Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

» Baidu lança buscador no Brasil!
Seg Ago 17, 2015 12:25 pm por joram

» Kaspersky é acusada de inventar vírus!
Sex Ago 14, 2015 3:32 pm por joram

Dezembro 2016

SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 9:00 am

    Log [Você precisa estar registrado e conectado para ver este link.]

    # AdwCleaner v3.000 - Report created 23/08/2013 at 09:31:57
    # Updated 20/08/2013 by Xplode
    # Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
    # Username : Edja Talita - EDJATALITA-HP
    # Running from : C:\Users\Edja Talita\Desktop\adwcleaner.exe
    # Option : Clean
    ***** [ Services ] *****
    Service Deleted : SProtection
    Service Deleted : Updater Service for StartNow Toolbar
    ***** [ Files / Folders ] *****
    Folder Deleted : C:\ProgramData\APN
    Folder Deleted : C:\ProgramData\DealPlyLive
    Folder Deleted : C:\ProgramData\Iminent
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
    Folder Deleted : C:\Program Files (x86)\DealPly
    Folder Deleted : C:\Program Files (x86)\DealPlyLive
    Folder Deleted : C:\Program Files (x86)\Iminent
    Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
    Folder Deleted : C:\Users\Edja Talita\AppData\Local\DealPlyLive
    Folder Deleted : C:\Users\EDJATA~1\AppData\Local\Temp\Iminent
    Folder Deleted : C:\Users\Edja Talita\AppData\Roaming\DealPly
    Folder Deleted : C:\Users\Edja Talita\AppData\Roaming\Iminent
    Folder Deleted : C:\Users\Edja Talita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
    File Deleted : C:\Windows\Tasks\Dealply.job
    File Deleted : C:\Windows\System32\Tasks\Dealply
    File Deleted : C:\Windows\System32\Tasks\DealPlyUpdate
    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
    Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : HKCU\Software\DealPly
    Key Deleted : HKCU\Software\Iminent
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\Zugo
    Key Deleted : HKLM\Software\DealPly
    Key Deleted : HKLM\Software\Iminent
    Key Deleted : HKLM\Software\StartNow Toolbar
    Key Deleted : HKLM\Software\Umbrella
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
    ***** [ Browsers ] *****
    -\\ Internet Explorer v10.0.9200.16660

    *************************
    AdwCleaner[R0].txt - [24101 octets] - [23/08/2013 09:30:23]
    AdwCleaner[S0].txt - [23936 octets] - [23/08/2013 09:31:57]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23997 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.5.4 (08.22.2013:1)
    OS: Windows 7 Home Basic x64
    Ran by Edja Talita on 23/08/2013 at  9:37:17,85
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    ~~~ Services

    ~~~ Registry Values
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe

    ~~~ Registry Keys
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dealplylive.exe
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9cf699ca-2174-4ed8-bec1-ba82095edce0}

    ~~~ Files
    Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
    Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job

