar
o baidu diz que ele está em quarentena e não permite baixar, mesmo assim devo baixar?
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Desative temporariamente o Baidu para evitar conflitos. Depois disto você o baixa e executa conforme lhe passei.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Zoek.exe v5.0.0.0 Updated 15-February-2014
Tool run by Ponto Frio on 15/02/2014 at 23:16:44,54.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ponto Frio\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15/02/2014 23:17:54 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F2AFFA64-9545-4C43-BDAE-3B8784F39BC1} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Ponto Frio\daemonprocess.txt deleted
C:\Users\Ponto Frio\.android deleted
C:\Users\Ponto Frio\AppData\Roaming\DigitalSites deleted
C:\ProgramData\FileSplitUpLoad.dll deleted
C:\ProgramData\Baidu deleted
C:\Users\Ponto Frio\AppData\Local\Mobogenie deleted
C:\Users\Ponto Frio\AppData\Local\cache deleted
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\Users\Ponto Frio\Documents\Mobogenie deleted
==== Chrome Look ======================
Google Docs - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{F2AFFA64-9545-4C43-BDAE-3B8784F39BC1}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F2AFFA64-9545-4C43-BDAE-3B8784F39BC1}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0ABE7D2D-8F67-9EA6-2A31-53E1299BD373} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ABE7D2D-8F67-9EA6-2A31-53E1299BD373} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Ponto Frio\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\Ponto Frio\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Ponto Frio\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Ponto Frio\Desktop\IGREJA SUCESSO EM CRISTO\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Acer Backup Manager.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\DigitalEditions.exe
C:\Users\Public\Desktop\AmCap.lnk - C:\Windows\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\NewShortcut3_56E721DA0A134E46A4B3EC5584F58066.exe
C:\Users\Public\Desktop\Brother Utilities.lnk - C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe
C:\Users\Public\Desktop\Glow.lnk - C:\Program Files (x86)\Immersion Digital\SBB\pt-br\Glow.exe
C:\Users\Public\Desktop\Help and Support.lnk -
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mobinil USB Modem.lnk - C:\Program Files (x86)\Mobinil USB Modem\Mobinil USB Modem.exe
C:\Users\Public\Desktop\Netflix.lnk - C:\ProgramData\OEM_E471269A730D\Netflix\StartUrl.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Public\Desktop\TotalMedia 3.5.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore (2).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore (3).lnk - C:\Users\Ponto Frio\Desktop\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore (4).lnk - C:\Users\Ponto Frio\Desktop\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP Creativity Fun Packs\Windows XP Creativity Fun Packs Readme.lnk - C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Installer\{A6264FF6-C49D-4533-AF42-4875C38BB24C}\readme.htm
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP Creativity Fun Packs\Windows Movie Maker 2\Music Tracks and Transitions.lnk - C:\Users\Ponto Frio\Documents\My Videos\Creativity Fun Packs\Music Tracks and Music Transitions
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP Creativity Fun Packs\Windows Movie Maker 2\Sound Effects.lnk - C:\Users\Ponto Frio\Documents\My Videos\Creativity Fun Packs\Sound Effects
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk - C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDMax 3.00 Marceneiro\Desinstalar VDMax 3.00 Marceneiro.lnk - C:\VDMax300-Marceneiro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDMax 3.00 Marceneiro\VDMax 3.00 Marceneiro.lnk - C:\VDMax300-Marceneiro\VDMax.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\DigitalEditions.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Users\Ponto Frio\Desktop\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\Ponto Frio\Desktop\IGREJA SUCESSO EM CRISTO\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Netflix.lnk - C:\ProgramData\OEM_E471269A730D\Netflix\StartUrl.exe
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OR6T17S will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1180 folders=110 90798093 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Ponto Frio\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\PONTOF~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OR6T17S" not found
==== EOF on 15/02/2014 at 23:29:23,64 ======================
Tool run by Ponto Frio on 15/02/2014 at 23:16:44,54.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ponto Frio\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15/02/2014 23:17:54 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F2AFFA64-9545-4C43-BDAE-3B8784F39BC1} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Ponto Frio\daemonprocess.txt deleted
C:\Users\Ponto Frio\.android deleted
C:\Users\Ponto Frio\AppData\Roaming\DigitalSites deleted
C:\ProgramData\FileSplitUpLoad.dll deleted
C:\ProgramData\Baidu deleted
C:\Users\Ponto Frio\AppData\Local\Mobogenie deleted
C:\Users\Ponto Frio\AppData\Local\cache deleted
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\Users\Ponto Frio\Documents\Mobogenie deleted
==== Chrome Look ======================
Google Docs - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{F2AFFA64-9545-4C43-BDAE-3B8784F39BC1}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F2AFFA64-9545-4C43-BDAE-3B8784F39BC1}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0ABE7D2D-8F67-9EA6-2A31-53E1299BD373} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully
HKEY_USERS\S-1-5-21-261953617-2769025804-3120936794-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ABE7D2D-8F67-9EA6-2A31-53E1299BD373} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71e129ff-6c2a-4984-818c-7e2c998b8d99} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\Ponto Frio\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\Ponto Frio\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Ponto Frio\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Ponto Frio\Desktop\IGREJA SUCESSO EM CRISTO\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Acer Backup Manager.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
C:\Users\Public\Desktop\Adobe Digital Editions 2.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\DigitalEditions.exe
C:\Users\Public\Desktop\AmCap.lnk - C:\Windows\Installer\{02BD1C19-5946-4420-BAE3-F742686B3D43}\NewShortcut3_56E721DA0A134E46A4B3EC5584F58066.exe
C:\Users\Public\Desktop\Brother Utilities.lnk - C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe
C:\Users\Public\Desktop\Glow.lnk - C:\Program Files (x86)\Immersion Digital\SBB\pt-br\Glow.exe
C:\Users\Public\Desktop\Help and Support.lnk -
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mobinil USB Modem.lnk - C:\Program Files (x86)\Mobinil USB Modem\Mobinil USB Modem.exe
C:\Users\Public\Desktop\Netflix.lnk - C:\ProgramData\OEM_E471269A730D\Netflix\StartUrl.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
C:\Users\Public\Desktop\TotalMedia 3.5.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore (2).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore (3).lnk - C:\Users\Ponto Frio\Desktop\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore (4).lnk - C:\Users\Ponto Frio\Desktop\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iexplore.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Feedback.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterFeedback.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\UninstCaller.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP Creativity Fun Packs\Windows XP Creativity Fun Packs Readme.lnk - C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Installer\{A6264FF6-C49D-4533-AF42-4875C38BB24C}\readme.htm
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP Creativity Fun Packs\Windows Movie Maker 2\Music Tracks and Transitions.lnk - C:\Users\Ponto Frio\Documents\My Videos\Creativity Fun Packs\Music Tracks and Music Transitions
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP Creativity Fun Packs\Windows Movie Maker 2\Sound Effects.lnk - C:\Users\Ponto Frio\Documents\My Videos\Creativity Fun Packs\Sound Effects
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk - C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDMax 3.00 Marceneiro\Desinstalar VDMax 3.00 Marceneiro.lnk - C:\VDMax300-Marceneiro\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDMax 3.00 Marceneiro\VDMax 3.00 Marceneiro.lnk - C:\VDMax300-Marceneiro\VDMax.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk - C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\DigitalEditions.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Ponto Frio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Users\Ponto Frio\Desktop\iexplore.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== shortcuts After Repair ======================
C:\Users\Ponto Frio\Desktop\IGREJA SUCESSO EM CRISTO\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Netflix.lnk - C:\ProgramData\OEM_E471269A730D\Netflix\StartUrl.exe
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OR6T17S will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1180 folders=110 90798093 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Ponto Frio\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\PONTOF~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OR6T17S" not found
==== EOF on 15/02/2014 at 23:29:23,64 ======================
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Outros problemas foram removidos pelo Zoek.
Como está o PC depois destas limpezas?
Como está o PC depois destas limpezas?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Meu computador continua estranho: a cada dez minutos muda o papel de parede da area de trabalho e o internet explorer so abre pq arrestei um atalho, mas sempre que abro aparece um icone ao lado dele como se fosse uma folha em branco, um documento e esta folha ou documento que abre a internet e foi so assim que entrei aqui, mas o icone mesmo por exemplo no modo normal do windows 8 não abre de forma alguma...
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Embora no tutorial acima dica que é para se fazer o escaneamento no navegador Internet Explorer, você pode fazer em qualquer navegador.
Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt
Na sua próxima resposta poste este log do Nod32 Online e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Embora no tutorial acima dica que é para se fazer o escaneamento no navegador Internet Explorer, você pode fazer em qualquer navegador.
Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:
C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt
Na sua próxima resposta poste este log do Nod32 Online e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta.
Última edição por Power Max em Sáb 08 Mar 2014, 23:09, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
ainda estou escaneando, esta demorando muito, isso é normal?
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
O internet explorer continua com o mesmo problema ao abrir e o ícone de documento é o que abre a internet...
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
O internet explorer continua com o mesmo problema ao abrir e o ícone de documento é o que abre a internet...
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
O relatório do Nod32 não foi criado corretamente, isto acontece às vezes. Você notou se ele detectou alguns vírus? Você removeu os vírus que ele encontrou?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Eu segui o tutorial e lá falavam que só era para restaurar aquilo que tinha certeza que era importante e não restaurei nenhum, daí voltei para a tela anterior e já foi emitido esse relatório...o computador aparenta estar livre de ameaça, mas o internet explorer continua com o mesmo problema
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Sim, então o Nod32 removeu alguns vírus?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Então, depois de muito tempo apareceu uma lista grande e eram na maioria quarentena e como não restaurei só voltei...acho que eu deveria ter apagado esses arquivos...desculpe
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Para você ver se ele removeu os problemas é só você ir no menu:
C:\Arquivos de programas\Eset\Eset Online Scanner\Quarantine
Em alguns computadores o caminho é este: C:\Program Files (x86)\Eset\Eset Online Scanner\Quarantine
Esta é a pasta da quarentena dele, se os vírus estiverem aí, é sinal que ele removeu eles e guardou uma cópia na quarentena dele.
C:\Arquivos de programas\Eset\Eset Online Scanner\Quarantine
Em alguns computadores o caminho é este: C:\Program Files (x86)\Eset\Eset Online Scanner\Quarantine
Esta é a pasta da quarentena dele, se os vírus estiverem aí, é sinal que ele removeu eles e guardou uma cópia na quarentena dele.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
O problema é que não sei como mas não há mais pasta nenhuma ESET, acabei de ver no arquivo de programas e ela sumiu
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Se você não tem certeza se ele removeu os vírus, seria bom fazer o escaneamento com ele novamente e remover os problemas que ele encontrar. É só você seguir o tutorial dele passo a passo que não tem erro.
Depois disto você posta o relatório dele para podermos analisar.
Depois disto você posta o relatório dele para podermos analisar.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Então, estou tentando entrar pelo link acima e a pagina nao abre...
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Já está fazendo todo o procedimento, daqui a pouco coloco o que aparecer...obrigada
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Ok, fico na espera.AndreaGM escreveu:Já está fazendo todo o procedimento, daqui a pouco coloco o que aparecer...obrigada
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Acabou agora e na tela que diz se foram encontrados vírus deu como nenhum, mas na outra vez que fiz deu quase 90...dá para ver que há os de quarentena, mas tentei copiar e não deu
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Mando deletar estes arquivos de quarentena?
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
E também acabei de achar o arquivo quarantine, eu fiz uma procura mais minuciosa e achei, mas não foi o de agora foi a 1 da manhã, porém, também não consigo selecionar e postar para vc ver...
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Bom, mandei apagar os arquivos de quarentena e agora não aparece mais nada na pasta quarantine....
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
Faça o download do Dr. Web CureIt neste link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Surgirá a tela de confirmação do download, onde você irá marcar a caixinha com a frase I accept Dr.Web License Agreement e clicará no botão Continue para fazer o download do programa.
Dê um duplo clique sobre o instalador do Dr. Web CureIt.
Caso surja uma mensagem de confirmação do Windows perguntando: Deseja permitir que o programa a seguir faça alterações neste computador? Clique em Sim.
Surgirá então esta tela abaixo na qual você deixará marcada a caixinha com a frase I agree to participe in software quality improvement program. All statistics colleted during scanning will be sent to Doctor Web e clicará no botão Continue:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Select objects for scanning, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Marque a caixinha com a frase Scanning objects para que todas as caixinhas de opções sejam automaticamente marcadas, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique então na frase Click to select files and folders:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Na próxima tela que surgirá, clique na caixinha My Computer para que todas as opções fiquem automaticamente marcadas e então clique no botão OK, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique no botão [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]no canto superior direito da tela e clique em Settings, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Log e em Specify logging level deixe em Minimum e clique em OK:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Start Scanning:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
O scan pode demorar, tenha paciência.
Se o programa pedir para reiniciar o computador durante a remoção, reinicie e aguarde para que ele termine de neutralizar as ameaças após o reboot.
Ao término da varredura, clique no botão Neutralize, caso tenham sido encontradas ameaças:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Open Report:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Será aberta uma janela do bloco de notas contendo informações. Clique no menu Editar > Selecionar tudo > Clique novamente em Editar > Copiar.
Cole este relatório na próxima resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Surgirá a tela de confirmação do download, onde você irá marcar a caixinha com a frase I accept Dr.Web License Agreement e clicará no botão Continue para fazer o download do programa.
Dê um duplo clique sobre o instalador do Dr. Web CureIt.
Caso surja uma mensagem de confirmação do Windows perguntando: Deseja permitir que o programa a seguir faça alterações neste computador? Clique em Sim.
