Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» 9-Lab Malware Removal Tool ( ... by 9-lab.com )
Sab Dez 31, 2016 4:24 am por joram

» SFCFix ( ... de niemiro )
Sab Dez 24, 2016 9:29 am por joram

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

Janeiro 2017

SegTerQuaQuiSexSabDom
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 9:00 am

    Log [Você precisa estar registrado e conectado para ver este link.]

    # AdwCleaner v3.000 - Report created 23/08/2013 at 09:31:57
    # Updated 20/08/2013 by Xplode
    # Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
    # Username : Edja Talita - EDJATALITA-HP
    # Running from : C:\Users\Edja Talita\Desktop\adwcleaner.exe
    # Option : Clean
    ***** [ Services ] *****
    Service Deleted : SProtection
    Service Deleted : Updater Service for StartNow Toolbar
    ***** [ Files / Folders ] *****
    Folder Deleted : C:\ProgramData\APN
    Folder Deleted : C:\ProgramData\DealPlyLive
    Folder Deleted : C:\ProgramData\Iminent
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
    Folder Deleted : C:\Program Files (x86)\DealPly
    Folder Deleted : C:\Program Files (x86)\DealPlyLive
    Folder Deleted : C:\Program Files (x86)\Iminent
    Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
    Folder Deleted : C:\Users\Edja Talita\AppData\Local\DealPlyLive
    Folder Deleted : C:\Users\EDJATA~1\AppData\Local\Temp\Iminent
    Folder Deleted : C:\Users\Edja Talita\AppData\Roaming\DealPly
    Folder Deleted : C:\Users\Edja Talita\AppData\Roaming\Iminent
    Folder Deleted : C:\Users\Edja Talita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
    File Deleted : C:\Windows\Tasks\Dealply.job
    File Deleted : C:\Windows\System32\Tasks\Dealply
    File Deleted : C:\Windows\System32\Tasks\DealPlyUpdate
    ***** [ Shortcuts ] *****

    ***** [ Registry ] *****
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
    Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
    Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
    Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : HKCU\Software\DealPly
    Key Deleted : HKCU\Software\Iminent
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\Zugo
    Key Deleted : HKLM\Software\DealPly
    Key Deleted : HKLM\Software\Iminent
    Key Deleted : HKLM\Software\StartNow Toolbar
    Key Deleted : HKLM\Software\Umbrella
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
    ***** [ Browsers ] *****
    -\\ Internet Explorer v10.0.9200.16660

    *************************
    AdwCleaner[R0].txt - [24101 octets] - [23/08/2013 09:30:23]
    AdwCleaner[S0].txt - [23936 octets] - [23/08/2013 09:31:57]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23997 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.5.4 (08.22.2013:1)
    OS: Windows 7 Home Basic x64
    Ran by Edja Talita on 23/08/2013 at  9:37:17,85
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    ~~~ Services

    ~~~ Registry Values
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe

    ~~~ Registry Keys
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dealplylive.exe
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9cf699ca-2174-4ed8-bec1-ba82095edce0}

    ~~~ Files
    Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
    Successfully deleted: [File] C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job