    ~~~ Folders
    Failed to delete: [Folder] "C:\ProgramData\baidu"
    Successfully deleted: [Folder] "C:\Users\Edja Talita\AppData\Roaming\baidu"
    Successfully deleted: [Folder] "C:\Program Files (x86)\startnow toolbar"
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{021812AF-2C22-4742-BD01-331E068EA56C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{02521DAA-C7CB-48AB-A446-AD51E0FC4850}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{03BA04A4-992F-44A6-BDC6-489193D67695}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{044FF4D6-B350-4B0B-9637-983E2F55182F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{08A5D12E-3ECF-4695-BB33-361AF8353A74}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0A582697-51D4-47DA-AED4-A75302310F85}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0AD9D381-B951-48FA-9197-C1D3FAA594F6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0BA86C3C-DCCD-4D40-B191-75E1505B345B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0CD4AFF2-B0ED-4399-AB52-22676FC6F8E6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0E4AFECA-DC70-4121-B6AA-0D246C22B625}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1119FB45-43AD-426D-B15A-BA02B0045EBA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{11F5AD26-EE30-4B53-89FB-6B9DEEB175F1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{12586683-4DB4-4001-9040-21E38890B3EF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{12630228-ED4D-42FF-A02F-F3AC005BC7AA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1265143E-4422-46B5-81C4-BA83BE1C2787}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1435737A-98FA-4FF5-9279-E5A458E04188}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{144D99FD-E1F3-446A-8ED3-82A9F5BDAFB9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{15757137-382E-4BF2-8258-AC14F7CB4A40}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{15B006D9-1DE5-4AD9-A05C-D0877221DAF9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{188FADE6-A22F-4DA7-92EF-F36C473273BA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{18CCB04A-DE71-4966-8B60-C94EADEF7800}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{19E4224D-D341-43EA-B400-F18109E2832E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1ABE50CF-21A1-4FB8-8DE8-5A4225CC94A5}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1B00BE5E-003B-48C3-8544-1D8DA608AD59}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1B585BCE-4B86-4120-92DE-DFE949F38D47}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1CC1A3C8-F956-4B76-8552-7359E53BBC0C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1D28BA72-32EB-4CB9-80B6-0DDDDF216C33}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1D52225F-9616-4C16-B184-4E1E7515812C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1E38EE3C-C7F7-4CB5-A934-A70164BF2C3A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1FA3D90C-C8A4-4561-A802-D48AC958300F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{21BAB764-F040-4C22-B18E-F37C4C62D066}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{21FB44C8-2BB7-44C6-84EE-9E226E7988F0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2393AA5A-8A86-4B7E-86EE-FD56A00B482E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{23D334EE-7178-4EE2-B6D7-858D3191BBDC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{24DADD51-BE86-4984-9174-88A01FA97111}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{26472463-F15C-4A41-9E78-8CB07B65B0E2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{275D40D7-3844-4D6D-A86C-AC335E2C1A8D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{28A4BF7D-115D-4622-BD89-06B93DD0C5D1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{28CE13B2-3203-4934-A8A1-9444BC202442}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{29CD5D1E-458B-4A37-A0FE-4DF0111E32AC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{29F63679-339E-4398-ADA0-16C1369B0F4E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2A61100A-2775-4BEF-930E-18BD56A2BB60}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2B697E07-86B3-4C4E-A0CF-ECCD9E608F5A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2DB69A9D-A9D9-4A7D-957B-5460F68645F4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2E13E520-6C8B-4576-A354-AB54B54BB4DA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2E83C7EF-EB20-4DF1-B1EE-0912EDB23A00}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2FBE34DA-344B-43AD-841A-5DEE6E5B026E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2FE22BA5-1477-447F-B58B-2D7DB1952FF2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{32472AE4-83A7-4D01-8CFC-5EB1B53B36BB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3337EA1F-3712-4623-A57A-4AB5F66BE0B1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3354CB54-684E-4C0F-945B-C8ABDDC1DA7C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{336E072C-F9E3-4633-83E0-EDC42B12E8EA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{34395B4A-4E86-4247-82DF-178DADADE4E3}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{34EF6AFC-EAA9-463B-946C-DE0672F46A2B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{375A3C69-7989-42F1-9B7B-5184CAF5F394}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{37A2C46C-9E5F-4B97-9333-2C3B75C42D0F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{389AA021-B212-477E-8D62-48C6F148E0E2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3AB943E3-1E4A-4879-9B5A-B049723845EC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3BF4EC94-CE44-4851-A7A1-1F22E41427DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3C1598AF-671F-41F4-B23B-90FD6C2CD6CC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3CC539BF-567B-4A7F-A974-D376986D123D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3CFAE21A-0BCC-495A-A4E7-F5418B025852}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3D2BF633-BE48-4501-9FA4-C076D863725D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3E9C4EAF-E786-4EE8-823C-AE28D02E6233}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3EB8B9F0-3620-408D-8B90-6C98B49F7D72}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3F5E2004-DC99-4153-BF85-3C6C444D04DF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4068B846-00CE-4BE1-8080-227CABE1C353}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{40730DF2-8A31-4FAB-BD52-AF1784F7A732}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{418A1E5F-F023-462D-8ABA-A13E688E1FCA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{41F41375-2E08-40B6-81BA-75DEE92A64F4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{42882E2B-9567-408C-A7F5-E25E1463EAB6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4305C3CC-4962-429D-A8B1-7B75766E5589}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4403B59D-302D-49A4-A2A9-B2055A5CFB0F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{44E3F678-A020-4090-9196-D91608633335}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{45F56343-82EB-498D-A5EB-3739BDF2FD3E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{46561FFB-66E1-4F8A-8D8C-D6200367277A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{46BC0DD6-EF47-4D45-B6C1-5B2D6FAFA918}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{475A7C7F-825D-4036-86FE-EA9D87430B83}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{47812B87-CA17-4B27-A1D5-27BE59B35161}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{47E1EAC3-0562-437B-A72A-A6AABBCF899E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{48159DAE-338A-4F0B-A251-927295FD32F0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{49127EA7-5398-4A54-ABDC-33C7D9B146F7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4A54B684-58F0-424D-9E53-B050DE668B28}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4B7A5870-C81B-485A-911D-652F121B77ED}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4D76A2EE-D56B-4012-B323-6A7BA165FC17}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4DD2E704-4DA4-494E-8EFE-49996DF1C693}