Surgirá então esta tela abaixo na qual você deixará marcada a caixinha com a frase I agree to participe in software quality improvement program. All statistics colleted during scanning will be sent to Doctor Web e clicará no botão Continue:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Select objects for scanning, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Marque a caixinha com a frase Scanning objects para que todas as caixinhas de opções sejam automaticamente marcadas, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique então na frase Click to select files and folders:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Na próxima tela que surgirá, clique na caixinha My Computer para que todas as opções fiquem automaticamente marcadas e então clique no botão OK, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique no botão [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]no canto superior direito da tela e clique em Settings, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Log e em Specify logging level deixe em Minimum e clique em OK:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Start Scanning:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
O scan pode demorar, tenha paciência.
Se o programa pedir para reiniciar o computador durante a remoção, reinicie e aguarde para que ele termine de neutralizar as ameaças após o reboot.
Ao término da varredura, clique no botão Neutralize, caso tenham sido encontradas ameaças:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Clique em Open Report:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Será aberta uma janela do bloco de notas contendo informações. Clique no menu Editar > Selecionar tudo > Clique novamente em Editar > Copiar.
Cole este relatório na próxima resposta.
Última edição por Power Max em Sáb 08 Mar 2014, 23:10, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: awesomehp alguem sabe tirar
Scan session started 2014/02/16 11:46:30
Module location : c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Using language: "English"
Available instances: 12
Instances used: 12
Platform: Windows 8 Starter x64/WOW (Build 9200)
API Version: 2.2
Scanning Engine version: 9.0.6.11080
Virus Finding Engine version: 7.0.7.12100
Total 161 virus bases are loaded from c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67
bl8mu22r 7.0 d7c3ccd49deef2c64c6cb883197fb062463199bb 2014/02/16 09:10:21 964 records - OK
y1itcadn 7.0 d07fc5cc240588c772457e7df580f3cec20d9222 2011/07/25 11:20:03 2 records - OK
43npi8ow 7.0 526e94451dc17c95652cb191508515fe593ede4e 2014/02/15 17:02:25 11081 records - OK
dnchhw4y 7.0 8096cc58eae678b74939277d4d6e3b1f7a498c54 2014/02/10 01:06:00 21955 records - OK
gyac4bfu 7.0 d2759d80da4df855cc56a1c3e14dc29721af2eb5 2014/02/03 01:11:13 21349 records - OK
fhljy27z 7.0 3d19003910067f044af4e5fee3ca6ba49b1e0dff 2014/01/27 01:08:07 11704 records - OK
sel7f19u 7.0 9ec552f68211aadc7667cb8fbdeedee84e2ccaf4 2014/01/20 01:10:10 19301 records - OK
cn5ngh5q 7.0 141e9b07b61877285ee8d35a4ca0a552be38d299 2014/01/13 01:07:28 15935 records - OK
fvw9q6fi 7.0 e4963e7b03c06feda00ae36a7942659c0737c1bd 2014/01/06 01:07:22 12941 records - OK
k06us0rl 7.0 c3164a886736d726e2441cad3a4de6f0b0e3219b 2013/12/30 01:07:50 18147 records - OK
r5k92ici 7.0 1b3a9eb9e843e310051345db539364f71dcdce26 2013/12/23 01:07:36 24291 records - OK
x4a5tbb8 7.0 3c6be998bcbacb19a30e4fd27fe02bb8d9401191 2013/12/16 01:08:17 22670 records - OK
v7mjc8u6 7.0 17c7a62a967080ce25e28d47e4cf1035e145ddc1 2013/12/09 01:09:54 21015 records - OK
w66jx0ii 7.0 6dbc5b701b6ffb1a8bc80c52f3454314e6d82273 2013/12/02 01:09:01 20471 records - OK
vphobkz4 7.0 95e77d6bd2c5f5feabdd074d49272f3988737aac 2013/11/25 01:06:55 18641 records - OK
jqohr8d0 7.0 8e677cc8b19dc0ad82c4b71202c0acd9e2e25827 2013/11/18 01:08:42 32245 records - OK
zfj3pyy4 7.0 bc2662842e39ed5dc010a39140fd82d7ad1b6006 2013/11/11 01:09:43 33084 records - OK
slrprloq 7.0 8900859cec3affe1e5bbb086bdb2299d125acf7c 2013/11/04 01:09:28 30356 records - OK
amnqjyi5 7.0 0e9ca4f15f289ae826d213e6a1d672470a127b51 2013/10/28 01:09:43 18457 records - OK
74wndz5o 7.0 eba0efa3e9d70063908fb5e41a704579c255ea33 2013/10/21 01:09:49 19594 records - OK
7socdb5j 7.0 0f5e49d3e5b4c931d1f2de5e7b3551b3290cae26 2013/10/14 00:07:20 22924 records - OK
ouhq5ls2 7.0 11c09a3ae7c80058711dd699aeb1ca4f5ba0f5a5 2013/10/07 00:07:56 24694 records - OK
5k7b0e6b 7.0 27f46d939a14e1a0605b9762db1de5a2aca20a58 2013/09/30 00:08:23 24253 records - OK
3mgetpav 7.0 e679853ff1af1082b1982cf226785128a26e1099 2013/09/23 00:07:56 18453 records - OK
48hbeapb 7.0 690d8b937e4edb8176c3d466585662a6014e3d0e 2013/09/16 00:08:41 19662 records - OK
czkaxew6 7.0 cf5d32d1091e0c33523e8c6f9697c32ef2bf4f29 2013/09/09 00:07:53 11289 records - OK
t45t6h2b 7.0 8f8258337f82d1dd4434e9b71f2e481f06baf7c2 2013/09/02 00:08:50 16486 records - OK
4mzna3mn 7.0 f806ed4628669b46da54d1f2eb12aa9bcef603a6 2013/08/26 00:08:46 18051 records - OK
iivn7kaj 7.0 b453f2d6f8659d9dd5b9aa92f2a4cfa16cbfa1db 2013/08/19 00:07:38 30970 records - OK
8m0wjn9q 7.0 99da1df207839fb44ae24c23590c827a78b79624 2013/08/12 00:07:21 36983 records - OK
fiwzdo84 7.0 f00c8b50a0012e8c42c6739e1326d23df1894610 2013/08/05 00:06:47 34115 records - OK
wcp0cjaj 7.0 896fcf8d5d0cd958da3891b65648d2dc1592338b 2013/07/29 00:07:44 19463 records - OK
nnbtsant 7.0 d690513befab3ea86af2fe671a7f24cc05c9feaa 2013/07/22 00:08:15 35067 records - OK
yp7cxrac 7.0 5d7d11b0edc97be077b0771339ba3dc0c75de9e0 2013/07/15 00:08:05 29822 records - OK
0183cyyq 7.0 67683402b8212ef4da87f649878865c52e5dc113 2013/07/08 00:08:35 39172 records - OK
fo02c3dx 7.0 613a3e4bae38b4e00a7432c24a9cd916fb1c654f 2013/07/01 00:06:34 24654 records - OK
wf1wdr7c 7.0 b81132c4abffd4d2949531a1219b6bb1c3bad6f7 2013/06/24 00:06:30 14062 records - OK
izip1ciw 7.0 9aab251475626c658b193cfa2b5f91da471bf8f2 2013/06/17 00:05:57 13350 records - OK
qcgt1uvy 7.0 e1f8aca88745fcdd49dc7ae75e142c41e1faf178 2013/06/10 00:08:13 26371 records - OK
y9tg22ln 7.0 4e8627555a073f6bad5218bad3e69ebc4b93069f 2013/06/03 00:07:47 25525 records - OK
zrmag7qy 7.0 f562371c5115143824efde38c9567c34ccbe5d1a 2013/05/27 00:16:19 33200 records - OK
gt1gfto0 7.0 eccb30ec8ed44456f9b88fe96d9fe0de40e4fa51 2013/05/20 00:11:05 46384 records - OK
kowfptay 7.0 9b481fbfbe1f564a84f21552da1d30d24e7b01db 2013/05/13 00:07:01 34270 records - OK
l6nfh2be 7.0 1bf754dd720727b5d6803e081c16ff7f4ba7b40b 2013/05/06 00:08:46 41611 records - OK
ck4s08qb 7.0 4e883c92513c2d991968fb3e4f27910a63d9a2df 2013/04/29 00:06:36 36105 records - OK
3btyhv9y 7.0 b047d178295ecde53c3cf1c34e4361004569fa33 2013/04/22 00:07:26 31319 records - OK
h8gvyy3v 7.0 9207e55a924e4aa989dfde4d8d219cf5cc200ce2 2013/04/15 00:07:56 28216 records - OK
ry14f2nl 7.0 78855cfb9fbc063889c5405a577fe73188f08789 2013/04/08 00:05:35 23589 records - OK
fghl1kvt 7.0 cec6d34c79d50608520e81b90a23d91f39df0b27 2013/04/01 00:07:37 26946 records - OK
03pft2ue 7.0 fd3c78d78ea4dae4e252a7f7d76db22e1a679be9 2013/03/25 00:05:37 34778 records - OK
xyomzq65 7.0 268e71b1123ab5e60fd2f38d269fe5f3d22b3697 2013/03/18 00:06:19 11271 records - OK
224z58g3 7.0 d196879775b0dc0ee8286f2e4def9adedb5b88df 2013/03/11 00:05:36 12046 records - OK
onnzxrwq 7.0 0db61d4e3235481da8493523538ced712db362c2 2013/03/04 00:05:18 21747 records - OK
arfbwtpb 7.0 65f99faf227b51883c9f1c854a3f76806b60affb 2013/02/25 00:06:28 11540 records - OK
qzv9m392 7.0 17bd7383b9c4b214c5c9029171db8ae1455984a0 2013/02/18 00:06:38 15568 records - OK
ty8loiv5 7.0 cbe8774953ae403e49370d552b522a5839aa9fdb 2013/02/11 01:06:00 18805 records - OK
wa95ilsy 7.0 fb6865c02a3680338e4ee0603579107227313b2b 2013/02/04 01:06:01 32488 records - OK
jwiku9tz 7.0 95fcd2e24cd9b2ec2610656ffa70b8bf46e86a8b 2013/01/28 01:04:52 15470 records - OK
ex1h2hqb 7.0 3d710b3dd4580a7eca8c74d2c886d48f5b8b5172 2013/01/21 01:06:27 30093 records - OK
ktgc4t6q 7.0 bddde0b5426b7e5bebd61e1239ca529c87ae6e36 2013/01/14 01:04:41 16158 records - OK
uzksurca 7.0 bc40bd9330301e8d7796f489d03357fb711b3121 2013/01/07 01:04:45 19597 records - OK
41rprlh3 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/31 01:05:41 18184 records - OK
1xua94uq 7.0 c680da06ac6ec011d130e7ac765e33da89e2820a 2012/12/24 01:05:33 29945 records - OK
2okmoz7c 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/17 01:06:21 25519 records - OK
aa07smk7 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/10 01:05:04 20358 records - OK
nvvpxq6q 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/03 01:06:19 20133 records - OK
f18s2zii 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/26 01:05:22 27311 records - OK
flqa5ukx 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/19 01:06:09 29434 records - OK
hlvvhfbq 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/12 01:06:22 26900 records - OK
tvb3cjxj 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/05 01:05:22 25164 records - OK
nfx8ep1i 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/29 01:06:37 30226 records - OK
60chs7rj 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/22 01:04:37 16441 records - OK
wbnx3atd 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/15 00:05:04 26289 records - OK
gx2qeiho 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/08 00:05:51 27278 records - OK
1jsz8j9j 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/10/01 00:05:11 17444 records - OK
24e5dgxk 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/24 00:06:30 21205 records - OK
9gxnlke7 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/17 00:05:43 11686 records - OK
rctbu21a 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/10 00:04:34 12677 records - OK
gmaz687l 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/03 00:05:28 10118 records - OK
zm7mmyfj 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/27 00:05:26 12602 records - OK
x4edqlml 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/20 00:04:05 18298 records - OK
wrfdpt5x 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/13 00:05:19 17126 records - OK
y8gvanmf 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/06 00:03:53 20539 records - OK
78l9w0e9 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/30 00:05:26 19330 records - OK
lxjwz8ca 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/23 00:05:34 19692 records - OK
6j3m574w 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/16 00:05:43 14727 records - OK
ngigidsy 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/09 00:04:33 19485 records - OK
fqx10dai 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/02 00:04:55 22898 records - OK
cb2mnrrq 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/25 00:05:17 20551 records - OK
iyjvh8k7 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/18 00:03:35 9661 records - OK
3a7c1sqr 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/11 00:04:32 23632 records - OK
igzht5z3 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/04 00:04:41 12423 records - OK
9yvz66ey 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/28 00:04:26 15493 records - OK
6t5hqtqb 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/21 00:03:29 13065 records - OK
ibnywp8n 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/14 00:04:24 16238 records - OK
mvxj4wm3 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/07 00:04:33 11570 records - OK
czwra84t 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/30 00:03:28 15478 records - OK
ne32wkle 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/23 00:05:05 11881 records - OK
34om2okx 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/16 00:03:29 13578 records - OK
byqcde13 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/09 00:05:02 14292 records - OK
o77na7dd 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/02 00:03:24 14084 records - OK
v7xy52ky 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/26 00:04:43 19126 records - OK
x9tf3yxt 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/19 00:03:23 14920 records - OK
l308klm0 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/12 00:03:25 19017 records - OK
tyc4mx5l 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/05 00:04:32 19691 records - OK
3ci7rhc4 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/27 00:03:21 23605 records - OK
25163pcs 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/20 00:03:45 19067 records - OK
dy01ueny 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/13 01:04:49 19019 records - OK
9m7t8lae 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/06 01:05:25 28028 records - OK
l9gjym05 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/30 01:08:41 29444 records - OK
o2206aa7 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 06:22:13 19353 records - OK
3jbkfuu6 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/16 01:12:31 20747 records - OK
a8ygmf86 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/09 01:04:30 28052 records - OK
pmmi9k13 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/02 01:04:40 12183 records - OK
fm40slxr 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/26 01:03:33 19984 records - OK
9e448pxd 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/19 01:08:45 22627 records - OK