    ~~~ Folders
    Failed to delete: [Folder] "C:\ProgramData\baidu"
    Successfully deleted: [Folder] "C:\Users\Edja Talita\AppData\Roaming\baidu"
    Successfully deleted: [Folder] "C:\Program Files (x86)\startnow toolbar"
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{021812AF-2C22-4742-BD01-331E068EA56C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{02521DAA-C7CB-48AB-A446-AD51E0FC4850}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{03BA04A4-992F-44A6-BDC6-489193D67695}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{044FF4D6-B350-4B0B-9637-983E2F55182F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{08A5D12E-3ECF-4695-BB33-361AF8353A74}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0A582697-51D4-47DA-AED4-A75302310F85}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0AD9D381-B951-48FA-9197-C1D3FAA594F6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0BA86C3C-DCCD-4D40-B191-75E1505B345B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0CD4AFF2-B0ED-4399-AB52-22676FC6F8E6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{0E4AFECA-DC70-4121-B6AA-0D246C22B625}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1119FB45-43AD-426D-B15A-BA02B0045EBA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{11F5AD26-EE30-4B53-89FB-6B9DEEB175F1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{12586683-4DB4-4001-9040-21E38890B3EF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{12630228-ED4D-42FF-A02F-F3AC005BC7AA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1265143E-4422-46B5-81C4-BA83BE1C2787}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1435737A-98FA-4FF5-9279-E5A458E04188}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{144D99FD-E1F3-446A-8ED3-82A9F5BDAFB9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{15757137-382E-4BF2-8258-AC14F7CB4A40}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{15B006D9-1DE5-4AD9-A05C-D0877221DAF9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{188FADE6-A22F-4DA7-92EF-F36C473273BA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{18CCB04A-DE71-4966-8B60-C94EADEF7800}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{19E4224D-D341-43EA-B400-F18109E2832E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1ABE50CF-21A1-4FB8-8DE8-5A4225CC94A5}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1B00BE5E-003B-48C3-8544-1D8DA608AD59}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1B585BCE-4B86-4120-92DE-DFE949F38D47}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1CC1A3C8-F956-4B76-8552-7359E53BBC0C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1D28BA72-32EB-4CB9-80B6-0DDDDF216C33}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1D52225F-9616-4C16-B184-4E1E7515812C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1E38EE3C-C7F7-4CB5-A934-A70164BF2C3A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{1FA3D90C-C8A4-4561-A802-D48AC958300F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{21BAB764-F040-4C22-B18E-F37C4C62D066}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{21FB44C8-2BB7-44C6-84EE-9E226E7988F0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2393AA5A-8A86-4B7E-86EE-FD56A00B482E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{23D334EE-7178-4EE2-B6D7-858D3191BBDC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{24DADD51-BE86-4984-9174-88A01FA97111}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{26472463-F15C-4A41-9E78-8CB07B65B0E2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{275D40D7-3844-4D6D-A86C-AC335E2C1A8D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{28A4BF7D-115D-4622-BD89-06B93DD0C5D1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{28CE13B2-3203-4934-A8A1-9444BC202442}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{29CD5D1E-458B-4A37-A0FE-4DF0111E32AC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{29F63679-339E-4398-ADA0-16C1369B0F4E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2A61100A-2775-4BEF-930E-18BD56A2BB60}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2B697E07-86B3-4C4E-A0CF-ECCD9E608F5A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2DB69A9D-A9D9-4A7D-957B-5460F68645F4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2E13E520-6C8B-4576-A354-AB54B54BB4DA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2E83C7EF-EB20-4DF1-B1EE-0912EDB23A00}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2FBE34DA-344B-43AD-841A-5DEE6E5B026E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{2FE22BA5-1477-447F-B58B-2D7DB1952FF2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{32472AE4-83A7-4D01-8CFC-5EB1B53B36BB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3337EA1F-3712-4623-A57A-4AB5F66BE0B1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3354CB54-684E-4C0F-945B-C8ABDDC1DA7C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{336E072C-F9E3-4633-83E0-EDC42B12E8EA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{34395B4A-4E86-4247-82DF-178DADADE4E3}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{34EF6AFC-EAA9-463B-946C-DE0672F46A2B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{375A3C69-7989-42F1-9B7B-5184CAF5F394}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{37A2C46C-9E5F-4B97-9333-2C3B75C42D0F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{389AA021-B212-477E-8D62-48C6F148E0E2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3AB943E3-1E4A-4879-9B5A-B049723845EC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3BF4EC94-CE44-4851-A7A1-1F22E41427DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3C1598AF-671F-41F4-B23B-90FD6C2CD6CC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3CC539BF-567B-4A7F-A974-D376986D123D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3CFAE21A-0BCC-495A-A4E7-F5418B025852}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3D2BF633-BE48-4501-9FA4-C076D863725D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3E9C4EAF-E786-4EE8-823C-AE28D02E6233}