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4EA0F976-F397-4E44-813F-2BB418705CED}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4EE8FF07-57AB-484B-A5D2-A9ADFAD2D561}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4F2CAA39-D8A6-4859-88E2-057DB1DA5774}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4F3C211E-6F6D-4748-8B7E-01A37196996F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{50B2133F-B338-4205-802F-181754E0CAC1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{51938E8C-FA5B-4EEF-9259-2049473CDCAD}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{51C93C57-97F4-46C2-8497-15B22C8C4CCA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{527D81CB-48EA-4561-8E6F-DE1D37372742}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{531BED53-55EA-4EBA-AF1F-A4E4EA1D93AF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{53AF15FC-CD64-4C5A-AD61-EDDC48E83A7F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{53E108AE-81A0-4A98-ADF6-6340AE83CB91}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{548B2764-83C9-42B7-9544-D57557F9299D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{55B4B4AE-B927-41C2-8AEA-E2A1FD267127}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5677F01B-E43E-4A61-B7C9-532925180D12}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{56EC0D17-AB18-48AE-846A-66A664F6FDA2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5740048B-C61E-421A-9D54-039DCF199CE0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{59975E41-E6AB-4523-A22D-D80E0E09B0E8}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5AA24A4B-322D-4373-A8E7-C118523A62EE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5B5AF003-42CE-4DB3-8C3D-0A16198F28E6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5CEB0248-0D7B-4131-89B8-BD3DCD880914}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5D6F13F1-EC51-4D36-9C28-A4FBFED5F5D1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5E6142A1-3132-40E5-BA6F-83F024FAD509}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5E76A381-7747-4FC0-B56B-BC8BFFEA6181}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5F4C024D-8A9A-4174-90C0-65FA7C6AEABB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{616569A8-B09F-4E56-B43F-6E58C078B51D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6220339F-E65E-49B5-8E8F-13679BAD3306}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{62C469C5-5AAE-49DF-86BB-772A41E5B4E6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{641D83FD-CBCE-4D4E-A84D-2D7A2F479BC5}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6547BC8C-35AA-48BD-AB3A-CAAD883573FC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{65DBBCCF-14F6-4053-9CAD-B38CB5055AC4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{698FA4CB-62EC-48CF-863C-0970EAFCAA44}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6A33C2E0-BF67-41EA-95F2-0497AA68EF26}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6A4E93CA-DC6B-423F-B8DD-08982D034E77}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6A62C714-BF7D-454D-88DB-C3ED1324E33E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6B122E51-4DE4-4C71-B1DA-C4F359771C4C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6BBCD486-ABBA-47D4-934E-358F61E1454C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6BBE2390-87E9-40F2-AB51-59B0EE7672A0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6D37BE13-F745-409A-9C90-6911171881BB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6E54234E-A280-4958-AB02-09840ED13BF8}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6F065CB0-C6D2-43C1-823B-5C83066C3642}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{70985994-9EA9-41A7-B99E-88CA8B746117}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{724CFF96-A9A8-41EE-8D51-86E2DF21CEFF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{73CD407B-7E4A-405E-9D86-E867638F3C91}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{76DAB5C0-32DE-40EE-B88D-48FCB3C03FE9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{782F6000-06FF-4C93-BED7-92D2048399B7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7881A915-B37A-4F54-B23C-B4DAD2284352}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{78B6B305-D79C-421E-8E5A-B15CE639FE6B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7A0570C1-BD3B-4C5F-988C-8B15356BBDB8}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7A5EB160-A190-482C-B308-2019814B7E3A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7AA66EED-3ED4-4F49-B331-3D59142510C2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7D8C7F74-D3AA-4822-BF68-81A052846129}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7E99F3F7-D54F-444A-8269-3C2FBA2744E7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7F5D5903-639B-4B02-8330-C03F145EA649}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8193D8AE-26B1-4B28-810E-E6DBCE0C04F1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8212EAF7-2CEE-46B8-9696-F6D09F5F8C7B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{821BC6CE-7BE6-4578-9D3D-F61D5AF30F5D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{82617E42-CCE2-4817-8C6A-35E4086C0351}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{82722F8E-D145-4AF0-B25A-C3A9C171EF6F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8294F708-AC7B-43E9-BA89-1E1ABCE6698F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8560E63D-1DE6-44C9-8DBF-A22157E9DD7E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{85EEA187-D5B7-4AF9-97A4-FFBE87693ECF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8815847B-C220-4836-BD32-A42380A44C89}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{88292F10-ED1A-4677-BC80-BC5BDEA9221C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{88D548D2-9D27-4252-B64F-41C4FA0AC9C2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{892E5010-5122-4A4E-B508-59E77A30E240}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8CAC3494-1DC3-456D-AE86-0DE3756CE65C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8CE16BB6-5851-42C9-83AF-DD301259DD60}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8D0848DD-A856-4B64-B33D-6FBB3F5DA567}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8D1971D5-9319-4CB5-9276-34049AEBE15A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8D760743-B05C-4A85-B4FA-BB184C6364C4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8EAD9C06-42E8-4AC9-A6CD-FB54919C4FE4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8F9C2DA2-DFDA-4169-99B8-9F9661054FAB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{909791FA-80BE-4E41-A4D1-58961BFDCA9A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{90E8229B-1CFB-44AE-9D54-98250220BDBF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{933DB6E8-2BAA-4288-915F-ED6EE7A86237}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{93859602-46BB-4F1F-8BE9-F63BE9119FC1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{943073A4-86F1-479C-A9B3-032585A88AF2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{96EC8365-34AD-4F63-8AA7-DC7DE0F9B882}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{97163DD2-1E10-4F62-8AD3-6FFBF2DFBE2B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{97A5BA8E-F709-4EB5-B2B2-F0D96D603A4B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{98D6EE56-036D-45D7-A15B-420AFE592E22}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{99E83713-B91D-4ABB-8CE7-894F6C9276FF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9B5C7FC1-0FE1-4617-9BBF-558A0AC85874}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9BCE32CD-7681-426A-9143-6EB804BD1686}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9C99AB04-F5E5-48CC-805F-6D93E2E0EF79}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9D564E49-03D6-4A34-BB61-6F986CC542A2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9F2D66D4-DA4F-4836-B2D0-3AF451928730}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A0E20E1D-CC00-4490-B335-F1DBE6A03EC7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A1BD9173-BBBB-4EDE-9A45-62A70E