rbby9k2f 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 18:20:22 49580 records - OK
tq428dj5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 06:00:00 45195 records - OK
cvta8ras 7.0 1a1e6cb9b3096a2cbba2c31d05e11914c0357d52 2011/12/04 05:00:00 165532 records - OK
aznttks0 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 04:00:00 170820 records - OK
t2oiria1 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/04 03:00:00 171279 records - OK
355stucm 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/04 02:00:00 170253 records - OK
nslfm6d2 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/04 01:00:00 170291 records - OK
3u0b3z7l 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/04 00:00:00 170501 records - OK
hdh36pjq 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 23:00:00 353582 records - OK
bq4b2pxi 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 22:00:00 852776 records - OK
cyfvwkiz 7.0 8564e9031b3c1451ba5e7a91d407af6f1a541a23 2014/02/16 09:10:45 1189 records - OK
3fehrhy9 7.0 ce3100ec091fcc4cfffed117a4f62fb0bd553113 2013/11/25 01:15:53 1683 records - OK
ws1ys71l 7.0 6ede5b37423910c2f3ffff6d90fef6a16e565e5e 2013/09/02 00:14:42 1327 records - OK
557ndqdd 7.0 c1d53c2aef72dfab36a8045897938e7a31f279ac 2013/07/15 00:15:07 1590 records - OK
wylpa581 7.0 0cb77ee7a3e6545553585eb6df267a86d4fecbe4 2013/04/22 00:14:29 1680 records - OK
jcbocj0p 7.0 6cb68b8fab821702ef054f864ff44917414e50fa 2013/02/04 01:13:43 2078 records - OK
pfv48s8u 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/17 01:14:14 1725 records - OK
t0rjkyl5 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/12 01:12:52 2050 records - OK
v44v9ecm 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/24 00:13:14 1456 records - OK
9bew4743 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/25 00:12:36 1421 records - OK
oe29ic9e 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/26 00:12:30 1385 records - OK
hsk6equa 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/23 02:56:09 1653 records - OK
a2zs36t4 7.0 026752cf6911ff458c1bfea9353115de0429e941 2014/02/16 09:10:37 2481 records - OK
twhgpfha 7.0 79ee97945d406605f5330158ea8367948c6377de 2013/12/23 01:25:01 2352 records - OK
0j3897sr 7.0 4ed4e052d8cc2df4eb5f1916da50e16da9e4e3da 2013/10/21 01:25:47 2062 records - OK
a14y7yjg 7.0 cc2fc58477a41d340f63e6d3d228133c927a9810 2013/09/16 00:25:22 3440 records - OK
4ph12y0h 7.0 63ff62f7b5aa956912f6c29e7ad7be26569416ff 2013/08/19 00:25:05 1485 records - OK
rg4e3rbz 7.0 d95d1ab4adf9a869001802f64960356e903dd478 2013/07/22 00:24:06 2214 records - OK
906mcjkr 7.0 45cdfad530697916adbfea43a8763a4ab0c95beb 2013/05/20 00:24:48 1426 records - OK
2x6nd50k 7.0 bd9fd948b79e07c8676018e17a43ee81f5335e36 2013/04/22 00:24:10 1641 records - OK
tcr6ilnw 7.0 c7f70566b9bae9fd3f5a8d0b56d961f890a55508 2013/03/18 00:23:44 1742 records - OK
39cjsszh 7.0 8893c0d254eb40c78b5c78ea17fbc3be60ea6304 2013/01/21 01:24:33 2016 records - OK
cpmxkvec 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/10 01:23:23 1620 records - OK
c4188uno 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/05 01:23:16 1658 records - OK
gzvnr2zp 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/08 00:23:20 1465 records - OK
vd8yd66j 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/10 00:23:14 1588 records - OK
khjvkdup 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/23 00:22:36 1702 records - OK
xwqywygq 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/11 00:22:36 1659 records - OK
d5ftua74 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/30 00:22:34 1670 records - OK
v4dg76nt 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/12 00:22:28 1729 records - OK
lj6rwakk 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/30 01:23:00 1523 records - OK
ahq9l6yv 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/19 01:22:29 1805 records - OK
ft3pzv0j 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 21:00:00 26456 records - OK
dqmlqt4j 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 20:00:00 74279 records - OK
4p8xqmug 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 19:00:00 1 record - OK
Total records count: 4945648
Anti-rootkit module version ( ver: 9.0.201401280, api: 6.09 )
Using c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\yft77t38.key as Dr.Web (R) Key file
This Dr.Web (R) Key is for 1 computer (A User)
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\B31ED844 -rpcpr:np
Object(s) to scan:
- Scan processes in memory
- Scan boot sectors
- Scan system restore points
- Scanning for rootkits
- C:\
- D:\
- C:\autoexec.bat
- C:\hiberfil.sys
- C:\pagefile.sys
- C:\swapfile.sys
- C:\zoek-results.log
- C:\Windows\system32\
- C:\Windows\SysWOW64\
- C:\Users\Ponto Frio\Documents\
- C:\Windows\TEMP\
- C:\Users\PONTOF~1\AppData\Local\Temp\
c:\windows\system32\drivers\dump_diskdump.sys - file not found
c:\windows\system32\drivers\dump_iastora.sys - file not found
c:\windows\system32\drivers\dump_dumpfve.sys - file not found
c:\users\ponto frio\appdata\local\temp\b333f249.sys - file not found
c:\users\ponto frio\appdata\local\temp\b4ed3539.sys - file not found
System Idle Process - file not found
System Process - file not found
Process :0 - read error
Process System:4 - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - infected
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\Microsoft\Windows Store\Cache\0\0-Namespace-https∺∯∯next-services.apps.microsoft.com∯browse∯6.2.9200-1∯670∯pt-BR∯c∯BR∯Namespace∯pc∯00000000-0000-0000-0000-000000000000∯00000000-0000-0000-0000-000000000000.dat - file not found
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - is adware program Adware.Shopper.388
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - infected
C:\ProgramData\Baidu Security\RpData\rpFile-PCFasterSvc-2014-02-16 02-24-32-0985-[6964].tmp - read error
C:\ProgramData\Baidu Security\RpData\rpFile-PcfTray-2014-02-16 02-25-17-0948-[7111].tmp - read error
C:\ProgramData\Microsoft\RAC\StateData\RacEtwData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacMetaData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiDataBookmarks.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiEventData.dat - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbtmp.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\Users\Ponto Frio\NTUSER.DAT - read error
C:\Users\Ponto Frio\ntuser.dat.LOG1 - read error
C:\Users\Ponto Frio\ntuser.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{3D9C4A57-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3D9C4A58-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3E4B8CB7-9718-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{4792A6AD-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C72D81E3-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{DB5640FC-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0ZA66YB1\google_com_br[1].htm - file not found
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\V01.log - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Temp\NOD2F7C.tmp - file not found
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected with Trojan.BPlug.16
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - is adware program Adware.Shopper.363
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - infected
C:\Windows\AppCompat\Programs\Amcache.hve - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG1 - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG2 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - read error
C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log - read error
C:\Windows\SoftwareDistribution\DataStore\DataStore.edb - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Windows\System32\catroot2\edb.log - read error
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\System32\config\BBI - read error
C:\Windows\System32\config\BBI.LOG2 - read error
C:\Windows\System32\config\BBI.LOG1 - read error
C:\Windows\System32\config\DEFAULT - read error
C:\Windows\System32\config\DEFAULT.LOG1 - read error
C:\Windows\System32\config\DEFAULT.LOG2 - read error
C:\Windows\System32\config\SAM - read error
C:\Windows\System32\config\SAM.LOG1 - read error
C:\Windows\System32\config\SAM.LOG2 - read error
C:\Windows\System32\config\SECURITY - read error
C:\Windows\System32\config\SECURITY.LOG1 - read error
C:\Windows\System32\config\SOFTWARE - read error
C:\Windows\System32\config\SOFTWARE.LOG1 - read error
C:\Windows\System32\config\SOFTWARE.LOG2 - read error
C:\Windows\System32\config\SYSTEM - read error
C:\Windows\System32\config\SYSTEM.LOG1 - read error
C:\Windows\System32\config\SYSTEM.LOG2 - read error
C:\Windows\System32\config\RegBack\DEFAULT - read error
C:\Windows\System32\config\RegBack\SECURITY - read error
C:\Windows\System32\config\RegBack\SOFTWARE - read error
C:\Windows\System32\config\SECURITY.LOG2 - read error
C:\Windows\System32\config\RegBack\SYSTEM - read error
C:\Windows\System32\config\RegBack\SAM - read error
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
D: - read error
C:\Windows\system32\catroot2\edb.log - read error
C:\Windows\system32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\system32\config\BBI - read error
C:\Windows\system32\config\BBI.LOG1 - read error
C:\Windows\system32\config\BBI.LOG2 - read error
C:\Windows\system32\config\DEFAULT - read error
C:\Windows\system32\config\DEFAULT.LOG1 - read error
C:\Windows\system32\config\DEFAULT.LOG2 - read error
C:\Windows\system32\config\SAM - read error
C:\Windows\system32\config\SAM.LOG1 - read error
C:\Windows\system32\config\SAM.LOG2 - read error
C:\Windows\system32\config\SECURITY - read error
C:\Windows\system32\config\SECURITY.LOG1 - read error
C:\Windows\system32\config\SECURITY.LOG2 - read error
C:\Windows\system32\config\SOFTWARE - read error
C:\Windows\system32\config\SOFTWARE.LOG1 - read error
C:\Windows\system32\config\SOFTWARE.LOG2 - read error
C:\Windows\system32\config\SYSTEM - read error
C:\Windows\system32\config\SYSTEM.LOG1 - read error
C:\Windows\system32\config\SYSTEM.LOG2 - read error
C:\Windows\system32\config\RegBack\DEFAULT - read error
C:\Windows\system32\config\RegBack\SAM - read error
C:\Windows\system32\config\RegBack\SECURITY - read error
C:\Windows\system32\config\RegBack\SOFTWARE - read error
C:\Windows\system32\config\RegBack\SYSTEM - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 124 files are raised error condition
Scan time is 00:59:36.501
-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - quarantined
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 4 files are neutralized
Total 124 files are raised error condition
Scan time is 00:59:36.501
Module location : c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Using language: "English"
Available instances: 12
Instances used: 12
Platform: Windows 8 Starter x64/WOW (Build 9200)
API Version: 2.2
Scanning Engine version: 9.0.6.11080
Virus Finding Engine version: 7.0.7.12100
Total 161 virus bases are loaded from c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67
bl8mu22r 7.0 d7c3ccd49deef2c64c6cb883197fb062463199bb 2014/02/16 09:10:21 964 records - OK
y1itcadn 7.0 d07fc5cc240588c772457e7df580f3cec20d9222 2011/07/25 11:20:03 2 records - OK
43npi8ow 7.0 526e94451dc17c95652cb191508515fe593ede4e 2014/02/15 17:02:25 11081 records - OK
dnchhw4y 7.0 8096cc58eae678b74939277d4d6e3b1f7a498c54 2014/02/10 01:06:00 21955 records - OK
gyac4bfu 7.0 d2759d80da4df855cc56a1c3e14dc29721af2eb5 2014/02/03 01:11:13 21349 records - OK
fhljy27z 7.0 3d19003910067f044af4e5fee3ca6ba49b1e0dff 2014/01/27 01:08:07 11704 records - OK
sel7f19u 7.0 9ec552f68211aadc7667cb8fbdeedee84e2ccaf4 2014/01/20 01:10:10 19301 records - OK
cn5ngh5q 7.0 141e9b07b61877285ee8d35a4ca0a552be38d299 2014/01/13 01:07:28 15935 records - OK
fvw9q6fi 7.0 e4963e7b03c06feda00ae36a7942659c0737c1bd 2014/01/06 01:07:22 12941 records - OK
k06us0rl 7.0 c3164a886736d726e2441cad3a4de6f0b0e3219b 2013/12/30 01:07:50 18147 records - OK
r5k92ici 7.0 1b3a9eb9e843e310051345db539364f71dcdce26 2013/12/23 01:07:36 24291 records - OK
x4a5tbb8 7.0 3c6be998bcbacb19a30e4fd27fe02bb8d9401191 2013/12/16 01:08:17 22670 records - OK
v7mjc8u6 7.0 17c7a62a967080ce25e28d47e4cf1035e145ddc1 2013/12/09 01:09:54 21015 records - OK
w66jx0ii 7.0 6dbc5b701b6ffb1a8bc80c52f3454314e6d82273 2013/12/02 01:09:01 20471 records - OK
vphobkz4 7.0 95e77d6bd2c5f5feabdd074d49272f3988737aac 2013/11/25 01:06:55 18641 records - OK
jqohr8d0 7.0 8e677cc8b19dc0ad82c4b71202c0acd9e2e25827 2013/11/18 01:08:42 32245 records - OK
zfj3pyy4 7.0 bc2662842e39ed5dc010a39140fd82d7ad1b6006 2013/11/11 01:09:43 33084 records - OK
slrprloq 7.0 8900859cec3affe1e5bbb086bdb2299d125acf7c 2013/11/04 01:09:28 30356 records - OK
amnqjyi5 7.0 0e9ca4f15f289ae826d213e6a1d672470a127b51 2013/10/28 01:09:43 18457 records - OK
74wndz5o 7.0 eba0efa3e9d70063908fb5e41a704579c255ea33 2013/10/21 01:09:49 19594 records - OK
7socdb5j 7.0 0f5e49d3e5b4c931d1f2de5e7b3551b3290cae26 2013/10/14 00:07:20 22924 records - OK
ouhq5ls2 7.0 11c09a3ae7c80058711dd699aeb1ca4f5ba0f5a5 2013/10/07 00:07:56 24694 records - OK
5k7b0e6b 7.0 27f46d939a14e1a0605b9762db1de5a2aca20a58 2013/09/30 00:08:23 24253 records - OK