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3EB8B9F0-3620-408D-8B90-6C98B49F7D72}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{3F5E2004-DC99-4153-BF85-3C6C444D04DF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4068B846-00CE-4BE1-8080-227CABE1C353}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{40730DF2-8A31-4FAB-BD52-AF1784F7A732}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{418A1E5F-F023-462D-8ABA-A13E688E1FCA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{41F41375-2E08-40B6-81BA-75DEE92A64F4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{42882E2B-9567-408C-A7F5-E25E1463EAB6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4305C3CC-4962-429D-A8B1-7B75766E5589}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4403B59D-302D-49A4-A2A9-B2055A5CFB0F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{44E3F678-A020-4090-9196-D91608633335}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{45F56343-82EB-498D-A5EB-3739BDF2FD3E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{46561FFB-66E1-4F8A-8D8C-D6200367277A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{46BC0DD6-EF47-4D45-B6C1-5B2D6FAFA918}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{475A7C7F-825D-4036-86FE-EA9D87430B83}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{47812B87-CA17-4B27-A1D5-27BE59B35161}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{47E1EAC3-0562-437B-A72A-A6AABBCF899E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{48159DAE-338A-4F0B-A251-927295FD32F0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{49127EA7-5398-4A54-ABDC-33C7D9B146F7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4A54B684-58F0-424D-9E53-B050DE668B28}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4B7A5870-C81B-485A-911D-652F121B77ED}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4D76A2EE-D56B-4012-B323-6A7BA165FC17}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4DD2E704-4DA4-494E-8EFE-49996DF1C693}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4EA0F976-F397-4E44-813F-2BB418705CED}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4EE8FF07-57AB-484B-A5D2-A9ADFAD2D561}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4F2CAA39-D8A6-4859-88E2-057DB1DA5774}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{4F3C211E-6F6D-4748-8B7E-01A37196996F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{50B2133F-B338-4205-802F-181754E0CAC1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{51938E8C-FA5B-4EEF-9259-2049473CDCAD}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{51C93C57-97F4-46C2-8497-15B22C8C4CCA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{527D81CB-48EA-4561-8E6F-DE1D37372742}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{531BED53-55EA-4EBA-AF1F-A4E4EA1D93AF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{53AF15FC-CD64-4C5A-AD61-EDDC48E83A7F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{53E108AE-81A0-4A98-ADF6-6340AE83CB91}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{548B2764-83C9-42B7-9544-D57557F9299D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{55B4B4AE-B927-41C2-8AEA-E2A1FD267127}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5677F01B-E43E-4A61-B7C9-532925180D12}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{56EC0D17-AB18-48AE-846A-66A664F6FDA2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5740048B-C61E-421A-9D54-039DCF199CE0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{59975E41-E6AB-4523-A22D-D80E0E09B0E8}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5AA24A4B-322D-4373-A8E7-C118523A62EE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5B5AF003-42CE-4DB3-8C3D-0A16198F28E6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5CEB0248-0D7B-4131-89B8-BD3DCD880914}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5D6F13F1-EC51-4D36-9C28-A4FBFED5F5D1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5E6142A1-3132-40E5-BA6F-83F024FAD509}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5E76A381-7747-4FC0-B56B-BC8BFFEA6181}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{5F4C024D-8A9A-4174-90C0-65FA7C6AEABB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{616569A8-B09F-4E56-B43F-6E58C078B51D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6220339F-E65E-49B5-8E8F-13679BAD3306}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{62C469C5-5AAE-49DF-86BB-772A41E5B4E6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{641D83FD-CBCE-4D4E-A84D-2D7A2F479BC5}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6547BC8C-35AA-48BD-AB3A-CAAD883573FC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{65DBBCCF-14F6-4053-9CAD-B38CB5055AC4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{698FA4CB-62EC-48CF-863C-0970EAFCAA44}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6A33C2E0-BF67-41EA-95F2-0497AA68EF26}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6A4E93CA-DC6B-423F-B8DD-08982D034E77}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6A62C714-BF7D-454D-88DB-C3ED1324E33E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6B122E51-4DE4-4C71-B1DA-C4F359771C4C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6BBCD486-ABBA-47D4-934E-358F61E1454C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6BBE2390-87E9-40F2-AB51-59B0EE7672A0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6D37BE13-F745-409A-9C90-6911171881BB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6E54234E-A280-4958-AB02-09840ED13BF8}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{6F065CB0-C6D2-43C1-823B-5C83066C3642}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{70985994-9EA9-41A7-B99E-88CA8B746117}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{724CFF96-A9A8-41EE-8D51-86E2DF21CEFF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{73CD407B-7E4A-405E-9D86-E867638F3C91}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{76DAB5C0-32DE-40EE-B88D-48FCB3C03FE9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{782F6000-06FF-4C93