788997}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A2AFD7D8-9FB0-433D-AFA6-257785992CCE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A2EDE71D-EC5B-4E96-AB74-ABD161025827}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A30BE02A-768A-40AA-8D02-03D5D9EA93C7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A342345A-0FD8-4485-9A2C-CA73BAF3D24C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A49206A2-FED7-476F-8841-74BDDA9DD607}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A4D50F52-6C87-445E-9334-1319E6712445}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A647D4D4-7641-4B76-9AAC-A49FBE0B6AF2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A68ED153-7C94-4496-A4CE-E746CC5D5E3A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A6A14E65-D9E8-4F8B-B288-15BF459310F1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{AAE65D60-6300-4BDC-8644-B1477B4E3118}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{AC174B80-05A3-4F5B-A7B2-EC28CDC8C309}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{ADC49213-36C4-486E-AE8C-493EDCB45FAF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{AEE7D253-34C3-48B6-8A10-31E3D36448D7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B1066E51-E59E-4D06-B734-9442554B190C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B16C694A-81AD-4CD4-97F5-EACDF9A0A895}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B1EA8155-80BE-497D-94D3-FB058B58F36C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B21A5581-1404-498F-847A-C99AD5759BA1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B349F0C4-714E-4F40-A74A-F88BD7E21F71}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B371F0DE-72E0-480D-AC52-579698D15B10}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B4EC3244-A96B-41EB-A286-0F935CFC4C38}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B6F38CF2-7675-4807-A8C6-629A1CCC8BB3}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B7AE8E56-6CE3-4F24-A609-4A22C934B130}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B88DC098-24EC-42A0-A450-24996204E4DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B9CBFECF-50E4-49E8-99E3-A2E019652E5A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{BAC9B9B5-8A7E-4F42-8C56-E98BA7461BB9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{BADE02B3-DE9A-4AD5-B93E-D184A6313A2A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{BED2BDF1-C929-42C8-B95A-422598293747}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C0A616D4-90AB-4F30-B745-C53C22ED7FCA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C15136B8-A080-4A86-A9C2-DC12D1B12BC5}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C20BE8FF-3D75-4395-B31B-FF218455C06E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C2600DA7-E52E-46CD-91E2-6C18019C82DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C43E8FBB-60F9-414F-88DB-956611579132}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C4D8E728-A9A0-4D3D-BA46-8FB974C280E1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C50B4134-831C-42FC-B51D-8219B2408268}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C6155590-97FB-4C21-B484-2965E0F7FC73}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C6B7199A-168C-4043-A78F-9B67021D6A76}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C8394A40-9AD8-40B6-B48B-95BCF548AA7D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CAC51C6E-03E1-4013-8A55-D8202C55591D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CCB7725B-10C4-4B7A-8FB7-3FD2645663AC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CD6A44D2-659E-4C00-B2CF-5A810B7447C7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CD7A13DD-098E-49CA-921E-73E886EBA5F9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CDBA1D65-C676-4516-B0CB-592BB38F3042}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CE9EB947-51A0-4BC2-B8E9-093B831D1958}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CF4EF8E7-72DB-40C0-9EFE-7DC9AABDD8B6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D1BCD67E-30DD-4E7E-A412-4CB93918A447}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D2612AAB-33BC-4F4C-BAE2-69A240E17355}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D296C374-C2BD-420F-9314-A791BCCFE8AB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D48D7A65-AFE9-42D5-A6F1-015BF64372C9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D6A2C165-76B1-4D90-8BC1-086C62FC77DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D6E49E7E-62C6-42B4-9306-F2154EC49E9D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D79803E3-131C-4F27-AB8E-94DBB4277CEB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D8BA150F-D73D-4B92-AB2E-E01192B0DEBB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D9E9CB7F-2341-41BF-B06C-1F9325561824}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{DA16ED85-06A5-45D7-93F6-1362613E5223}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{DC2DB803-A45C-4B0F-8BD4-F1EEF65E8458}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{DC61A3D3-471A-47F3-96DD-45144D487CFF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E01B640A-10DD-45A1-89D8-CECB435FFC09}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E070E979-6597-4D6E-B8CE-5657A246DD4C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E0A300F9-2F14-4A49-B797-AB94D12DD7CB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E0D6E693-070B-4F47-860E-50360857DEA7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E10887EA-23E8-4667-BA80-18C8322A1BCC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E1FE68F4-CC6A-488D-8064-2356F2D9E825}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E5E5731C-8631-4D8F-A391-A2CC4670CC8D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E7E1513A-BCC7-45AB-A57A-E34D24BB3901}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E9C3EDC1-C24B-40C6-A5D3-8FACAAE7B5FE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EBC51111-851F-402D-8F92-7F0F753DBB62}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EC5A6000-508C-4A2B-8CFF-AF6A4DA6FBC1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EC9753E1-F2BE-4C70-8A7A-5C1FB83A79FD}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{ECA2D483-D5B1-4E95-8D40-673F8C4B230B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EE999D64-4F05-433B-9A73-37CCC3A0F479}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EEB70C6E-5ED7-42BC-A841-433781F01DAA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EFE24CAC-11D5-422C-889F-435163EC326F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F1288C6E-B892-4F9F-87C2-D65B7F1C06AF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F1A4CD45-4FD1-4BA7-8549-497F10C08560}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F3AB78AA-4C62-4142-8330-2D056E65B6F7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F439B51E-6269-4670-A425-33DE8C71E5B0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F4E4D396-287F-4763-B4D9-CEDF5EDB8FE1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F563238E-5FAD-43D3-8C49-927F41FEA5A4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F61B7BA6-DACA-4A4C-8B26-CA4FE918F850}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F750FBB4-EEF3-4777-8039-03E438DEF751}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F7BF6CF9-B780-40CD-A0E2-67977BDED3FB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F8A5F6A1-D22A-4920-9D9D-1E9F599131D7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F909D8CA-10B0-4659-B154-065A0132448C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F9DF03B6-3FC9-48C8-967D-208B6CBD2F75}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FA0E1EAA-D59A-4776-92EC-9BD9FE3BE7EE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FBF68439-07F4-402A-97C0-A0221E62962D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FC64318B-0C31-4D55-9470-0C44B1C74F04}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FC6F1E9B-C0DB-4B12-B908-5B211BCD1232}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FD558D4F-07A5-4161-8D60-B70E9EE44AE8}