3mgetpav 7.0 e679853ff1af1082b1982cf226785128a26e1099 2013/09/23 00:07:56 18453 records - OK
48hbeapb 7.0 690d8b937e4edb8176c3d466585662a6014e3d0e 2013/09/16 00:08:41 19662 records - OK
czkaxew6 7.0 cf5d32d1091e0c33523e8c6f9697c32ef2bf4f29 2013/09/09 00:07:53 11289 records - OK
t45t6h2b 7.0 8f8258337f82d1dd4434e9b71f2e481f06baf7c2 2013/09/02 00:08:50 16486 records - OK
4mzna3mn 7.0 f806ed4628669b46da54d1f2eb12aa9bcef603a6 2013/08/26 00:08:46 18051 records - OK
iivn7kaj 7.0 b453f2d6f8659d9dd5b9aa92f2a4cfa16cbfa1db 2013/08/19 00:07:38 30970 records - OK
8m0wjn9q 7.0 99da1df207839fb44ae24c23590c827a78b79624 2013/08/12 00:07:21 36983 records - OK
fiwzdo84 7.0 f00c8b50a0012e8c42c6739e1326d23df1894610 2013/08/05 00:06:47 34115 records - OK
wcp0cjaj 7.0 896fcf8d5d0cd958da3891b65648d2dc1592338b 2013/07/29 00:07:44 19463 records - OK
nnbtsant 7.0 d690513befab3ea86af2fe671a7f24cc05c9feaa 2013/07/22 00:08:15 35067 records - OK
yp7cxrac 7.0 5d7d11b0edc97be077b0771339ba3dc0c75de9e0 2013/07/15 00:08:05 29822 records - OK
0183cyyq 7.0 67683402b8212ef4da87f649878865c52e5dc113 2013/07/08 00:08:35 39172 records - OK
fo02c3dx 7.0 613a3e4bae38b4e00a7432c24a9cd916fb1c654f 2013/07/01 00:06:34 24654 records - OK
wf1wdr7c 7.0 b81132c4abffd4d2949531a1219b6bb1c3bad6f7 2013/06/24 00:06:30 14062 records - OK
izip1ciw 7.0 9aab251475626c658b193cfa2b5f91da471bf8f2 2013/06/17 00:05:57 13350 records - OK
qcgt1uvy 7.0 e1f8aca88745fcdd49dc7ae75e142c41e1faf178 2013/06/10 00:08:13 26371 records - OK
y9tg22ln 7.0 4e8627555a073f6bad5218bad3e69ebc4b93069f 2013/06/03 00:07:47 25525 records - OK
zrmag7qy 7.0 f562371c5115143824efde38c9567c34ccbe5d1a 2013/05/27 00:16:19 33200 records - OK
gt1gfto0 7.0 eccb30ec8ed44456f9b88fe96d9fe0de40e4fa51 2013/05/20 00:11:05 46384 records - OK
kowfptay 7.0 9b481fbfbe1f564a84f21552da1d30d24e7b01db 2013/05/13 00:07:01 34270 records - OK
l6nfh2be 7.0 1bf754dd720727b5d6803e081c16ff7f4ba7b40b 2013/05/06 00:08:46 41611 records - OK
ck4s08qb 7.0 4e883c92513c2d991968fb3e4f27910a63d9a2df 2013/04/29 00:06:36 36105 records - OK
3btyhv9y 7.0 b047d178295ecde53c3cf1c34e4361004569fa33 2013/04/22 00:07:26 31319 records - OK
h8gvyy3v 7.0 9207e55a924e4aa989dfde4d8d219cf5cc200ce2 2013/04/15 00:07:56 28216 records - OK
ry14f2nl 7.0 78855cfb9fbc063889c5405a577fe73188f08789 2013/04/08 00:05:35 23589 records - OK
fghl1kvt 7.0 cec6d34c79d50608520e81b90a23d91f39df0b27 2013/04/01 00:07:37 26946 records - OK
03pft2ue 7.0 fd3c78d78ea4dae4e252a7f7d76db22e1a679be9 2013/03/25 00:05:37 34778 records - OK
xyomzq65 7.0 268e71b1123ab5e60fd2f38d269fe5f3d22b3697 2013/03/18 00:06:19 11271 records - OK
224z58g3 7.0 d196879775b0dc0ee8286f2e4def9adedb5b88df 2013/03/11 00:05:36 12046 records - OK
onnzxrwq 7.0 0db61d4e3235481da8493523538ced712db362c2 2013/03/04 00:05:18 21747 records - OK
arfbwtpb 7.0 65f99faf227b51883c9f1c854a3f76806b60affb 2013/02/25 00:06:28 11540 records - OK
qzv9m392 7.0 17bd7383b9c4b214c5c9029171db8ae1455984a0 2013/02/18 00:06:38 15568 records - OK
ty8loiv5 7.0 cbe8774953ae403e49370d552b522a5839aa9fdb 2013/02/11 01:06:00 18805 records - OK
wa95ilsy 7.0 fb6865c02a3680338e4ee0603579107227313b2b 2013/02/04 01:06:01 32488 records - OK
jwiku9tz 7.0 95fcd2e24cd9b2ec2610656ffa70b8bf46e86a8b 2013/01/28 01:04:52 15470 records - OK
ex1h2hqb 7.0 3d710b3dd4580a7eca8c74d2c886d48f5b8b5172 2013/01/21 01:06:27 30093 records - OK
ktgc4t6q 7.0 bddde0b5426b7e5bebd61e1239ca529c87ae6e36 2013/01/14 01:04:41 16158 records - OK
uzksurca 7.0 bc40bd9330301e8d7796f489d03357fb711b3121 2013/01/07 01:04:45 19597 records - OK
41rprlh3 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/31 01:05:41 18184 records - OK
1xua94uq 7.0 c680da06ac6ec011d130e7ac765e33da89e2820a 2012/12/24 01:05:33 29945 records - OK
2okmoz7c 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/17 01:06:21 25519 records - OK
aa07smk7 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/10 01:05:04 20358 records - OK
nvvpxq6q 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/03 01:06:19 20133 records - OK
f18s2zii 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/26 01:05:22 27311 records - OK
flqa5ukx 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/19 01:06:09 29434 records - OK
hlvvhfbq 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/12 01:06:22 26900 records - OK
tvb3cjxj 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/05 01:05:22 25164 records - OK
nfx8ep1i 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/29 01:06:37 30226 records - OK
60chs7rj 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/22 01:04:37 16441 records - OK
wbnx3atd 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/15 00:05:04 26289 records - OK
gx2qeiho 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/08 00:05:51 27278 records - OK
1jsz8j9j 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/10/01 00:05:11 17444 records - OK
24e5dgxk 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/24 00:06:30 21205 records - OK
9gxnlke7 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/17 00:05:43 11686 records - OK
rctbu21a 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/10 00:04:34 12677 records - OK
gmaz687l 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/03 00:05:28 10118 records - OK
zm7mmyfj 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/27 00:05:26 12602 records - OK
x4edqlml 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/20 00:04:05 18298 records - OK
wrfdpt5x 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/13 00:05:19 17126 records - OK
y8gvanmf 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/06 00:03:53 20539 records - OK
78l9w0e9 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/30 00:05:26 19330 records - OK
lxjwz8ca 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/23 00:05:34 19692 records - OK
6j3m574w 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/16 00:05:43 14727 records - OK
ngigidsy 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/09 00:04:33 19485 records - OK
fqx10dai 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/02 00:04:55 22898 records - OK
cb2mnrrq 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/25 00:05:17 20551 records - OK
iyjvh8k7 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/18 00:03:35 9661 records - OK
3a7c1sqr 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/11 00:04:32 23632 records - OK
igzht5z3 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/04 00:04:41 12423 records - OK
9yvz66ey 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/28 00:04:26 15493 records - OK
6t5hqtqb 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/21 00:03:29 13065 records - OK
ibnywp8n 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/14 00:04:24 16238 records - OK
mvxj4wm3 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/07 00:04:33 11570 records - OK
czwra84t 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/30 00:03:28 15478 records - OK
ne32wkle 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/23 00:05:05 11881 records - OK
34om2okx 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/16 00:03:29 13578 records - OK
byqcde13 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/09 00:05:02 14292 records - OK
o77na7dd 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/02 00:03:24 14084 records - OK
v7xy52ky 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/26 00:04:43 19126 records - OK
x9tf3yxt 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/19 00:03:23 14920 records - OK
l308klm0 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/12 00:03:25 19017 records - OK
tyc4mx5l 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/05 00:04:32 19691 records - OK
3ci7rhc4 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/27 00:03:21 23605 records - OK
25163pcs 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/20 00:03:45 19067 records - OK
dy01ueny 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/13 01:04:49 19019 records - OK
9m7t8lae 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/06 01:05:25 28028 records - OK
l9gjym05 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/30 01:08:41 29444 records - OK
o2206aa7 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 06:22:13 19353 records - OK
3jbkfuu6 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/16 01:12:31 20747 records - OK
a8ygmf86 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/09 01:04:30 28052 records - OK
pmmi9k13 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/02 01:04:40 12183 records - OK
fm40slxr 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/26 01:03:33 19984 records - OK
9e448pxd 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/19 01:08:45 22627 records - OK
rbby9k2f 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 18:20:22 49580 records - OK
tq428dj5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 06:00:00 45195 records - OK
cvta8ras 7.0 1a1e6cb9b3096a2cbba2c31d05e11914c0357d52 2011/12/04 05:00:00 165532 records - OK
aznttks0 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 04:00:00 170820 records - OK
t2oiria1 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/04 03:00:00 171279 records - OK
355stucm 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/04 02:00:00 170253 records - OK
nslfm6d2 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/04 01:00:00 170291 records - OK
3u0b3z7l 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/04 00:00:00 170501 records - OK
hdh36pjq 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 23:00:00 353582 records - OK
bq4b2pxi 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 22:00:00 852776 records - OK
cyfvwkiz 7.0 8564e9031b3c1451ba5e7a91d407af6f1a541a23 2014/02/16 09:10:45 1189 records - OK
3fehrhy9 7.0 ce3100ec091fcc4cfffed117a4f62fb0bd553113 2013/11/25 01:15:53 1683 records - OK
ws1ys71l 7.0 6ede5b37423910c2f3ffff6d90fef6a16e565e5e 2013/09/02 00:14:42 1327 records - OK
557ndqdd 7.0 c1d53c2aef72dfab36a8045897938e7a31f279ac 2013/07/15 00:15:07 1590 records - OK
wylpa581 7.0 0cb77ee7a3e6545553585eb6df267a86d4fecbe4 2013/04/22 00:14:29 1680 records - OK
jcbocj0p 7.0 6cb68b8fab821702ef054f864ff44917414e50fa 2013/02/04 01:13:43 2078 records - OK
pfv48s8u 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/17 01:14:14 1725 records - OK
t0rjkyl5 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/12 01:12:52 2050 records - OK
v44v9ecm 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/24 00:13:14 1456 records - OK
9bew4743 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/25 00:12:36 1421 records - OK
oe29ic9e 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/26 00:12:30 1385 records - OK
hsk6equa 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/23 02:56:09 1653 records - OK
a2zs36t4 7.0 026752cf6911ff458c1bfea9353115de0429e941 2014/02/16 09:10:37 2481 records - OK
twhgpfha 7.0 79ee97945d406605f5330158ea8367948c6377de 2013/12/23 01:25:01 2352 records - OK
0j3897sr 7.0 4ed4e052d8cc2df4eb5f1916da50e16da9e4e3da 2013/10/21 01:25:47 2062 records - OK
a14y7yjg 7.0 cc2fc58477a41d340f63e6d3d228133c927a9810 2013/09/16 00:25:22 3440 records - OK
4ph12y0h 7.0 63ff62f7b5aa956912f6c29e7ad7be26569416ff 2013/08/19 00:25:05 1485 records - OK
rg4e3rbz 7.0 d95d1ab4adf9a869001802f64960356e903dd478 2013/07/22 00:24:06 2214 records - OK
906mcjkr 7.0 45cdfad530697916adbfea43a8763a4ab0c95beb 2013/05/20 00:24:48 1426 records - OK
2x6nd50k 7.0 bd9fd948b79e07c8676018e17a43ee81f5335e36 2013/04/22 00:24:10 1641 records - OK
tcr6ilnw 7.0 c7f70566b9bae9fd3f5a8d0b56d961f890a55508 2013/03/18 00:23:44 1742 records - OK
39cjsszh 7.0 8893c0d254eb40c78b5c78ea17fbc3be60ea6304 2013/01/21 01:24:33 2016 records - OK
cpmxkvec 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/10 01:23:23 1620 records - OK
c4188uno 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/05 01:23:16 1658 records - OK
gzvnr2zp 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/08 00:23:20 1465 records - OK
vd8yd66j 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/10 00:23:14 1588 records - OK
khjvkdup 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/23 00:22:36 1702 records - OK
xwqywygq 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/11 00:22:36 1659 records - OK
d5ftua74 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/30 00:22:34 1670 records - OK
v4dg76nt 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/12 00:22:28 1729 records - OK
lj6rwakk 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/30 01:23:00 1523 records - OK
ahq9l6yv 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/19 01:22:29 1805 records - OK
ft3pzv0j 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 21:00:00 26456 records - OK
dqmlqt4j 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 20:00:00 74279 records - OK
4p8xqmug 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 19:00:00 1 record - OK
Total records count: 4945648
Anti-rootkit module version ( ver: 9.0.201401280, api: 6.09 )
Using c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\yft77t38.key as Dr.Web (R) Key file
This Dr.Web (R) Key is for 1 computer (A User)
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\B31ED844 -rpcpr:np
Object(s) to scan:
- Scan processes in memory