-BED7-92D2048399B7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7881A915-B37A-4F54-B23C-B4DAD2284352}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{78B6B305-D79C-421E-8E5A-B15CE639FE6B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7A0570C1-BD3B-4C5F-988C-8B15356BBDB8}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7A5EB160-A190-482C-B308-2019814B7E3A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7AA66EED-3ED4-4F49-B331-3D59142510C2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7D8C7F74-D3AA-4822-BF68-81A052846129}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7E99F3F7-D54F-444A-8269-3C2FBA2744E7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{7F5D5903-639B-4B02-8330-C03F145EA649}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8193D8AE-26B1-4B28-810E-E6DBCE0C04F1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8212EAF7-2CEE-46B8-9696-F6D09F5F8C7B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{821BC6CE-7BE6-4578-9D3D-F61D5AF30F5D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{82617E42-CCE2-4817-8C6A-35E4086C0351}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{82722F8E-D145-4AF0-B25A-C3A9C171EF6F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8294F708-AC7B-43E9-BA89-1E1ABCE6698F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8560E63D-1DE6-44C9-8DBF-A22157E9DD7E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{85EEA187-D5B7-4AF9-97A4-FFBE87693ECF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8815847B-C220-4836-BD32-A42380A44C89}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{88292F10-ED1A-4677-BC80-BC5BDEA9221C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{88D548D2-9D27-4252-B64F-41C4FA0AC9C2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{892E5010-5122-4A4E-B508-59E77A30E240}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8CAC3494-1DC3-456D-AE86-0DE3756CE65C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8CE16BB6-5851-42C9-83AF-DD301259DD60}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8D0848DD-A856-4B64-B33D-6FBB3F5DA567}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8D1971D5-9319-4CB5-9276-34049AEBE15A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8D760743-B05C-4A85-B4FA-BB184C6364C4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8EAD9C06-42E8-4AC9-A6CD-FB54919C4FE4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{8F9C2DA2-DFDA-4169-99B8-9F9661054FAB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{909791FA-80BE-4E41-A4D1-58961BFDCA9A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{90E8229B-1CFB-44AE-9D54-98250220BDBF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{933DB6E8-2BAA-4288-915F-ED6EE7A86237}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{93859602-46BB-4F1F-8BE9-F63BE9119FC1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{943073A4-86F1-479C-A9B3-032585A88AF2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{96EC8365-34AD-4F63-8AA7-DC7DE0F9B882}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{97163DD2-1E10-4F62-8AD3-6FFBF2DFBE2B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{97A5BA8E-F709-4EB5-B2B2-F0D96D603A4B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{98D6EE56-036D-45D7-A15B-420AFE592E22}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{99E83713-B91D-4ABB-8CE7-894F6C9276FF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9B5C7FC1-0FE1-4617-9BBF-558A0AC85874}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9BCE32CD-7681-426A-9143-6EB804BD1686}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9C99AB04-F5E5-48CC-805F-6D93E2E0EF79}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9D564E49-03D6-4A34-BB61-6F986CC542A2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{9F2D66D4-DA4F-4836-B2D0-3AF451928730}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A0E20E1D-CC00-4490-B335-F1DBE6A03EC7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A1BD9173-BBBB-4EDE-9A45-62A70E788997}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A2AFD7D8-9FB0-433D-AFA6-257785992CCE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A2EDE71D-EC5B-4E96-AB74-ABD161025827}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A30BE02A-768A-40AA-8D02-03D5D9EA93C7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A342345A-0FD8-4485-9A2C-CA73BAF3D24C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A49206A2-FED7-476F-8841-74BDDA9DD607}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A4D50F52-6C87-445E-9334-1319E6712445}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A647D4D4-7641-4B76-9AAC-A49FBE0B6AF2}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A68ED153-7C94-4496-A4CE-E746CC5D5E3A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{A6A14E65-D9E8-4F8B-B288-15BF459310F1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{AAE65D60-6300-4BDC-8644-B1477B4E3118}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{AC174B80-05A3-4F5B-A7B2-EC28CDC8C309}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{ADC49213-36C4-486E-AE8C-493EDCB45FAF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{AEE7D253-34C3-48B6-8A10-31E3D36448D7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B1066E51-E59E-4D06-B734-9442554B190C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B16C694A-81AD-4CD4-97F5-EACDF9A0A895}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B1EA8155-80BE-497D-94D3-FB058B58F36C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B21A5581-1404-498F-847A-C99AD5759BA1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B349F0C4-714E-4F40-A74A-F88BD7E21F71}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B371F0DE-72E0-480D-AC52-579698D15B10}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B4EC3244-A96B-41EB-A286-0F935CFC4C38}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B6F38CF2-7675-4807-A8C6-629A1CCC8BB3}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B7AE8E56-6CE3-4F24-A609-4A22C934B130}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