    ~~~ Event Viewer Logs were cleared


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 23/08/2013 at  9:46:35,84
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 9:29 am

    Bom Dia! Edvan

    |- Execute este script em ZHPFix.

    [MD5.00000000000000000000000000000000] [APT] [{132F5A3A-5A5F-47DA-A502-3BDCC139BFCA}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.6.0.38659\UninstCaller.exe (.not file.) [0]
    [MD5.9F9F16627390C5EE074B08341A4D70BD] [SPRF][17/08/2013] (.Baidu, Inc. - PC Faster Setup.) -- C:\Users\Edja Talita\AppData\Local\Temp\Baidu_Secure_SystemUp_3.6.0.38659.exe [33811728]
    [MD5.171F1BB73D0238A7A56126D3459ECDCD] [SPRF][15/10/2008] (...) -- C:\Users\Edja Talita\AppData\Local\Temp\Extract.exe [50432]
    [MD5.F037F4A7DF189151942D7F88FDC9B728] [WIS][17/08/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\2821da.msi [10207232] =>Adware.IMBooster
    [MD5.0235566E5134C79D5D40C1397220AC4E] [WIS][28/09/2012] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\de4dd.msi [28160] =>Toolbar.Google
    [MD5.39D998E29DC9277C8762070901E69A32] [SPRF][24/06/2011] (.Google Inc. - Google Toolbar Installer.) -- C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe [235184] =>Toolbar.Google
    [MD5.33A560777117E8FCC1900614C64741E9] [SPRF][17/08/2013] (.Iminent - Iminent Setup.) -- C:\Users\Edja Talita\AppData\Local\Temp\IminentSetup.exe [857920] =>Adware.IMBooster
    [MD5.E75328DA00E39B96E2FA0F195AB63949] [SPRF][17/08/2013] (.Baidu Inc. - Baidu PC Faster MiniSetup.) -- C:\Users\Edja Talita\AppData\Local\Temp\PC_Faster_Setup_Mini_B06.exe [2455232]
    O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
    O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
    O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
    O23 - Service: Serviço do DealPly Live (dealplylive) (dealplylive) . (...) - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe (.not file.) =>PUP.DealPly
    O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {E931F892-098A-4C81-8DED-4013DB9E3B69} =>Adware.IMBooster
    O43 - CFD: 17/08/2013 - 20:37:57 - [0] ----D C:\Program Files (x86)\Baidu Security
    O43 - CFD: 28/09/2012 - 10:31:42 - [0] ----D C:\Program Files (x86)\GUMC64A.tmp
    O43 - CFD: 23/08/2013 - 09:41:16 - [0] ----D C:\ProgramData\Baidu
    O43 - CFD: 17/08/2013 - 20:38:34 - [28,738] ----D C:\ProgramData\Baidu Security
    O43 - CFD: 17/08/2013 - 20:27:55 - [1,864] ----D C:\Users\Edja Talita\AppData\Roaming\Baidu Security
    O45 - LFCP:[MD5.F101374D3B60E2DC865974A8B5CB31E5] - 06/08/2013 - 12:47:54 ---A- - C:\Windows\Prefetch\YCMMIRAGE.EXE-5E0FEA70.pf
    O45 - LFCP:[MD5.7BA979B11AE9D796118C9037D63208AA] - 08/08/2013 - 23:13:16 ---A- - C:\Windows\Prefetch\RESOURCE.EXE-E971D367.pf
    O45 - LFCP:[MD5.00FEE3E86DC07527976AFC125038C19F] - 22/08/2013 - 23:16:17 ---A- - C:\Windows\Prefetch\PDVD10SERV.EXE-078F8CEB.pf
    O45 - LFCP:[MD5.8D01ED22F8C296732D33D9BD32DC32B3] - 22/08/2013 - 23:32:10 ---A- - C:\Windows\Prefetch\LOWDISKSPACEDETECTION.EXE-6D00DF33.pf
    O45 - LFCP:[MD5.5E8BA4EE7E1044186DEA64D776A75C77] - 23/08/2013 - 09:09:00 ---A- - C:\Windows\Prefetch\HPOSD.EXE-EAAD9E22.pf
    O45 - LFCP:[MD5.870FF36BBB60243A4C2C72B9B8F34B76] - 23/08/2013 - 09:35:28 ---A- - C:\Windows\Prefetch\NBKEYSCAN.EXE-14930932.pf
    O45 - LFCP:[MD5.F9A32C0A79E4F110AB4ABED78403AF1D] - 27/07/2013 - 20:48:02 ---A- - C:\Windows\Prefetch\PDVDLAUNCHPOLICY.EXE-123CD285.pf
    O45 - LFCP:[MD5.86CCC6E1D0ACE730B7C056BCD7CEE6BC] - 27/07/2013 - 20:48:06 ---A- - C:\Windows\Prefetch\OLRSTATECHECK.EXE-7F905A25.pf
    O87 - FAEL: "{D9ACB63A-1B61-42DE-9EF8-E9C3465BAC00}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
    O87 - FAEL: "{57E138E1-ED8E-41E0-B27F-41D5AFA5DDA6}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
    O90 - PUC: "11BC8E7AE90B8F64B9EA2B0EE1FBE715" . (.Bing Bar.) -- C:\Windows\Installer\{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}\icon_installer_ico =>Toolbar.Bing
    O90 - PUC: "298F139EA89018C4D8DE0431BDE9B396" . (.Iminent.) -- C:\Windows\Installer\{E931F892-098A-4C81-8DED-4013DB9E3B69}\imbooster.ico =>Adware.IMBooster

    [HKCU\Software\Baidu Security]
    [HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive] =>PUP.DealPly^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E931F892-098A-4C81-8DED-4013DB9E3B69}] =>Adware.IMBooster^
    [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Intebface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
    [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
    [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
    [HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
    [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^

    C:\ProgramData\Baidu =>Adware.BDSearch
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
    C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe =>Toolbar.Google^
    C:\Users\Edja Talita\AppData\Local\Temp\IminentSetup.exe =>Adware.IMBooster^
    C:\Windows\Installer\{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}\icon_installer_ico =>Toolbar.Bing^
    C:\Windows\Installer\{E931F892-098A-4C81-8DED-4013DB9E3B69}\imbooster.ico =>Adware.IMBooster^
    C:\Windows\Installer\2821da.msi =>Adware.IMBooster^
    C:\Windows\Installer\de4dd.msi =>Toolbar.Google^
    C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe =>PUP.DealPly^
    C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
    C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon




    |- Poste o relatório!