- Scan boot sectors
- Scan system restore points
- Scanning for rootkits
- C:\
- D:\
- C:\autoexec.bat
- C:\hiberfil.sys
- C:\pagefile.sys
- C:\swapfile.sys
- C:\zoek-results.log
- C:\Windows\system32\
- C:\Windows\SysWOW64\
- C:\Users\Ponto Frio\Documents\
- C:\Windows\TEMP\
- C:\Users\PONTOF~1\AppData\Local\Temp\
c:\windows\system32\drivers\dump_diskdump.sys - file not found
c:\windows\system32\drivers\dump_iastora.sys - file not found
c:\windows\system32\drivers\dump_dumpfve.sys - file not found
c:\users\ponto frio\appdata\local\temp\b333f249.sys - file not found
c:\users\ponto frio\appdata\local\temp\b4ed3539.sys - file not found
System Idle Process - file not found
System Process - file not found
Process :0 - read error
Process System:4 - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - infected
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\Microsoft\Windows Store\Cache\0\0-Namespace-https∺∯∯next-services.apps.microsoft.com∯browse∯6.2.9200-1∯670∯pt-BR∯c∯BR∯Namespace∯pc∯00000000-0000-0000-0000-000000000000∯00000000-0000-0000-0000-000000000000.dat - file not found
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - is adware program Adware.Shopper.388
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - infected
C:\ProgramData\Baidu Security\RpData\rpFile-PCFasterSvc-2014-02-16 02-24-32-0985-[6964].tmp - read error
C:\ProgramData\Baidu Security\RpData\rpFile-PcfTray-2014-02-16 02-25-17-0948-[7111].tmp - read error
C:\ProgramData\Microsoft\RAC\StateData\RacEtwData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacMetaData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiDataBookmarks.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiEventData.dat - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbtmp.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\Users\Ponto Frio\NTUSER.DAT - read error
C:\Users\Ponto Frio\ntuser.dat.LOG1 - read error
C:\Users\Ponto Frio\ntuser.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{3D9C4A57-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3D9C4A58-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3E4B8CB7-9718-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{4792A6AD-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C72D81E3-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{DB5640FC-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0ZA66YB1\google_com_br[1].htm - file not found
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\V01.log - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Temp\NOD2F7C.tmp - file not found
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected with Trojan.BPlug.16
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - is adware program Adware.Shopper.363
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - infected
C:\Windows\AppCompat\Programs\Amcache.hve - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG1 - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG2 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - read error
C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log - read error
C:\Windows\SoftwareDistribution\DataStore\DataStore.edb - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Windows\System32\catroot2\edb.log - read error
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\System32\config\BBI - read error
C:\Windows\System32\config\BBI.LOG2 - read error
C:\Windows\System32\config\BBI.LOG1 - read error
C:\Windows\System32\config\DEFAULT - read error
C:\Windows\System32\config\DEFAULT.LOG1 - read error
C:\Windows\System32\config\DEFAULT.LOG2 - read error
C:\Windows\System32\config\SAM - read error
C:\Windows\System32\config\SAM.LOG1 - read error
C:\Windows\System32\config\SAM.LOG2 - read error
C:\Windows\System32\config\SECURITY - read error
C:\Windows\System32\config\SECURITY.LOG1 - read error
C:\Windows\System32\config\SOFTWARE - read error
C:\Windows\System32\config\SOFTWARE.LOG1 - read error
C:\Windows\System32\config\SOFTWARE.LOG2 - read error
C:\Windows\System32\config\SYSTEM - read error
C:\Windows\System32\config\SYSTEM.LOG1 - read error
C:\Windows\System32\config\SYSTEM.LOG2 - read error
C:\Windows\System32\config\RegBack\DEFAULT - read error
C:\Windows\System32\config\RegBack\SECURITY - read error
C:\Windows\System32\config\RegBack\SOFTWARE - read error
C:\Windows\System32\config\SECURITY.LOG2 - read error
C:\Windows\System32\config\RegBack\SYSTEM - read error
C:\Windows\System32\config\RegBack\SAM - read error
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
D: - read error
C:\Windows\system32\catroot2\edb.log - read error
C:\Windows\system32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\system32\config\BBI - read error
C:\Windows\system32\config\BBI.LOG1 - read error
C:\Windows\system32\config\BBI.LOG2 - read error
C:\Windows\system32\config\DEFAULT - read error
C:\Windows\system32\config\DEFAULT.LOG1 - read error
C:\Windows\system32\config\DEFAULT.LOG2 - read error
C:\Windows\system32\config\SAM - read error
C:\Windows\system32\config\SAM.LOG1 - read error
C:\Windows\system32\config\SAM.LOG2 - read error
C:\Windows\system32\config\SECURITY - read error
C:\Windows\system32\config\SECURITY.LOG1 - read error
C:\Windows\system32\config\SECURITY.LOG2 - read error
C:\Windows\system32\config\SOFTWARE - read error
C:\Windows\system32\config\SOFTWARE.LOG1 - read error
C:\Windows\system32\config\SOFTWARE.LOG2 - read error
C:\Windows\system32\config\SYSTEM - read error
C:\Windows\system32\config\SYSTEM.LOG1 - read error
C:\Windows\system32\config\SYSTEM.LOG2 - read error
C:\Windows\system32\config\RegBack\DEFAULT - read error
C:\Windows\system32\config\RegBack\SAM - read error
C:\Windows\system32\config\RegBack\SECURITY - read error
C:\Windows\system32\config\RegBack\SOFTWARE - read error
C:\Windows\system32\config\RegBack\SYSTEM - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 124 files are raised error condition
Scan time is 00:59:36.501
-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - quarantined
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 4 files are neutralized
Total 124 files are raised error condition
Scan time is 00:59:36.501
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Re: awesomehp alguem sabe tirar
=============================================================================
Dr.Web Scanner SE for Windows v9.0.5.01160
(c) Doctor Web, Ltd., 1992-2013
Scan session started 2014/02/16 11:46:30
Module location : c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Using language: "English"
Available instances: 12
Instances used: 12
Platform: Windows 8 Starter x64/WOW (Build 9200)
API Version: 2.2
Scanning Engine version: 9.0.6.11080
Virus Finding Engine version: 7.0.7.12100
Total 161 virus bases are loaded from c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67
bl8mu22r 7.0 d7c3ccd49deef2c64c6cb883197fb062463199bb 2014/02/16 09:10:21 964 records - OK
y1itcadn 7.0 d07fc5cc240588c772457e7df580f3cec20d9222 2011/07/25 11:20:03 2 records - OK
43npi8ow 7.0 526e94451dc17c95652cb191508515fe593ede4e 2014/02/15 17:02:25 11081 records - OK
dnchhw4y 7.0 8096cc58eae678b74939277d4d6e3b1f7a498c54 2014/02/10 01:06:00 21955 records - OK
gyac4bfu 7.0 d2759d80da4df855cc56a1c3e14dc29721af2eb5 2014/02/03 01:11:13 21349 records - OK
fhljy27z 7.0 3d19003910067f044af4e5fee3ca6ba49b1e0dff 2014/01/27 01:08:07 11704 records - OK
sel7f19u 7.0 9ec552f68211aadc7667cb8fbdeedee84e2ccaf4 2014/01/20 01:10:10 19301 records - OK
cn5ngh5q 7.0 141e9b07b61877285ee8d35a4ca0a552be38d299 2014/01/13 01:07:28 15935 records - OK
fvw9q6fi 7.0 e4963e7b03c06feda00ae36a7942659c0737c1bd 2014/01/06 01:07:22 12941 records - OK
k06us0rl 7.0 c3164a886736d726e2441cad3a4de6f0b0e3219b 2013/12/30 01:07:50 18147 records - OK
r5k92ici 7.0 1b3a9eb9e843e310051345db539364f71dcdce26 2013/12/23 01:07:36 24291 records - OK
x4a5tbb8 7.0 3c6be998bcbacb19a30e4fd27fe02bb8d9401191 2013/12/16 01:08:17 22670 records - OK
v7mjc8u6 7.0 17c7a62a967080ce25e28d47e4cf1035e145ddc1 2013/12/09 01:09:54 21015 records - OK
w66jx0ii 7.0 6dbc5b701b6ffb1a8bc80c52f3454314e6d82273 2013/12/02 01:09:01 20471 records - OK
vphobkz4 7.0 95e77d6bd2c5f5feabdd074d49272f3988737aac 2013/11/25 01:06:55 18641 records - OK
jqohr8d0 7.0 8e677cc8b19dc0ad82c4b71202c0acd9e2e25827 2013/11/18 01:08:42 32245 records - OK
zfj3pyy4 7.0 bc2662842e39ed5dc010a39140fd82d7ad1b6006 2013/11/11 01:09:43 33084 records - OK
slrprloq 7.0 8900859cec3affe1e5bbb086bdb2299d125acf7c 2013/11/04 01:09:28 30356 records - OK
amnqjyi5 7.0 0e9ca4f15f289ae826d213e6a1d672470a127b51 2013/10/28 01:09:43 18457 records - OK
74wndz5o 7.0 eba0efa3e9d70063908fb5e41a704579c255ea33 2013/10/21 01:09:49 19594 records - OK
7socdb5j 7.0 0f5e49d3e5b4c931d1f2de5e7b3551b3290cae26 2013/10/14 00:07:20 22924 records - OK
ouhq5ls2 7.0 11c09a3ae7c80058711dd699aeb1ca4f5ba0f5a5 2013/10/07 00:07:56 24694 records - OK
5k7b0e6b 7.0 27f46d939a14e1a0605b9762db1de5a2aca20a58 2013/09/30 00:08:23 24253 records - OK
3mgetpav 7.0 e679853ff1af1082b1982cf226785128a26e1099 2013/09/23 00:07:56 18453 records - OK
48hbeapb 7.0 690d8b937e4edb8176c3d466585662a6014e3d0e 2013/09/16 00:08:41 19662 records - OK
czkaxew6 7.0 cf5d32d1091e0c33523e8c6f9697c32ef2bf4f29 2013/09/09 00:07:53 11289 records - OK
t45t6h2b 7.0 8f8258337f82d1dd4434e9b71f2e481f06baf7c2 2013/09/02 00:08:50 16486 records - OK
4mzna3mn 7.0 f806ed4628669b46da54d1f2eb12aa9bcef603a6 2013/08/26 00:08:46 18051 records - OK
iivn7kaj 7.0 b453f2d6f8659d9dd5b9aa92f2a4cfa16cbfa1db 2013/08/19 00:07:38 30970 records - OK
8m0wjn9q 7.0 99da1df207839fb44ae24c23590c827a78b79624 2013/08/12 00:07:21 36983 records - OK
fiwzdo84 7.0 f00c8b50a0012e8c42c6739e1326d23df1894610 2013/08/05 00:06:47 34115 records - OK
wcp0cjaj 7.0 896fcf8d5d0cd958da3891b65648d2dc1592338b 2013/07/29 00:07:44 19463 records - OK
nnbtsant 7.0 d690513befab3ea86af2fe671a7f24cc05c9feaa 2013/07/22 00:08:15 35067 records - OK
yp7cxrac 7.0 5d7d11b0edc97be077b0771339ba3dc0c75de9e0 2013/07/15 00:08:05 29822 records - OK
0183cyyq 7.0 67683402b8212ef4da87f649878865c52e5dc113 2013/07/08 00:08:35 39172 records - OK
fo02c3dx 7.0 613a3e4bae38b4e00a7432c24a9cd916fb1c654f 2013/07/01 00:06:34 24654 records - OK
wf1wdr7c 7.0 b81132c4abffd4d2949531a1219b6bb1c3bad6f7 2013/06/24 00:06:30 14062 records - OK
izip1ciw 7.0 9aab251475626c658b193cfa2b5f91da471bf8f2 2013/06/17 00:05:57 13350 records - OK
qcgt1uvy 7.0 e1f8aca88745fcdd49dc7ae75e142c41e1faf178 2013/06/10 00:08:13 26371 records - OK
y9tg22ln 7.0 4e8627555a073f6bad5218bad3e69ebc4b93069f 2013/06/03 00:07:47 25525 records - OK
zrmag7qy 7.0 f562371c5115143824efde38c9567c34ccbe5d1a 2013/05/27 00:16:19 33200 records - OK
gt1gfto0 7.0 eccb30ec8ed44456f9b88fe96d9fe0de40e4fa51 2013/05/20 00:11:05 46384 records - OK
kowfptay 7.0 9b481fbfbe1f564a84f21552da1d30d24e7b01db 2013/05/13 00:07:01 34270 records - OK
l6nfh2be 7.0 1bf754dd720727b5d6803e081c16ff7f4ba7b40b 2013/05/06 00:08:46 41611 records - OK
ck4s08qb 7.0 4e883c92513c2d991968fb3e4f27910a63d9a2df 2013/04/29 00:06:36 36105 records - OK
3btyhv9y 7.0 b047d178295ecde53c3cf1c34e4361004569fa33 2013/04/22 00:07:26 31319 records - OK
h8gvyy3v 7.0 9207e55a924e4aa989dfde4d8d219cf5cc200ce2 2013/04/15 00:07:56 28216 records - OK
ry14f2nl 7.0 78855cfb9fbc063889c5405a577fe73188f08789 2013/04/08 00:05:35 23589 records - OK
fghl1kvt 7.0 cec6d34c79d50608520e81b90a23d91f39df0b27 2013/04/01 00:07:37 26946 records - OK
03pft2ue 7.0 fd3c78d78ea4dae4e252a7f7d76db22e1a679be9 2013/03/25 00:05:37 34778 records - OK
xyomzq65 7.0 268e71b1123ab5e60fd2f38d269fe5f3d22b3697 2013/03/18 00:06:19 11271 records - OK
224z58g3 7.0 d196879775b0dc0ee8286f2e4def9adedb5b88df 2013/03/11 00:05:36 12046 records - OK
onnzxrwq 7.0 0db61d4e3235481da8493523538ced712db362c2 2013/03/04 00:05:18 21747 records - OK
arfbwtpb 7.0 65f99faf227b51883c9f1c854a3f76806b60affb 2013/02/25 00:06:28 11540 records - OK
qzv9m392 7.0 17bd7383b9c4b214c5c9029171db8ae1455984a0 2013/02/18 00:06:38 15568 records - OK
ty8loiv5 7.0 cbe8774953ae403e49370d552b522a5839aa9fdb 2013/02/11 01:06:00 18805 records - OK
wa95ilsy 7.0 fb6865c02a3680338e4ee0603579107227313b2b 2013/02/04 01:06:01 32488 records - OK
jwiku9tz 7.0 95fcd2e24cd9b2ec2610656ffa70b8bf46e86a8b 2013/01/28 01:04:52 15470 records - OK
ex1h2hqb 7.0 3d710b3dd4580a7eca8c74d2c886d48f5b8b5172 2013/01/21 01:06:27 30093 records - OK
ktgc4t6q 7.0 bddde0b5426b7e5bebd61e1239ca529c87ae6e36 2013/01/14 01:04:41 16158 records - OK
uzksurca 7.0 bc40bd9330301e8d7796f489d03357fb711b3121 2013/01/07 01:04:45 19597 records - OK
41rprlh3 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/31 01:05:41 18184 records - OK
1xua94uq 7.0 c680da06ac6ec011d130e7ac765e33da89e2820a 2012/12/24 01:05:33 29945 records - OK
2okmoz7c 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/17 01:06:21 25519 records - OK
aa07smk7 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/10 01:05:04 20358 records - OK
nvvpxq6q 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/03 01:06:19 20133 records - OK
f18s2zii 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/26 01:05:22 27311 records - OK
flqa5ukx 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/19 01:06:09 29434 records - OK