B88DC098-24EC-42A0-A450-24996204E4DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{B9CBFECF-50E4-49E8-99E3-A2E019652E5A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{BAC9B9B5-8A7E-4F42-8C56-E98BA7461BB9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{BADE02B3-DE9A-4AD5-B93E-D184A6313A2A}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{BED2BDF1-C929-42C8-B95A-422598293747}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C0A616D4-90AB-4F30-B745-C53C22ED7FCA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C15136B8-A080-4A86-A9C2-DC12D1B12BC5}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C20BE8FF-3D75-4395-B31B-FF218455C06E}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C2600DA7-E52E-46CD-91E2-6C18019C82DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C43E8FBB-60F9-414F-88DB-956611579132}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C4D8E728-A9A0-4D3D-BA46-8FB974C280E1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C50B4134-831C-42FC-B51D-8219B2408268}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C6155590-97FB-4C21-B484-2965E0F7FC73}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C6B7199A-168C-4043-A78F-9B67021D6A76}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{C8394A40-9AD8-40B6-B48B-95BCF548AA7D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CAC51C6E-03E1-4013-8A55-D8202C55591D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CCB7725B-10C4-4B7A-8FB7-3FD2645663AC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CD6A44D2-659E-4C00-B2CF-5A810B7447C7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CD7A13DD-098E-49CA-921E-73E886EBA5F9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CDBA1D65-C676-4516-B0CB-592BB38F3042}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CE9EB947-51A0-4BC2-B8E9-093B831D1958}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{CF4EF8E7-72DB-40C0-9EFE-7DC9AABDD8B6}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D1BCD67E-30DD-4E7E-A412-4CB93918A447}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D2612AAB-33BC-4F4C-BAE2-69A240E17355}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D296C374-C2BD-420F-9314-A791BCCFE8AB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D48D7A65-AFE9-42D5-A6F1-015BF64372C9}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D6A2C165-76B1-4D90-8BC1-086C62FC77DC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D6E49E7E-62C6-42B4-9306-F2154EC49E9D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D79803E3-131C-4F27-AB8E-94DBB4277CEB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D8BA150F-D73D-4B92-AB2E-E01192B0DEBB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{D9E9CB7F-2341-41BF-B06C-1F9325561824}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{DA16ED85-06A5-45D7-93F6-1362613E5223}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{DC2DB803-A45C-4B0F-8BD4-F1EEF65E8458}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{DC61A3D3-471A-47F3-96DD-45144D487CFF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E01B640A-10DD-45A1-89D8-CECB435FFC09}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E070E979-6597-4D6E-B8CE-5657A246DD4C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E0A300F9-2F14-4A49-B797-AB94D12DD7CB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E0D6E693-070B-4F47-860E-50360857DEA7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E10887EA-23E8-4667-BA80-18C8322A1BCC}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E1FE68F4-CC6A-488D-8064-2356F2D9E825}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E5E5731C-8631-4D8F-A391-A2CC4670CC8D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E7E1513A-BCC7-45AB-A57A-E34D24BB3901}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{E9C3EDC1-C24B-40C6-A5D3-8FACAAE7B5FE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EBC51111-851F-402D-8F92-7F0F753DBB62}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EC5A6000-508C-4A2B-8CFF-AF6A4DA6FBC1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EC9753E1-F2BE-4C70-8A7A-5C1FB83A79FD}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{ECA2D483-D5B1-4E95-8D40-673F8C4B230B}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EE999D64-4F05-433B-9A73-37CCC3A0F479}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EEB70C6E-5ED7-42BC-A841-433781F01DAA}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{EFE24CAC-11D5-422C-889F-435163EC326F}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F1288C6E-B892-4F9F-87C2-D65B7F1C06AF}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F1A4CD45-4FD1-4BA7-8549-497F10C08560}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F3AB78AA-4C62-4142-8330-2D056E65B6F7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F439B51E-6269-4670-A425-33DE8C71E5B0}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F4E4D396-287F-4763-B4D9-CEDF5EDB8FE1}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F563238E-5FAD-43D3-8C49-927F41FEA5A4}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F61B7BA6-DACA-4A4C-8B26-CA4FE918F850}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F750FBB4-EEF3-4777-8039-03E438DEF751}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F7BF6CF9-B780-40CD-A0E2-67977BDED3FB}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F8A5F6A1-D22A-4920-9D9D-1E9F599131D7}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F909D8CA-10B0-4659-B154-065A0132448C}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{F9DF03B6-3FC9-48C8-967D-208B6CBD2F75}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FA0E1EAA-D59A-4776-92EC-9BD9FE3BE7EE}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FBF68439-07F4-402A-97C0-A0221E62962D}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FC64318B-0C31-4D55-9470-0C44B1C74F04}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FC6F1E9B-C0DB-4B12-B908-5B211BCD1232}
    Successfully deleted: [Empty Folder] C:\Users\Edja Talita\appdata\local\{FD558D4F-07A5-4161-8D60-B70E9EE44AE8}