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 9:35 am

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre :
    Run by Edja Talita at 23/08/2013 10:34:44
    High Elevated Privileges : OK
    Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
    Recycle Files Deleted
    ========== Software ==========
    DELETED Iminent
    ========== Memory Process ==========
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\Baidu_Secure_SystemUp_3.6.0.38659.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\Extract.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\IminentSetup.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\PC_Faster_Setup_Mini_B06.exe
    ========== Registry Key ==========
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
    DELETED Key: Service: dealplylive
    NOT FOUND Key: \Software\Classes\Installer\Products\\11BC8E7AE90B8F64B9EA2B0EE1FBE715
    NOT FOUND Key: \Software\Classes\Installer\Products\\298F139EA89018C4D8DE0431BDE9B396
    DELETED Key: HKCU\Software\Baidu Security
    NOT FOUND Key: HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E931F892-098A-4C81-8DED-4013DB9E3B69}
    DELETED Key*: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    DELETED Key*: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    DELETED Key*: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    DELETED Key*: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    DELETED Key*: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    DELETED Key*: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    DELETED Key*: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    DELETED Key*: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    DELETED Key*: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    DELETED Key*: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    DELETED Key*: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    DELETED Key*: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    DELETED Key*: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    DELETED Key*: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    DELETED Key*: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    NOT FOUND Key: HKLM\Software\Classes\Intebface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    DELETED Key*: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    DELETED Key*: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    DELETED Key*: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    DELETED Key*: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    DELETED Key*: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    DELETED Key*: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    DELETED Key*: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    DELETED Key*: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    DELETED Key*: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    DELETED Key*: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    DELETED Key*: HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    DELETED Key*: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    DELETED Key*: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    DELETED Key*: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    DELETED Key*: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    DELETED Key*: HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    DELETED Key*: HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    DELETED Key*: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    DELETED Key*: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    DELETED Key*: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    DELETED Key*: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    DELETED Key*: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    DELETED Key*: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    DELETED Key*: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    DELETED Key*: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    DELETED Key*: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    DELETED Key*: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    DELETED Key*: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    DELETED Key*: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    DELETED Key*: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
    DELETED Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    DELETED Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    NOT FOUND Key: HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    DELETED Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    ========== Registry Value ==========
    DELETED Toolbar: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
    DELETED Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    DELETED Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    DELETED RunValue: SynTPEnh
    NOT FOUND {D9ACB63A-1B61-42DE-9EF8-E9C3465BAC00}
    NOT FOUND {57E138E1-ED8E-41E0-B27F-41D5AFA5DDA6}
    NOT FOUND [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
    ========== Repertory ==========
    DELETED Folder: C:\Program Files (x86)\Baidu Security
    DELETED Folder: C:\Program Files (x86)\GUMC64A.tmp
    DELETED Folder: C:\ProgramData\Baidu
    DELETED Folder: C:\ProgramData\Baidu Security
    DELETED Folder: C:\Users\Edja Talita\AppData\Roaming\Baidu Security
    ========== File ==========
    DELETED File: c:\users\edja talita\appdata\local\temp\baidu_secure_systemup_3.6.0.38659.exe
    DELETED File***: c:\users\edja talita\appdata\local\temp\extract.exe
    NOT FOUND Folder/File: c:\windows\installer\2821da.msi
    DELETED File: C:\Windows\Installer\de4dd.msi
    DELETED File: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller_stub_signed.exe
    DELETED File: c:\users\edja talita\appdata\local\temp\iminentsetup.exe
    DELETED File: c:\users\edja talita\appdata\local\temp\pc_faster_setup_mini_b06.exe
    DELETED File: c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
    NOT FOUND File: c:\program files (x86)\synaptics\syntp\syntpenh.exe
    DELETED File: c:\windows\prefetch\ycmmirage.exe-5e0fea70.pf
    DELETED File: c:\windows\prefetch\resource.exe-e971d367.pf
    DELETED File: c:\windows\prefetch\pdvd10serv.exe-078f8ceb.pf
    DELETED File: c:\windows\prefetch\lowdiskspacedetection.exe-6d00df33.pf
    DELETED File: c:\windows\prefetch\hposd.exe-eaad9e22.pf
    DELETED File: c:\windows\prefetch\nbkeyscan.exe-14930932.pf
    DELETED File: c:\windows\prefetch\pdvdlaunchpolicy.exe-123cd285.pf
    DELETED File: c:\windows\prefetch\olrstatecheck.exe-7f905a25.pf
    NOT FOUND Folder/File: c:\programdata\baidu
    NOT FOUND Folder/File: c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
    NOT FOUND Folder/File: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller_stub_signed.exe
    NOT FOUND Folder/File: c:\users\edja talita\appdata\local\temp\iminentsetup.exe
    NOT FOUND Folder/File: c:\windows\installer\{a7e8cb11-b09e-46f8-9bae-b2e01ebf7e51}\icon_installer_ico
    NOT FOUND Folder/File: c:\windows\installer\{e931f892-098a-4c81-8ded-4013db9e3b69}\imbooster.ico
    NOT FOUND Folder/File: c:\windows\installer\de4dd.msi
    DELETED File: C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller1.log
    DELETED File***: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller1.log
    DELETED File: C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller2.log
    DELETED File***: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller2.log
    ========== Task ==========
    DELETED Task: {132F5A3A-5A5F-47DA-A502-3BDCC139BFCA}

    ========== Summary ==========
    5 : Memory Process
    65 : Registry Key
    7 : Registry Value
    5 : Repertory
    28 : File
    1 : Software
    1 : Task

    End of clean in 01mn 24s
    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 23/08/2013 10:34:51 [9830]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 9:45 am

    Bom Dia! Edvan

    |- Execute este script em ZHPFix.

    emptytemp
    emptyflash
    firewallraz
    ctffix


    |- Poste o log!

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    skipfix-iedefaults;
    autoclean;
    filesrcm;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 10:09 am

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre :
    Run by Edja Talita at 23/08/2013 10:51:21
    High Elevated Privileges : OK
    Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
    Recycle Files Deleted
    ========== Registry Key ==========
    ctffixCTFMon already disabled
    ========== Registry Value ==========
    No Value in Standard Profile Register Key FirewallRaz :
    No Value in Domain Profile Register Key FirewallRaz :
    DELETED FirewallRaz (None) : {E16C64B7-5DB4-458F-8AA8-65717924ED89}
    ========== Repertory ==========
    DELETED Window Temporary
    DELETED Flash Cookies
    ========== File ==========
    DELETED Window Temporary
    DELETED Flash Cookies

    ========== Summary ==========
    1 : Registry Key
    3 : Registry Value
    2 : Repertory
    2 : File

    End of clean in 00mn 10s
    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 23/08/2013 10:34:51 [9882]
    C:\ZHP\ZHPFix[R2].txt - 23/08/2013 10:51:21 [940]