hlvvhfbq 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/12 01:06:22 26900 records - OK
tvb3cjxj 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/05 01:05:22 25164 records - OK
nfx8ep1i 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/29 01:06:37 30226 records - OK
60chs7rj 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/22 01:04:37 16441 records - OK
wbnx3atd 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/15 00:05:04 26289 records - OK
gx2qeiho 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/08 00:05:51 27278 records - OK
1jsz8j9j 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/10/01 00:05:11 17444 records - OK
24e5dgxk 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/24 00:06:30 21205 records - OK
9gxnlke7 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/17 00:05:43 11686 records - OK
rctbu21a 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/10 00:04:34 12677 records - OK
gmaz687l 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/03 00:05:28 10118 records - OK
zm7mmyfj 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/27 00:05:26 12602 records - OK
x4edqlml 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/20 00:04:05 18298 records - OK
wrfdpt5x 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/13 00:05:19 17126 records - OK
y8gvanmf 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/06 00:03:53 20539 records - OK
78l9w0e9 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/30 00:05:26 19330 records - OK
lxjwz8ca 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/23 00:05:34 19692 records - OK
6j3m574w 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/16 00:05:43 14727 records - OK
ngigidsy 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/09 00:04:33 19485 records - OK
fqx10dai 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/02 00:04:55 22898 records - OK
cb2mnrrq 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/25 00:05:17 20551 records - OK
iyjvh8k7 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/18 00:03:35 9661 records - OK
3a7c1sqr 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/11 00:04:32 23632 records - OK
igzht5z3 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/04 00:04:41 12423 records - OK
9yvz66ey 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/28 00:04:26 15493 records - OK
6t5hqtqb 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/21 00:03:29 13065 records - OK
ibnywp8n 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/14 00:04:24 16238 records - OK
mvxj4wm3 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/07 00:04:33 11570 records - OK
czwra84t 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/30 00:03:28 15478 records - OK
ne32wkle 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/23 00:05:05 11881 records - OK
34om2okx 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/16 00:03:29 13578 records - OK
byqcde13 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/09 00:05:02 14292 records - OK
o77na7dd 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/02 00:03:24 14084 records - OK
v7xy52ky 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/26 00:04:43 19126 records - OK
x9tf3yxt 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/19 00:03:23 14920 records - OK
l308klm0 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/12 00:03:25 19017 records - OK
tyc4mx5l 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/05 00:04:32 19691 records - OK
3ci7rhc4 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/27 00:03:21 23605 records - OK
25163pcs 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/20 00:03:45 19067 records - OK
dy01ueny 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/13 01:04:49 19019 records - OK
9m7t8lae 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/06 01:05:25 28028 records - OK
l9gjym05 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/30 01:08:41 29444 records - OK
o2206aa7 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 06:22:13 19353 records - OK
3jbkfuu6 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/16 01:12:31 20747 records - OK
a8ygmf86 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/09 01:04:30 28052 records - OK
pmmi9k13 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/02 01:04:40 12183 records - OK
fm40slxr 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/26 01:03:33 19984 records - OK
9e448pxd 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/19 01:08:45 22627 records - OK
rbby9k2f 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 18:20:22 49580 records - OK
tq428dj5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 06:00:00 45195 records - OK
cvta8ras 7.0 1a1e6cb9b3096a2cbba2c31d05e11914c0357d52 2011/12/04 05:00:00 165532 records - OK
aznttks0 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 04:00:00 170820 records - OK
t2oiria1 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/04 03:00:00 171279 records - OK
355stucm 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/04 02:00:00 170253 records - OK
nslfm6d2 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/04 01:00:00 170291 records - OK
3u0b3z7l 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/04 00:00:00 170501 records - OK
hdh36pjq 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 23:00:00 353582 records - OK
bq4b2pxi 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 22:00:00 852776 records - OK
cyfvwkiz 7.0 8564e9031b3c1451ba5e7a91d407af6f1a541a23 2014/02/16 09:10:45 1189 records - OK
3fehrhy9 7.0 ce3100ec091fcc4cfffed117a4f62fb0bd553113 2013/11/25 01:15:53 1683 records - OK
ws1ys71l 7.0 6ede5b37423910c2f3ffff6d90fef6a16e565e5e 2013/09/02 00:14:42 1327 records - OK
557ndqdd 7.0 c1d53c2aef72dfab36a8045897938e7a31f279ac 2013/07/15 00:15:07 1590 records - OK
wylpa581 7.0 0cb77ee7a3e6545553585eb6df267a86d4fecbe4 2013/04/22 00:14:29 1680 records - OK
jcbocj0p 7.0 6cb68b8fab821702ef054f864ff44917414e50fa 2013/02/04 01:13:43 2078 records - OK
pfv48s8u 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/17 01:14:14 1725 records - OK
t0rjkyl5 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/12 01:12:52 2050 records - OK
v44v9ecm 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/24 00:13:14 1456 records - OK
9bew4743 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/25 00:12:36 1421 records - OK
oe29ic9e 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/26 00:12:30 1385 records - OK
hsk6equa 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/23 02:56:09 1653 records - OK
a2zs36t4 7.0 026752cf6911ff458c1bfea9353115de0429e941 2014/02/16 09:10:37 2481 records - OK
twhgpfha 7.0 79ee97945d406605f5330158ea8367948c6377de 2013/12/23 01:25:01 2352 records - OK
0j3897sr 7.0 4ed4e052d8cc2df4eb5f1916da50e16da9e4e3da 2013/10/21 01:25:47 2062 records - OK
a14y7yjg 7.0 cc2fc58477a41d340f63e6d3d228133c927a9810 2013/09/16 00:25:22 3440 records - OK
4ph12y0h 7.0 63ff62f7b5aa956912f6c29e7ad7be26569416ff 2013/08/19 00:25:05 1485 records - OK
rg4e3rbz 7.0 d95d1ab4adf9a869001802f64960356e903dd478 2013/07/22 00:24:06 2214 records - OK
906mcjkr 7.0 45cdfad530697916adbfea43a8763a4ab0c95beb 2013/05/20 00:24:48 1426 records - OK
2x6nd50k 7.0 bd9fd948b79e07c8676018e17a43ee81f5335e36 2013/04/22 00:24:10 1641 records - OK
tcr6ilnw 7.0 c7f70566b9bae9fd3f5a8d0b56d961f890a55508 2013/03/18 00:23:44 1742 records - OK
39cjsszh 7.0 8893c0d254eb40c78b5c78ea17fbc3be60ea6304 2013/01/21 01:24:33 2016 records - OK
cpmxkvec 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/10 01:23:23 1620 records - OK
c4188uno 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/05 01:23:16 1658 records - OK
gzvnr2zp 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/08 00:23:20 1465 records - OK
vd8yd66j 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/10 00:23:14 1588 records - OK
khjvkdup 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/23 00:22:36 1702 records - OK
xwqywygq 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/11 00:22:36 1659 records - OK
d5ftua74 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/30 00:22:34 1670 records - OK
v4dg76nt 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/12 00:22:28 1729 records - OK
lj6rwakk 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/30 01:23:00 1523 records - OK
ahq9l6yv 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/19 01:22:29 1805 records - OK
ft3pzv0j 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 21:00:00 26456 records - OK
dqmlqt4j 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 20:00:00 74279 records - OK
4p8xqmug 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 19:00:00 1 record - OK
Total records count: 4945648
Anti-rootkit module version ( ver: 9.0.201401280, api: 6.09 )
Using c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\yft77t38.key as Dr.Web (R) Key file
This Dr.Web (R) Key is for 1 computer (A User)
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\B31ED844 -rpcpr:np
Object(s) to scan:
- Scan processes in memory
- Scan boot sectors
- Scan system restore points
- Scanning for rootkits
- C:\
- D:\
- C:\autoexec.bat
- C:\hiberfil.sys
- C:\pagefile.sys
- C:\swapfile.sys
- C:\zoek-results.log
- C:\Windows\system32\
- C:\Windows\SysWOW64\
- C:\Users\Ponto Frio\Documents\
- C:\Windows\TEMP\
- C:\Users\PONTOF~1\AppData\Local\Temp\
c:\windows\system32\drivers\dump_diskdump.sys - file not found
c:\windows\system32\drivers\dump_iastora.sys - file not found
c:\windows\system32\drivers\dump_dumpfve.sys - file not found
c:\users\ponto frio\appdata\local\temp\b333f249.sys - file not found
c:\users\ponto frio\appdata\local\temp\b4ed3539.sys - file not found
System Idle Process - file not found
System Process - file not found
Process :0 - read error
Process System:4 - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - infected
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\Microsoft\Windows Store\Cache\0\0-Namespace-https∺∯∯next-services.apps.microsoft.com∯browse∯6.2.9200-1∯670∯pt-BR∯c∯BR∯Namespace∯pc∯00000000-0000-0000-0000-000000000000∯00000000-0000-0000-0000-000000000000.dat - file not found
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - is adware program Adware.Shopper.388
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - infected
C:\ProgramData\Baidu Security\RpData\rpFile-PCFasterSvc-2014-02-16 02-24-32-0985-[6964].tmp - read error
C:\ProgramData\Baidu Security\RpData\rpFile-PcfTray-2014-02-16 02-25-17-0948-[7111].tmp - read error
C:\ProgramData\Microsoft\RAC\StateData\RacEtwData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacMetaData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiDataBookmarks.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiEventData.dat - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbtmp.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\Users\Ponto Frio\NTUSER.DAT - read error
C:\Users\Ponto Frio\ntuser.dat.LOG1 - read error
C:\Users\Ponto Frio\ntuser.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{3D9C4A57-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3D9C4A58-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3E4B8CB7-9718-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{4792A6AD-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C72D81E3-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{DB5640FC-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0ZA66YB1\google_com_br[1].htm - file not found
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\V01.log - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Temp\NOD2F7C.tmp - file not found
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected with Trojan.BPlug.16
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - is adware program Adware.Shopper.363
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - infected
C:\Windows\AppCompat\Programs\Amcache.hve - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG1 - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG2 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - read error
C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log - read error
C:\Windows\SoftwareDistribution\DataStore\DataStore.edb - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Windows\System32\catroot2\edb.log - read error
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\System32\config\BBI - read error
C:\Windows\System32\config\BBI.LOG2 - read error
C:\Windows\System32\config\BBI.LOG1 - read error
C:\Windows\System32\config\DEFAULT - read error
C:\Windows\System32\config\DEFAULT.LOG1 - read error
C:\Windows\System32\config\DEFAULT.LOG2 - read error
C:\Windows\System32\config\SAM - read error
C:\Windows\System32\config\SAM.LOG1 - read error
C:\Windows\System32\config\SAM.LOG2 - read error
C:\Windows\System32\config\SECURITY - read error
C:\Windows\System32\config\SECURITY.LOG1 - read error
C:\Windows\System32\config\SOFTWARE - read error
C:\Windows\System32\config\SOFTWARE.LOG1 - read error
C:\Windows\System32\config\SOFTWARE.LOG2 - read error
C:\Windows\System32\config\SYSTEM - read error
C:\Windows\System32\config\SYSTEM.LOG1 - read error
C:\Windows\System32\config\SYSTEM.LOG2 - read error
C:\Windows\System32\config\RegBack\DEFAULT - read error