    ~~~ Event Viewer Logs were cleared


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 23/08/2013 at  9:46:35,84
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 9:29 am

    Bom Dia! Edvan

    |- Execute este script em ZHPFix.

    [MD5.00000000000000000000000000000000] [APT] [{132F5A3A-5A5F-47DA-A502-3BDCC139BFCA}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.6.0.38659\UninstCaller.exe (.not file.) [0]
    [MD5.9F9F16627390C5EE074B08341A4D70BD] [SPRF][17/08/2013] (.Baidu, Inc. - PC Faster Setup.) -- C:\Users\Edja Talita\AppData\Local\Temp\Baidu_Secure_SystemUp_3.6.0.38659.exe [33811728]
    [MD5.171F1BB73D0238A7A56126D3459ECDCD] [SPRF][15/10/2008] (...) -- C:\Users\Edja Talita\AppData\Local\Temp\Extract.exe [50432]
    [MD5.F037F4A7DF189151942D7F88FDC9B728] [WIS][17/08/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\2821da.msi [10207232] =>Adware.IMBooster
    [MD5.0235566E5134C79D5D40C1397220AC4E] [WIS][28/09/2012] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\de4dd.msi [28160] =>Toolbar.Google
    [MD5.39D998E29DC9277C8762070901E69A32] [SPRF][24/06/2011] (.Google Inc. - Google Toolbar Installer.) -- C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe [235184] =>Toolbar.Google
    [MD5.33A560777117E8FCC1900614C64741E9] [SPRF][17/08/2013] (.Iminent - Iminent Setup.) -- C:\Users\Edja Talita\AppData\Local\Temp\IminentSetup.exe [857920] =>Adware.IMBooster
    [MD5.E75328DA00E39B96E2FA0F195AB63949] [SPRF][17/08/2013] (.Baidu Inc. - Baidu PC Faster MiniSetup.) -- C:\Users\Edja Talita\AppData\Local\Temp\PC_Faster_Setup_Mini_B06.exe [2455232]
    O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
    O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
    O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Chave orfã
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
    O23 - Service: Serviço do DealPly Live (dealplylive) (dealplylive) . (...) - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe (.not file.) =>PUP.DealPly
    O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {E931F892-098A-4C81-8DED-4013DB9E3B69} =>Adware.IMBooster
    O43 - CFD: 17/08/2013 - 20:37:57 - [0] ----D C:\Program Files (x86)\Baidu Security
    O43 - CFD: 28/09/2012 - 10:31:42 - [0] ----D C:\Program Files (x86)\GUMC64A.tmp
    O43 - CFD: 23/08/2013 - 09:41:16 - [0] ----D C:\ProgramData\Baidu
    O43 - CFD: 17/08/2013 - 20:38:34 - [28,738] ----D C:\ProgramData\Baidu Security
    O43 - CFD: 17/08/2013 - 20:27:55 - [1,864] ----D C:\Users\Edja Talita\AppData\Roaming\Baidu Security
    O45 - LFCP:[MD5.F101374D3B60E2DC865974A8B5CB31E5] - 06/08/2013 - 12:47:54 ---A- - C:\Windows\Prefetch\YCMMIRAGE.EXE-5E0FEA70.pf
    O45 - LFCP:[MD5.7BA979B11AE9D796118C9037D63208AA] - 08/08/2013 - 23:13:16 ---A- - C:\Windows\Prefetch\RESOURCE.EXE-E971D367.pf
    O45 - LFCP:[MD5.00FEE3E86DC07527976AFC125038C19F] - 22/08/2013 - 23:16:17 ---A- - C:\Windows\Prefetch\PDVD10SERV.EXE-078F8CEB.pf
    O45 - LFCP:[MD5.8D01ED22F8C296732D33D9BD32DC32B3] - 22/08/2013 - 23:32:10 ---A- - C:\Windows\Prefetch\LOWDISKSPACEDETECTION.EXE-6D00DF33.pf
    O45 - LFCP:[MD5.5E8BA4EE7E1044186DEA64D776A75C77] - 23/08/2013 - 09:09:00 ---A- - C:\Windows\Prefetch\HPOSD.EXE-EAAD9E22.pf
    O45 - LFCP:[MD5.870FF36BBB60243A4C2C72B9B8F34B76] - 23/08/2013 - 09:35:28 ---A- - C:\Windows\Prefetch\NBKEYSCAN.EXE-14930932.pf
    O45 - LFCP:[MD5.F9A32C0A79E4F110AB4ABED78403AF1D] - 27/07/2013 - 20:48:02 ---A- - C:\Windows\Prefetch\PDVDLAUNCHPOLICY.EXE-123CD285.pf
    O45 - LFCP:[MD5.86CCC6E1D0ACE730B7C056BCD7CEE6BC] - 27/07/2013 - 20:48:06 ---A- - C:\Windows\Prefetch\OLRSTATECHECK.EXE-7F905A25.pf
    O87 - FAEL: "{D9ACB63A-1B61-42DE-9EF8-E9C3465BAC00}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
    O87 - FAEL: "{57E138E1-ED8E-41E0-B27F-41D5AFA5DDA6}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
    O90 - PUC: "11BC8E7AE90B8F64B9EA2B0EE1FBE715" . (.Bing Bar.) -- C:\Windows\Installer\{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}\icon_installer_ico =>Toolbar.Bing
    O90 - PUC: "298F139EA89018C4D8DE0431BDE9B396" . (.Iminent.) -- C:\Windows\Installer\{E931F892-098A-4C81-8DED-4013DB9E3B69}\imbooster.ico =>Adware.IMBooster

    [HKCU\Software\Baidu Security]
    [HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive] =>PUP.DealPly^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E931F892-098A-4C81-8DED-4013DB9E3B69}] =>Adware.IMBooster^
    [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Intebface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
    [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
    [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
    [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
    [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
    [HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
    [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^

    C:\ProgramData\Baidu =>Adware.BDSearch
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
    C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe =>Toolbar.Google^
    C:\Users\Edja Talita\AppData\Local\Temp\IminentSetup.exe =>Adware.IMBooster^
    C:\Windows\Installer\{A7E8CB11-B09E-46F8-9BAE-B2E01EBF7E51}\icon_installer_ico =>Toolbar.Bing^
    C:\Windows\Installer\{E931F892-098A-4C81-8DED-4013DB9E3B69}\imbooster.ico =>Adware.IMBooster^
    C:\Windows\Installer\2821da.msi =>Adware.IMBooster^
    C:\Windows\Installer\de4dd.msi =>Toolbar.Google^
    C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe =>PUP.DealPly^
    C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
    C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon




    |- Poste o relatório!