    Zoek.exe Version 4.0.0.4 Updated 19-08-2013
    Tool run by Edja Talita on 23/08/2013 at 10:52:17,75.
    Microsoft Windows 7 Home Basic  6.1.7601 Service Pack 1 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Edja Talita\Desktop\zoek\zoek.exe [Script inserted]
    ==== System Restore Info ======================
    23/08/2013 10:53:43 Zoek.exe System Restore Point Created Succesfully.
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dealplylivem deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\dealplylivem deleted successfully
    ==== Deleting Files \ Folders ======================
    "C:\Users\Edja Talita\Downloads\SoftonicDownloader_para_picasa.exe" deleted
    "C:\found.000" deleted
    ==== Files Recently Created / Modified ======================
    ====== C:\Windows ====
    2013-08-17 23:30:44 C7BC96C3711C0D269DA26D1F0ECEC547 69 ----a-w- C:\Windows\NeroDigital.ini
    ====== C:\Users\EDJATA~1\AppData\Local\Temp ====
    ====== C:\Windows\SysWOW64 =====
    2013-08-16 03:14:28 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
    2013-08-16 03:14:27 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
    2013-08-16 03:14:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
    2013-08-16 03:14:24 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-08-16 03:14:24 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
    2013-08-16 03:14:23 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll
    2013-08-16 03:14:23 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
    2013-08-16 03:14:19 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
    2013-08-16 03:14:17 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
    2013-08-16 03:14:15 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll
    2013-08-16 03:14:14 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
    2013-08-16 03:14:10 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
    2013-08-16 03:14:10 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
    2013-08-16 03:14:06 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
    2013-08-16 03:13:58 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll
    2013-08-14 16:34:51 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll
    2013-08-14 16:34:49 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll
    2013-08-14 16:34:48 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
    2013-08-14 16:34:47 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
    2013-08-14 16:34:26 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
    2013-08-14 16:34:23 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-08-14 16:34:21 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
    2013-08-14 16:29:29 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
    2013-08-14 16:29:28 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-08-14 16:29:26 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll
    2013-08-14 16:29:24 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
    2013-08-14 16:29:19 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
    2013-08-14 16:29:18 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
    2013-08-14 16:29:18 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe
    2013-08-14 16:29:18 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
    ====== C:\Windows\SysWOW64\drivers =====
    ====== C:\Windows\Sysnative =====
    2013-08-16 03:14:28 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
    2013-08-16 03:14:27 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
    2013-08-16 03:14:25 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
    2013-08-16 03:14:24 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
    2013-08-16 03:14:23 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
    2013-08-16 03:14:23 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
    2013-08-16 03:14:23 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
    2013-08-16 03:14:21 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll
    2013-08-16 03:14:18 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
    2013-08-16 03:14:18 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
    2013-08-16 03:14:17 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll
    2013-08-16 03:14:13 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
    2013-08-16 03:14:11 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
    2013-08-16 03:14:09 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
    2013-08-16 03:14:03 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll
    2013-08-16 03:14:02 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll
    2013-08-14 16:34:51 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll
    2013-08-14 16:34:50 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll
    2013-08-14 16:34:48 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll
    2013-08-14 16:34:48 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
    2013-08-14 16:34:26 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
    2013-08-14 16:34:23 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL
    2013-08-14 16:34:22 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
    2013-08-14 16:29:27 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
    2013-08-14 16:29:27 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll
    2013-08-14 16:29:26 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
    ====== C:\Windows\Sysnative\drivers =====
    2013-08-14 16:28:58 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
    2013-08-14 16:28:55 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
    2013-08-05 00:50:27 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
    ====== C:\Windows\Tasks ======
    2013-08-23 02:33:19 57459F4405BFB4C42C4385B668094110 356 ----a-w- C:\Windows\Tasks\HPCeeScheduleForEdja Talita.job
    2013-08-23 02:33:19 44A0F391766DEA9E93A349FE35806C17 3222 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForEdja Talita
    2013-08-05 00:50:27 71432E9826D4C0DC874F40F3237BF915 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    ======= C:\Program Files (x86) =====
    2013-08-23 12:48:42 -------- d-----w- C:\Program Files (x86)\ZHPDiag
    ======= C: =====
    2013-08-23 12:53:58 4C06F3A93937CA843129B21886D98653 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-08-16 02:54:37 2F7AB4777DB29347292CB99D9C51AA9A 3288 ------w- C:\bootsqm.dat
    ====== C:\Users\Edja Talita\AppData\Roaming ======
    ====== C:\Users\Edja Talita ======
    2013-08-23 12:28:41 ACF3F39DDE0B05F1DCCB7A791F55A707 1021434 ----a-w- C:\Users\Edja Talita\Desktop\JRT.exe
    2013-08-23 12:23:06 583AF618F49B77824627A7B45CCF9FF9 975858 ----a-w- C:\Users\Edja Talita\Desktop\adwcleaner.exe
    2013-08-23 12:21:58 83D174BA9A71077EBAF769B2E1C8F594 5076117 ----a-w- C:\Users\Edja Talita\Desktop\ZHPDiag2.exe
    2013-08-17 23:27:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
    2013-08-17 23:25:35 A0346BEA58F94EE31B029A50DCF80F28 14965064 ----a-w- C:\Users\Edja Talita\Desktop\picasa39-setup-1-.exe
    ====== C: exe-files ==
    2013-08-23 12:48:45 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Program Files (x86)\ZHPDiag\catchme.exe
    2013-08-23 12:48:45 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Program Files (x86)\ZHPDiag\mbrcheck.exe
    2013-08-23 12:48:45 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Program Files (x86)\ZHPDiag\pv.exe
    2013-08-23 12:48:45 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Program Files (x86)\ZHPDiag\FileInfos.exe
    2013-08-23 12:48:45 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Program Files (x86)\ZHPDiag\sigcheck.exe
    2013-08-23 12:48:44 BAA8BB58716390463298661281662E21 2727936 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-08-23 12:48:44 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Program Files (x86)\ZHPDiag\mbr.exe
    2013-08-23 12:48:44 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Program Files (x86)\ZHPDiag\Lads.exe
    2013-08-23 12:48:44 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Program Files (x86)\ZHPDiag\subinacl.exe
    2013-08-23 12:48:44 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Program Files (x86)\ZHPDiag\setacl32.exe
    2013-08-23 12:48:44 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Program Files (x86)\ZHPDiag\setacl64.exe
    2013-08-23 12:48:43 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-08-23 12:48:43 4ADFF37E77F0ABD1D886B07F3A021C5A 7857664 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe
    2013-08-23 12:48:42 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
    2013-08-23 12:48:42 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Program Files (x86)\ZHPDiag\unins000.exe
    2013-08-23 12:28:41 ACF3F39DDE0B05F1DCCB7A791F55A707 1021434 ----a-w- C:\Users\Edja Talita\Desktop\JRT.exe
    2013-08-23 12:23:06 583AF618F49B77824627A7B45CCF9FF9 975858 ----a-w- C:\Users\Edja Talita\Desktop\adwcleaner.exe
    2013-08-23 12:21:58 83D174BA9A71077EBAF769B2E1C8F594 5076117 ----a-w- C:\Users\Edja Talita\Desktop\ZHPDiag2.exe
    2013-08-17 23:27:54 A0346BEA58F94EE31B029A50DCF80F28 14965064 ---ha-w- C:\Program Files (x86)\Google\Picasa3\setup.exe
    2013-08-17 23:27:41 3A84E46897EA16D0EF2FAE3B9E4C9B07 170772 ----a-w- C:\Program Files (x86)\Google\Picasa3\Uninstall.exe
    2013-08-17 23:25:35 A0346BEA58F94EE31B029A50DCF80F28 14965064 ----a-w- C:\Users\Edja Talita\Desktop\picasa39-setup-1-.exe
    === C: other files ==
    ==== Startup Registry Enabled ======================
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Run]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
    "Facebook Update"="C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
    "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
    "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
    "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
    "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
    "NBKeyScan"="C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
    "Facebook Update"="C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
    "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
    ==== Startup Registry Enabled x64 ======================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="C:\Windows\system32\igfxtray.exe"
    "HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
    "Persistence"="C:\Windows\system32\igfxpers.exe"
    "SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe"
    "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
    ==== Startup Folders ======================
    2012-08-31 18:28:44 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ==== Task Scheduler Jobs ======================
    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
    C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4008277714-1982511058-2057936887-1000Core.job --a------ C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe [22/02/2013 21:50]
    C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4008277714-1982511058-2057936887-1000UA.job --a------ C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe [22/02/2013 21:50]
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/09/2012 10:31]
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/09/2012 10:31]
    C:\Windows\tasks\HPCeeScheduleForEdja Talita.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 03:43]
    C:\Windows\tasks\HPCeeScheduleForEDJATALITA-HP$.job --a------ [Undetermined Task]
    ==== Set IE to Default ======================
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Start Page Restore"="[Você precisa estar registrado e conectado para ver este link.]"
    "Search Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Search Bar"="[Você precisa estar registrado e conectado para ver este link.]"
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    @="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "SearchAssistant"="[Você precisa estar registrado e conectado para ver este link.]"
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Search Bar"="[Você precisa estar registrado e conectado para ver este link.]"
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Start Page Restore"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    "SearchAssistant"="[Você precisa estar registrado e conectado para ver este link.]"
    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="[Você precisa estar registrado e conectado para ver este link.]"
    {4E5070CC-270D-423B-B775-8D1C88AC3DA6} Google  Url="[Você precisa estar registrado e conectado para ver este link.]"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="[Você precisa estar registrado e conectado para ver este link.]}"
    ==== Deleting CLSID Registry Keys ======================
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    ==== Deleting CLSID Registry Values ======================
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    ==== Empty IE Cache ======================
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Edja Talita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Edja Talita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HU0VNE6 will be deleted at reboot
    ==== Empty FireFox Cache ======================
    No FireFox Profiles found
    ==== Empty Chrome Cache ======================
    No Chrome Cache found
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    No Java Cache Found
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\Windows\Temp successfully emptied
    C:\Users\EDJATA~1\AppData\Local\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\$RECYCLE.BIN successfully emptied
    ==== Deleting Files / Folders ======================
    "C:\Users\Edja Talita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HU0VNE6" not found
    ==== EOF on 23/08/2013 at 11:04:16,27 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 10:18 am