C:\Windows\System32\config\RegBack\SECURITY - read error
C:\Windows\System32\config\RegBack\SOFTWARE - read error
C:\Windows\System32\config\SECURITY.LOG2 - read error
C:\Windows\System32\config\RegBack\SYSTEM - read error
C:\Windows\System32\config\RegBack\SAM - read error
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
D: - read error
C:\Windows\system32\catroot2\edb.log - read error
C:\Windows\system32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\system32\config\BBI - read error
C:\Windows\system32\config\BBI.LOG1 - read error
C:\Windows\system32\config\BBI.LOG2 - read error
C:\Windows\system32\config\DEFAULT - read error
C:\Windows\system32\config\DEFAULT.LOG1 - read error
C:\Windows\system32\config\DEFAULT.LOG2 - read error
C:\Windows\system32\config\SAM - read error
C:\Windows\system32\config\SAM.LOG1 - read error
C:\Windows\system32\config\SAM.LOG2 - read error
C:\Windows\system32\config\SECURITY - read error
C:\Windows\system32\config\SECURITY.LOG1 - read error
C:\Windows\system32\config\SECURITY.LOG2 - read error
C:\Windows\system32\config\SOFTWARE - read error
C:\Windows\system32\config\SOFTWARE.LOG1 - read error
C:\Windows\system32\config\SOFTWARE.LOG2 - read error
C:\Windows\system32\config\SYSTEM - read error
C:\Windows\system32\config\SYSTEM.LOG1 - read error
C:\Windows\system32\config\SYSTEM.LOG2 - read error
C:\Windows\system32\config\RegBack\DEFAULT - read error
C:\Windows\system32\config\RegBack\SAM - read error
C:\Windows\system32\config\RegBack\SECURITY - read error
C:\Windows\system32\config\RegBack\SOFTWARE - read error
C:\Windows\system32\config\RegBack\SYSTEM - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 124 files are raised error condition
Scan time is 00:59:36.501
-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - quarantined
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 4 files are neutralized
Total 124 files are raised error condition
Scan time is 00:59:36.501
Dr.Web Scanner SE for Windows v9.0.5.01160
(c) Doctor Web, Ltd., 1992-2013
Scan session started 2014/02/16 11:46:30
Module location : c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Using language: "English"
Available instances: 12
Instances used: 12
Platform: Windows 8 Starter x64/WOW (Build 9200)
API Version: 2.2
Scanning Engine version: 9.0.6.11080
Virus Finding Engine version: 7.0.7.12100
Total 161 virus bases are loaded from c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67
bl8mu22r 7.0 d7c3ccd49deef2c64c6cb883197fb062463199bb 2014/02/16 09:10:21 964 records - OK
y1itcadn 7.0 d07fc5cc240588c772457e7df580f3cec20d9222 2011/07/25 11:20:03 2 records - OK
43npi8ow 7.0 526e94451dc17c95652cb191508515fe593ede4e 2014/02/15 17:02:25 11081 records - OK
dnchhw4y 7.0 8096cc58eae678b74939277d4d6e3b1f7a498c54 2014/02/10 01:06:00 21955 records - OK
gyac4bfu 7.0 d2759d80da4df855cc56a1c3e14dc29721af2eb5 2014/02/03 01:11:13 21349 records - OK
fhljy27z 7.0 3d19003910067f044af4e5fee3ca6ba49b1e0dff 2014/01/27 01:08:07 11704 records - OK
sel7f19u 7.0 9ec552f68211aadc7667cb8fbdeedee84e2ccaf4 2014/01/20 01:10:10 19301 records - OK
cn5ngh5q 7.0 141e9b07b61877285ee8d35a4ca0a552be38d299 2014/01/13 01:07:28 15935 records - OK
fvw9q6fi 7.0 e4963e7b03c06feda00ae36a7942659c0737c1bd 2014/01/06 01:07:22 12941 records - OK
k06us0rl 7.0 c3164a886736d726e2441cad3a4de6f0b0e3219b 2013/12/30 01:07:50 18147 records - OK
r5k92ici 7.0 1b3a9eb9e843e310051345db539364f71dcdce26 2013/12/23 01:07:36 24291 records - OK
x4a5tbb8 7.0 3c6be998bcbacb19a30e4fd27fe02bb8d9401191 2013/12/16 01:08:17 22670 records - OK
v7mjc8u6 7.0 17c7a62a967080ce25e28d47e4cf1035e145ddc1 2013/12/09 01:09:54 21015 records - OK
w66jx0ii 7.0 6dbc5b701b6ffb1a8bc80c52f3454314e6d82273 2013/12/02 01:09:01 20471 records - OK
vphobkz4 7.0 95e77d6bd2c5f5feabdd074d49272f3988737aac 2013/11/25 01:06:55 18641 records - OK
jqohr8d0 7.0 8e677cc8b19dc0ad82c4b71202c0acd9e2e25827 2013/11/18 01:08:42 32245 records - OK
zfj3pyy4 7.0 bc2662842e39ed5dc010a39140fd82d7ad1b6006 2013/11/11 01:09:43 33084 records - OK
slrprloq 7.0 8900859cec3affe1e5bbb086bdb2299d125acf7c 2013/11/04 01:09:28 30356 records - OK
amnqjyi5 7.0 0e9ca4f15f289ae826d213e6a1d672470a127b51 2013/10/28 01:09:43 18457 records - OK
74wndz5o 7.0 eba0efa3e9d70063908fb5e41a704579c255ea33 2013/10/21 01:09:49 19594 records - OK
7socdb5j 7.0 0f5e49d3e5b4c931d1f2de5e7b3551b3290cae26 2013/10/14 00:07:20 22924 records - OK
ouhq5ls2 7.0 11c09a3ae7c80058711dd699aeb1ca4f5ba0f5a5 2013/10/07 00:07:56 24694 records - OK
5k7b0e6b 7.0 27f46d939a14e1a0605b9762db1de5a2aca20a58 2013/09/30 00:08:23 24253 records - OK
3mgetpav 7.0 e679853ff1af1082b1982cf226785128a26e1099 2013/09/23 00:07:56 18453 records - OK
48hbeapb 7.0 690d8b937e4edb8176c3d466585662a6014e3d0e 2013/09/16 00:08:41 19662 records - OK
czkaxew6 7.0 cf5d32d1091e0c33523e8c6f9697c32ef2bf4f29 2013/09/09 00:07:53 11289 records - OK
t45t6h2b 7.0 8f8258337f82d1dd4434e9b71f2e481f06baf7c2 2013/09/02 00:08:50 16486 records - OK
4mzna3mn 7.0 f806ed4628669b46da54d1f2eb12aa9bcef603a6 2013/08/26 00:08:46 18051 records - OK
iivn7kaj 7.0 b453f2d6f8659d9dd5b9aa92f2a4cfa16cbfa1db 2013/08/19 00:07:38 30970 records - OK
8m0wjn9q 7.0 99da1df207839fb44ae24c23590c827a78b79624 2013/08/12 00:07:21 36983 records - OK
fiwzdo84 7.0 f00c8b50a0012e8c42c6739e1326d23df1894610 2013/08/05 00:06:47 34115 records - OK
wcp0cjaj 7.0 896fcf8d5d0cd958da3891b65648d2dc1592338b 2013/07/29 00:07:44 19463 records - OK
nnbtsant 7.0 d690513befab3ea86af2fe671a7f24cc05c9feaa 2013/07/22 00:08:15 35067 records - OK
yp7cxrac 7.0 5d7d11b0edc97be077b0771339ba3dc0c75de9e0 2013/07/15 00:08:05 29822 records - OK
0183cyyq 7.0 67683402b8212ef4da87f649878865c52e5dc113 2013/07/08 00:08:35 39172 records - OK
fo02c3dx 7.0 613a3e4bae38b4e00a7432c24a9cd916fb1c654f 2013/07/01 00:06:34 24654 records - OK
wf1wdr7c 7.0 b81132c4abffd4d2949531a1219b6bb1c3bad6f7 2013/06/24 00:06:30 14062 records - OK
izip1ciw 7.0 9aab251475626c658b193cfa2b5f91da471bf8f2 2013/06/17 00:05:57 13350 records - OK
qcgt1uvy 7.0 e1f8aca88745fcdd49dc7ae75e142c41e1faf178 2013/06/10 00:08:13 26371 records - OK
y9tg22ln 7.0 4e8627555a073f6bad5218bad3e69ebc4b93069f 2013/06/03 00:07:47 25525 records - OK
zrmag7qy 7.0 f562371c5115143824efde38c9567c34ccbe5d1a 2013/05/27 00:16:19 33200 records - OK
gt1gfto0 7.0 eccb30ec8ed44456f9b88fe96d9fe0de40e4fa51 2013/05/20 00:11:05 46384 records - OK
kowfptay 7.0 9b481fbfbe1f564a84f21552da1d30d24e7b01db 2013/05/13 00:07:01 34270 records - OK
l6nfh2be 7.0 1bf754dd720727b5d6803e081c16ff7f4ba7b40b 2013/05/06 00:08:46 41611 records - OK
ck4s08qb 7.0 4e883c92513c2d991968fb3e4f27910a63d9a2df 2013/04/29 00:06:36 36105 records - OK
3btyhv9y 7.0 b047d178295ecde53c3cf1c34e4361004569fa33 2013/04/22 00:07:26 31319 records - OK
h8gvyy3v 7.0 9207e55a924e4aa989dfde4d8d219cf5cc200ce2 2013/04/15 00:07:56 28216 records - OK
ry14f2nl 7.0 78855cfb9fbc063889c5405a577fe73188f08789 2013/04/08 00:05:35 23589 records - OK
fghl1kvt 7.0 cec6d34c79d50608520e81b90a23d91f39df0b27 2013/04/01 00:07:37 26946 records - OK
03pft2ue 7.0 fd3c78d78ea4dae4e252a7f7d76db22e1a679be9 2013/03/25 00:05:37 34778 records - OK
xyomzq65 7.0 268e71b1123ab5e60fd2f38d269fe5f3d22b3697 2013/03/18 00:06:19 11271 records - OK
224z58g3 7.0 d196879775b0dc0ee8286f2e4def9adedb5b88df 2013/03/11 00:05:36 12046 records - OK
onnzxrwq 7.0 0db61d4e3235481da8493523538ced712db362c2 2013/03/04 00:05:18 21747 records - OK
arfbwtpb 7.0 65f99faf227b51883c9f1c854a3f76806b60affb 2013/02/25 00:06:28 11540 records - OK
qzv9m392 7.0 17bd7383b9c4b214c5c9029171db8ae1455984a0 2013/02/18 00:06:38 15568 records - OK
ty8loiv5 7.0 cbe8774953ae403e49370d552b522a5839aa9fdb 2013/02/11 01:06:00 18805 records - OK
wa95ilsy 7.0 fb6865c02a3680338e4ee0603579107227313b2b 2013/02/04 01:06:01 32488 records - OK
jwiku9tz 7.0 95fcd2e24cd9b2ec2610656ffa70b8bf46e86a8b 2013/01/28 01:04:52 15470 records - OK
ex1h2hqb 7.0 3d710b3dd4580a7eca8c74d2c886d48f5b8b5172 2013/01/21 01:06:27 30093 records - OK
ktgc4t6q 7.0 bddde0b5426b7e5bebd61e1239ca529c87ae6e36 2013/01/14 01:04:41 16158 records - OK
uzksurca 7.0 bc40bd9330301e8d7796f489d03357fb711b3121 2013/01/07 01:04:45 19597 records - OK
41rprlh3 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/31 01:05:41 18184 records - OK
1xua94uq 7.0 c680da06ac6ec011d130e7ac765e33da89e2820a 2012/12/24 01:05:33 29945 records - OK
2okmoz7c 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/17 01:06:21 25519 records - OK
aa07smk7 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/10 01:05:04 20358 records - OK
nvvpxq6q 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/03 01:06:19 20133 records - OK
f18s2zii 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/26 01:05:22 27311 records - OK
flqa5ukx 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/19 01:06:09 29434 records - OK
hlvvhfbq 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/12 01:06:22 26900 records - OK
tvb3cjxj 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/05 01:05:22 25164 records - OK
nfx8ep1i 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/29 01:06:37 30226 records - OK
60chs7rj 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/22 01:04:37 16441 records - OK
wbnx3atd 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/15 00:05:04 26289 records - OK
gx2qeiho 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/08 00:05:51 27278 records - OK
1jsz8j9j 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/10/01 00:05:11 17444 records - OK
24e5dgxk 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/24 00:06:30 21205 records - OK
9gxnlke7 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/17 00:05:43 11686 records - OK
rctbu21a 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/10 00:04:34 12677 records - OK
gmaz687l 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/03 00:05:28 10118 records - OK
zm7mmyfj 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/27 00:05:26 12602 records - OK
x4edqlml 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/20 00:04:05 18298 records - OK
wrfdpt5x 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/13 00:05:19 17126 records - OK
y8gvanmf 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/06 00:03:53 20539 records - OK
78l9w0e9 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/30 00:05:26 19330 records - OK
lxjwz8ca 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/23 00:05:34 19692 records - OK
6j3m574w 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/16 00:05:43 14727 records - OK
ngigidsy 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/09 00:04:33 19485 records - OK
fqx10dai 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/02 00:04:55 22898 records - OK
cb2mnrrq 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/25 00:05:17 20551 records - OK
iyjvh8k7 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/18 00:03:35 9661 records - OK
3a7c1sqr 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/11 00:04:32 23632 records - OK
igzht5z3 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/04 00:04:41 12423 records - OK
9yvz66ey 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/28 00:04:26 15493 records - OK
6t5hqtqb 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/21 00:03:29 13065 records - OK
ibnywp8n 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/14 00:04:24 16238 records - OK
mvxj4wm3 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/07 00:04:33 11570 records - OK
czwra84t 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/30 00:03:28 15478 records - OK
ne32wkle 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/23 00:05:05 11881 records - OK
34om2okx 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/16 00:03:29 13578 records - OK
byqcde13 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/09 00:05:02 14292 records - OK
o77na7dd 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/02 00:03:24 14084 records - OK
v7xy52ky 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/26 00:04:43 19126 records - OK
x9tf3yxt 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/19 00:03:23 14920 records - OK
l308klm0 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/12 00:03:25 19017 records - OK
tyc4mx5l 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/05 00:04:32 19691 records - OK
3ci7rhc4 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/27 00:03:21 23605 records - OK
25163pcs 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/20 00:03:45 19067 records - OK
dy01ueny 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/13 01:04:49 19019 records - OK
9m7t8lae 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/06 01:05:25 28028 records - OK
l9gjym05 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/30 01:08:41 29444 records - OK
o2206aa7 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 06:22:13 19353 records - OK
3jbkfuu6 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/16 01:12:31 20747 records - OK
a8ygmf86 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/09 01:04:30 28052 records - OK
pmmi9k13 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/02 01:04:40 12183 records - OK
fm40slxr 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/26 01:03:33 19984 records - OK