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 9:35 am

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre :
    Run by Edja Talita at 23/08/2013 10:34:44
    High Elevated Privileges : OK
    Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
    Recycle Files Deleted
    ========== Software ==========
    DELETED Iminent
    ========== Memory Process ==========
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\Baidu_Secure_SystemUp_3.6.0.38659.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\Extract.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\IminentSetup.exe
    DELETED Memory Process: C:\Users\Edja Talita\AppData\Local\Temp\PC_Faster_Setup_Mini_B06.exe
    ========== Registry Key ==========
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
    DELETED  Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
    DELETED Key: Service: dealplylive
    NOT FOUND Key: \Software\Classes\Installer\Products\\11BC8E7AE90B8F64B9EA2B0EE1FBE715
    NOT FOUND Key: \Software\Classes\Installer\Products\\298F139EA89018C4D8DE0431BDE9B396
    DELETED Key: HKCU\Software\Baidu Security
    NOT FOUND Key: HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E931F892-098A-4C81-8DED-4013DB9E3B69}
    DELETED Key*: HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    DELETED Key*: HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    DELETED Key*: HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    DELETED Key*: HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    DELETED Key*: HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    DELETED Key*: HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    DELETED Key*: HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    DELETED Key*: HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    DELETED Key*: HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    DELETED Key*: HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    DELETED Key*: HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    DELETED Key*: HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    DELETED Key*: HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    DELETED Key*: HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    DELETED Key*: HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    NOT FOUND Key: HKLM\Software\Classes\Intebface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    DELETED Key*: HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    DELETED Key*: HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    DELETED Key*: HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    DELETED Key*: HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    DELETED Key*: HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    DELETED Key*: HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    DELETED Key*: HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    DELETED Key*: HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    DELETED Key*: HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    DELETED Key*: HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    DELETED Key*: HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    DELETED Key*: HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    DELETED Key*: HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    DELETED Key*: HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    DELETED Key*: HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    DELETED Key*: HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    DELETED Key*: HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    DELETED Key*: HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    DELETED Key*: HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    DELETED Key*: HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    DELETED Key*: HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    DELETED Key*: HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    DELETED Key*: HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    DELETED Key*: HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    DELETED Key*: HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    DELETED Key*: HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    DELETED Key*: HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    DELETED Key*: HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    DELETED Key*: HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    DELETED Key*: HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
    DELETED Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    DELETED Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    NOT FOUND Key: HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    DELETED Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    ========== Registry Value ==========
    DELETED Toolbar: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
    DELETED Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    DELETED Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    DELETED RunValue: SynTPEnh
    NOT FOUND {D9ACB63A-1B61-42DE-9EF8-E9C3465BAC00}
    NOT FOUND {57E138E1-ED8E-41E0-B27F-41D5AFA5DDA6}
    NOT FOUND [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
    ========== Repertory ==========
    DELETED Folder: C:\Program Files (x86)\Baidu Security
    DELETED Folder: C:\Program Files (x86)\GUMC64A.tmp
    DELETED Folder: C:\ProgramData\Baidu
    DELETED Folder: C:\ProgramData\Baidu Security
    DELETED Folder: C:\Users\Edja Talita\AppData\Roaming\Baidu Security
    ========== File ==========
    DELETED File: c:\users\edja talita\appdata\local\temp\baidu_secure_systemup_3.6.0.38659.exe
    DELETED File***: c:\users\edja talita\appdata\local\temp\extract.exe
    NOT FOUND Folder/File: c:\windows\installer\2821da.msi
    DELETED File: C:\Windows\Installer\de4dd.msi
    DELETED File: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller_stub_signed.exe
    DELETED File: c:\users\edja talita\appdata\local\temp\iminentsetup.exe
    DELETED File: c:\users\edja talita\appdata\local\temp\pc_faster_setup_mini_b06.exe
    DELETED File: c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
    NOT FOUND File: c:\program files (x86)\synaptics\syntp\syntpenh.exe
    DELETED File: c:\windows\prefetch\ycmmirage.exe-5e0fea70.pf
    DELETED File: c:\windows\prefetch\resource.exe-e971d367.pf
    DELETED File: c:\windows\prefetch\pdvd10serv.exe-078f8ceb.pf
    DELETED File: c:\windows\prefetch\lowdiskspacedetection.exe-6d00df33.pf
    DELETED File: c:\windows\prefetch\hposd.exe-eaad9e22.pf
    DELETED File: c:\windows\prefetch\nbkeyscan.exe-14930932.pf
    DELETED File: c:\windows\prefetch\pdvdlaunchpolicy.exe-123cd285.pf
    DELETED File: c:\windows\prefetch\olrstatecheck.exe-7f905a25.pf
    NOT FOUND Folder/File: c:\programdata\baidu
    NOT FOUND Folder/File: c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
    NOT FOUND Folder/File: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller_stub_signed.exe
    NOT FOUND Folder/File: c:\users\edja talita\appdata\local\temp\iminentsetup.exe
    NOT FOUND Folder/File: c:\windows\installer\{a7e8cb11-b09e-46f8-9bae-b2e01ebf7e51}\icon_installer_ico
    NOT FOUND Folder/File: c:\windows\installer\{e931f892-098a-4c81-8ded-4013db9e3b69}\imbooster.ico
    NOT FOUND Folder/File: c:\windows\installer\de4dd.msi
    DELETED File: C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller1.log
    DELETED File***: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller1.log
    DELETED File: C:\Users\Edja Talita\AppData\Local\Temp\GoogleToolbarInstaller2.log
    DELETED File***: c:\users\edja talita\appdata\local\temp\googletoolbarinstaller2.log
    ========== Task ==========
    DELETED Task: {132F5A3A-5A5F-47DA-A502-3BDCC139BFCA}

    ========== Summary ==========
    5 : Memory Process
    65 : Registry Key
    7 : Registry Value
    5 : Repertory
    28 : File
    1 : Software
    1 : Task

    End of clean in 01mn 24s
    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 23/08/2013 10:34:51 [9830]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 9:45 am

    Bom Dia! Edvan

    |- Execute este script em ZHPFix.

    emptytemp
    emptyflash
    firewallraz
    ctffix


    |- Poste o log!