    Bom Dia! Edvan

    |- Estando tudo Ok,pode rodar a DelFix.

    -/-

    |- Baixe: |[Você precisa estar registrado e conectado para ver este link.]| ( ... de Xplode )

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Estando na página,clique na seta verde para o download.
    |- Salve-a em um local conveniente! ( desktop! )
    |- Feche aplicativos que estejam abertos.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Execute-a!
    |- Com as 3 checkbox marcadas!
    |- Clique "Run".
    |- Poste o relatório!

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 10:24 am

    Esta tudo ok.

    # DelFix v10.4 - Logfile created 23/08/2013 at 11:22:28
    # Updated 19/07/2013 by Xplode
    # Username : Edja Talita - EDJATALITA-HP
    # Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
    ~ Removing disinfection tools ...
    Deleted : C:\ZHP
    Deleted : C:\Program Files (x86)\ZHPDiag
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\Users\Edja Talita\Desktop\adwcleaner.exe
    Deleted : C:\Users\Edja Talita\Desktop\JRT.exe
    Deleted : C:\Users\Edja Talita\Desktop\ZHPDiag2.exe
    Deleted : C:\Users\Edja Talita\Desktop\ZHPFixReport.txt
    Deleted : C:\Users\Edja Talita\Desktop\zoek.zip
    Deleted : C:\Users\Public\Desktop\MBRCheck.lnk
    Deleted : C:\Users\Public\Desktop\ZHPDiag.lnk
    Deleted : C:\Users\Public\Desktop\ZHPFix.lnk
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
    ~ Cleaning system restore ...
    Deleted : RP #89 [Windows Update | 07/24/2013 03:06:22]
    Deleted : RP #90 [Windows Update | 07/30/2013 16:02:16]
    Deleted : RP #91 [Windows Update | 08/01/2013 02:54:16]
    Deleted : RP #92 [Windows Update | 08/07/2013 01:46:47]
    Deleted : RP #93 [Windows Update | 08/14/2013 16:15:42]
    Deleted : RP #94 [Windows Update | 08/16/2013 02:05:01]
    Deleted : RP #95 [Windows Update | 08/16/2013 03:13:14]
    Deleted : RP #96 [Windows Update | 08/20/2013 15:54:59]
    Deleted : RP #97 [Removed Facebook Video Calling 1.2.0.287 | 08/23/2013 13:18:16]
    Deleted : RP #98 [Removed Iminent | 08/23/2013 13:33:39]
    Deleted : RP #99 [zoek.exe restore point | 08/23/2013 13:53:35]
    New restore point created !
    ~ Resetting system settings ... OK
    ########## - EOF - ##########

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 10:42 am

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Conteúdo patrocinado Hoje à(s) 12:56 pm


      Data/hora atual: Sex Dez 02, 2016 12:56 pm