9e448pxd 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/19 01:08:45 22627 records - OK
rbby9k2f 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 18:20:22 49580 records - OK
tq428dj5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 06:00:00 45195 records - OK
cvta8ras 7.0 1a1e6cb9b3096a2cbba2c31d05e11914c0357d52 2011/12/04 05:00:00 165532 records - OK
aznttks0 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 04:00:00 170820 records - OK
t2oiria1 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/04 03:00:00 171279 records - OK
355stucm 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/04 02:00:00 170253 records - OK
nslfm6d2 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/04 01:00:00 170291 records - OK
3u0b3z7l 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/04 00:00:00 170501 records - OK
hdh36pjq 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 23:00:00 353582 records - OK
bq4b2pxi 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 22:00:00 852776 records - OK
cyfvwkiz 7.0 8564e9031b3c1451ba5e7a91d407af6f1a541a23 2014/02/16 09:10:45 1189 records - OK
3fehrhy9 7.0 ce3100ec091fcc4cfffed117a4f62fb0bd553113 2013/11/25 01:15:53 1683 records - OK
ws1ys71l 7.0 6ede5b37423910c2f3ffff6d90fef6a16e565e5e 2013/09/02 00:14:42 1327 records - OK
557ndqdd 7.0 c1d53c2aef72dfab36a8045897938e7a31f279ac 2013/07/15 00:15:07 1590 records - OK
wylpa581 7.0 0cb77ee7a3e6545553585eb6df267a86d4fecbe4 2013/04/22 00:14:29 1680 records - OK
jcbocj0p 7.0 6cb68b8fab821702ef054f864ff44917414e50fa 2013/02/04 01:13:43 2078 records - OK
pfv48s8u 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/17 01:14:14 1725 records - OK
t0rjkyl5 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/12 01:12:52 2050 records - OK
v44v9ecm 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/24 00:13:14 1456 records - OK
9bew4743 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/25 00:12:36 1421 records - OK
oe29ic9e 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/26 00:12:30 1385 records - OK
hsk6equa 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/23 02:56:09 1653 records - OK
a2zs36t4 7.0 026752cf6911ff458c1bfea9353115de0429e941 2014/02/16 09:10:37 2481 records - OK
twhgpfha 7.0 79ee97945d406605f5330158ea8367948c6377de 2013/12/23 01:25:01 2352 records - OK
0j3897sr 7.0 4ed4e052d8cc2df4eb5f1916da50e16da9e4e3da 2013/10/21 01:25:47 2062 records - OK
a14y7yjg 7.0 cc2fc58477a41d340f63e6d3d228133c927a9810 2013/09/16 00:25:22 3440 records - OK
4ph12y0h 7.0 63ff62f7b5aa956912f6c29e7ad7be26569416ff 2013/08/19 00:25:05 1485 records - OK
rg4e3rbz 7.0 d95d1ab4adf9a869001802f64960356e903dd478 2013/07/22 00:24:06 2214 records - OK
906mcjkr 7.0 45cdfad530697916adbfea43a8763a4ab0c95beb 2013/05/20 00:24:48 1426 records - OK
2x6nd50k 7.0 bd9fd948b79e07c8676018e17a43ee81f5335e36 2013/04/22 00:24:10 1641 records - OK
tcr6ilnw 7.0 c7f70566b9bae9fd3f5a8d0b56d961f890a55508 2013/03/18 00:23:44 1742 records - OK
39cjsszh 7.0 8893c0d254eb40c78b5c78ea17fbc3be60ea6304 2013/01/21 01:24:33 2016 records - OK
cpmxkvec 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/10 01:23:23 1620 records - OK
c4188uno 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/05 01:23:16 1658 records - OK
gzvnr2zp 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/08 00:23:20 1465 records - OK
vd8yd66j 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/10 00:23:14 1588 records - OK
khjvkdup 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/23 00:22:36 1702 records - OK
xwqywygq 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/11 00:22:36 1659 records - OK
d5ftua74 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/30 00:22:34 1670 records - OK
v4dg76nt 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/12 00:22:28 1729 records - OK
lj6rwakk 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/30 01:23:00 1523 records - OK
ahq9l6yv 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/19 01:22:29 1805 records - OK
ft3pzv0j 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 21:00:00 26456 records - OK
dqmlqt4j 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 20:00:00 74279 records - OK
4p8xqmug 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 19:00:00 1 record - OK
Total records count: 4945648
Anti-rootkit module version ( ver: 9.0.201401280, api: 6.09 )
Using c:\users\ponto frio\appdata\local\temp\B070F53E-BB3CB1D1-D3B5D2AD-2A055A67\yft77t38.key as Dr.Web (R) Key file
This Dr.Web (R) Key is for 1 computer (A User)
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\B31ED844 -rpcpr:np
Object(s) to scan:
- Scan processes in memory
- Scan boot sectors
- Scan system restore points
- Scanning for rootkits
- C:\
- D:\
- C:\autoexec.bat
- C:\hiberfil.sys
- C:\pagefile.sys
- C:\swapfile.sys
- C:\zoek-results.log
- C:\Windows\system32\
- C:\Windows\SysWOW64\
- C:\Users\Ponto Frio\Documents\
- C:\Windows\TEMP\
- C:\Users\PONTOF~1\AppData\Local\Temp\
c:\windows\system32\drivers\dump_diskdump.sys - file not found
c:\windows\system32\drivers\dump_iastora.sys - file not found
c:\windows\system32\drivers\dump_dumpfve.sys - file not found
c:\users\ponto frio\appdata\local\temp\b333f249.sys - file not found
c:\users\ponto frio\appdata\local\temp\b4ed3539.sys - file not found
System Idle Process - file not found
System Process - file not found
Process :0 - read error
Process System:4 - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - infected
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\Microsoft\Windows Store\Cache\0\0-Namespace-https∺∯∯next-services.apps.microsoft.com∯browse∯6.2.9200-1∯670∯pt-BR∯c∯BR∯Namespace∯pc∯00000000-0000-0000-0000-000000000000∯00000000-0000-0000-0000-000000000000.dat - file not found
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - is adware program Adware.Shopper.388
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - infected
C:\ProgramData\Baidu Security\RpData\rpFile-PCFasterSvc-2014-02-16 02-24-32-0985-[6964].tmp - read error
C:\ProgramData\Baidu Security\RpData\rpFile-PcfTray-2014-02-16 02-25-17-0948-[7111].tmp - read error
C:\ProgramData\Microsoft\RAC\StateData\RacEtwData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacMetaData.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiDataBookmarks.dat - read error
C:\ProgramData\Microsoft\RAC\StateData\RacWmiEventData.dat - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbtmp.log - read error
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - read error
C:\System Volume Information\{073940a5-9331-11e3-bfb2-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a06a038-966b-11e3-bfbf-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{0a553239-894c-11e3-bf9f-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{20bde0e0-95f4-11e3-bfb9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{bd5ee6c6-8f1f-11e3-bfa9-208984040a5a}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\{d2353265-8c16-11e3-bfa4-5cc9d31d9238}{3808876b-c176-4e48-b7ae-04046e6cc752} - read error
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - is adware program Adware.Searcher.2630
C:\Users\Ponto Frio\NTUSER.DAT - read error
C:\Users\Ponto Frio\ntuser.dat.LOG1 - read error
C:\Users\Ponto Frio\ntuser.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{3D9C4A57-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3D9C4A58-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{3E4B8CB7-9718-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{4792A6AD-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C72D81E3-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{DB5640FC-9716-11E3-BFC6-208984040A5A}.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0ZA66YB1\google_com_br[1].htm - file not found
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\V01.log - read error
C:\Users\Ponto Frio\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
C:\Users\Ponto Frio\AppData\Local\Temp\NOD2F7C.tmp - file not found
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected with Trojan.BPlug.16
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - infected
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - is adware program Adware.Shopper.363
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - infected
C:\Windows\AppCompat\Programs\Amcache.hve - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG1 - read error
C:\Windows\AppCompat\Programs\Amcache.hve.LOG2 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - read error
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - read error
C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log - read error
C:\Windows\SoftwareDistribution\DataStore\DataStore.edb - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Windows\System32\catroot2\edb.log - read error
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\System32\config\BBI - read error
C:\Windows\System32\config\BBI.LOG2 - read error
C:\Windows\System32\config\BBI.LOG1 - read error
C:\Windows\System32\config\DEFAULT - read error
C:\Windows\System32\config\DEFAULT.LOG1 - read error
C:\Windows\System32\config\DEFAULT.LOG2 - read error
C:\Windows\System32\config\SAM - read error
C:\Windows\System32\config\SAM.LOG1 - read error
C:\Windows\System32\config\SAM.LOG2 - read error
C:\Windows\System32\config\SECURITY - read error
C:\Windows\System32\config\SECURITY.LOG1 - read error
C:\Windows\System32\config\SOFTWARE - read error
C:\Windows\System32\config\SOFTWARE.LOG1 - read error
C:\Windows\System32\config\SOFTWARE.LOG2 - read error
C:\Windows\System32\config\SYSTEM - read error
C:\Windows\System32\config\SYSTEM.LOG1 - read error
C:\Windows\System32\config\SYSTEM.LOG2 - read error
C:\Windows\System32\config\RegBack\DEFAULT - read error
C:\Windows\System32\config\RegBack\SECURITY - read error
C:\Windows\System32\config\RegBack\SOFTWARE - read error
C:\Windows\System32\config\SECURITY.LOG2 - read error
C:\Windows\System32\config\RegBack\SYSTEM - read error
C:\Windows\System32\config\RegBack\SAM - read error
C:\hiberfil.sys - read error
C:\pagefile.sys - read error
C:\swapfile.sys - read error
D: - read error
C:\Windows\system32\catroot2\edb.log - read error
C:\Windows\system32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - read error
C:\Windows\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - read error
C:\Windows\system32\config\BBI - read error
C:\Windows\system32\config\BBI.LOG1 - read error
C:\Windows\system32\config\BBI.LOG2 - read error
C:\Windows\system32\config\DEFAULT - read error
C:\Windows\system32\config\DEFAULT.LOG1 - read error
C:\Windows\system32\config\DEFAULT.LOG2 - read error
C:\Windows\system32\config\SAM - read error
C:\Windows\system32\config\SAM.LOG1 - read error
C:\Windows\system32\config\SAM.LOG2 - read error
C:\Windows\system32\config\SECURITY - read error
C:\Windows\system32\config\SECURITY.LOG1 - read error
C:\Windows\system32\config\SECURITY.LOG2 - read error
C:\Windows\system32\config\SOFTWARE - read error
C:\Windows\system32\config\SOFTWARE.LOG1 - read error
C:\Windows\system32\config\SOFTWARE.LOG2 - read error
C:\Windows\system32\config\SYSTEM - read error
C:\Windows\system32\config\SYSTEM.LOG1 - read error
C:\Windows\system32\config\SYSTEM.LOG2 - read error
C:\Windows\system32\config\RegBack\DEFAULT - read error
C:\Windows\system32\config\RegBack\SAM - read error
C:\Windows\system32\config\RegBack\SECURITY - read error
C:\Windows\system32\config\RegBack\SOFTWARE - read error
C:\Windows\system32\config\RegBack\SYSTEM - read error
C:\Windows\SysWOW64\log.txt - read error
C:\Users\Ponto Frio\AppData\Local\Temp\JET2FA6.tmp - read error
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 124 files are raised error condition
Scan time is 00:59:36.501
-----------------------------------------------------------------------------
Start curing
-----------------------------------------------------------------------------
C:\System Volume Information\SystemRestore\FRStaging\Users\Ponto Frio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\inject.js - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDeals\uninst.exe.vir - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\FindRight.DIR\bin\plugins\FindRight.FFUpdate.dll - quarantined
C:\Users\Ponto Frio\AppData\Roaming\ZHP\Quarantine\SaveSenseLive.DIR\Update\1.3.23.0\SaveSenseLiveHandler.exe - quarantined
Total 52518248018 bytes in 216866 files scanned (327459 objects)
Total 216740 files (327330 objects) are clean
Total 4 files (5 objects) are infected
Total 4 files are neutralized
Total 124 files are raised error condition
Scan time is 00:59:36.501
AndreaGM- Iniciante
- Mensagens : 36
Reputação : 1
Data de inscrição : 15/02/2014
Página 2 de 3 • 1, 2, 3
Tópicos semelhantes
» Quero tirar este awesomehp do meu computador!
» alguém pode me ajudar?
» Como remover Hoolapp for Android ?? Por favor alguém me ajudaa ...
» Alguem pode me ajudar a retirar o virus Win32:RmnDrp?
» Virus juejo alguem sabe como retirar
» alguém pode me ajudar?
» Como remover Hoolapp for Android ?? Por favor alguém me ajudaa ...
» Alguem pode me ajudar a retirar o virus Win32:RmnDrp?
» Virus juejo alguem sabe como retirar
Página 2 de 3
Permissões neste sub-fórum
Não podes responder a tópicos
|
|