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    startupall;
    skipfix-iedefaults;
    autoclean;
    filesrcm;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 10:09 am

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre :
    Run by Edja Talita at 23/08/2013 10:51:21
    High Elevated Privileges : OK
    Windows 7 Home Basic Edition, 64-bit Service Pack 1 (Build 7601)
    Recycle Files Deleted
    ========== Registry Key ==========
    ctffixCTFMon already disabled
    ========== Registry Value ==========
    No Value in Standard Profile Register Key FirewallRaz :
    No Value in Domain Profile Register Key FirewallRaz :
    DELETED FirewallRaz (None) : {E16C64B7-5DB4-458F-8AA8-65717924ED89}
    ========== Repertory ==========
    DELETED Window Temporary
    DELETED Flash Cookies
    ========== File ==========
    DELETED Window Temporary
    DELETED Flash Cookies

    ========== Summary ==========
    1 : Registry Key
    3 : Registry Value
    2 : Repertory
    2 : File

    End of clean in 00mn 10s
    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 23/08/2013 10:34:51 [9882]
    C:\ZHP\ZHPFix[R2].txt - 23/08/2013 10:51:21 [940]






    Zoek.exe Version 4.0.0.4 Updated 19-08-2013
    Tool run by Edja Talita on 23/08/2013 at 10:52:17,75.
    Microsoft Windows 7 Home Basic  6.1.7601 Service Pack 1 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Edja Talita\Desktop\zoek\zoek.exe [Script inserted]
    ==== System Restore Info ======================
    23/08/2013 10:53:43 Zoek.exe System Restore Point Created Succesfully.
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dealplylivem deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\dealplylivem deleted successfully
    ==== Deleting Files \ Folders ======================
    "C:\Users\Edja Talita\Downloads\SoftonicDownloader_para_picasa.exe" deleted
    "C:\found.000" deleted
    ==== Files Recently Created / Modified ======================
    ====== C:\Windows ====
    2013-08-17 23:30:44 C7BC96C3711C0D269DA26D1F0ECEC547 69 ----a-w- C:\Windows\NeroDigital.ini
    ====== C:\Users\EDJATA~1\AppData\Local\Temp ====
    ====== C:\Windows\SysWOW64 =====
    2013-08-16 03:14:28 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
    2013-08-16 03:14:27 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
    2013-08-16 03:14:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
    2013-08-16 03:14:24 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-08-16 03:14:24 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
    2013-08-16 03:14:23 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll
    2013-08-16 03:14:23 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
    2013-08-16 03:14:19 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
    2013-08-16 03:14:17 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
    2013-08-16 03:14:15 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll
    2013-08-16 03:14:14 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
    2013-08-16 03:14:10 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
    2013-08-16 03:14:10 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
    2013-08-16 03:14:06 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
    2013-08-16 03:13:58 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll
    2013-08-14 16:34:51 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll
    2013-08-14 16:34:49 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll
    2013-08-14 16:34:48 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
    2013-08-14 16:34:47 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
    2013-08-14 16:34:26 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll
    2013-08-14 16:34:23 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-08-14 16:34:21 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
    2013-08-14 16:29:29 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
    2013-08-14 16:29:28 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-08-14 16:29:26 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll
    2013-08-14 16:29:24 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
    2013-08-14 16:29:19 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
    2013-08-14 16:29:18 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
    2013-08-14 16:29:18 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe
    2013-08-14 16:29:18 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
    ====== C:\Windows\SysWOW64\drivers =====
    ====== C:\Windows\Sysnative =====
    2013-08-16 03:14:28 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
    2013-08-16 03:14:27 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
    2013-08-16 03:14:25 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
    2013-08-16 03:14:24 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
    2013-08-16 03:14:23 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
    2013-08-16 03:14:23 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
    2013-08-16 03:14:23 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
    2013-08-16 03:14:21 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll
    2013-08-16 03:14:18 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
    2013-08-16 03:14:18 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
    2013-08-16 03:14:17 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll
    2013-08-16 03:14:13 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
    2013-08-16 03:14:11 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
    2013-08-16 03:14:09 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
    2013-08-16 03:14:03 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll
    2013-08-16 03:14:02 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll
    2013-08-14 16:34:51 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll
    2013-08-14 16:34:50 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll
    2013-08-14 16:34:48 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll
    2013-08-14 16:34:48 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
    2013-08-14 16:34:26 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll
    2013-08-14 16:34:23 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL
    2013-08-14 16:34:22 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
    2013-08-14 16:29:27 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
    2013-08-14 16:29:27 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll
    2013-08-14 16:29:26 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
    ====== C:\Windows\Sysnative\drivers =====
    2013-08-14 16:28:58 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
    2013-08-14 16:28:55 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
    2013-08-05 00:50:27 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys
    ====== C:\Windows\Tasks ======
    2013-08-23 02:33:19 57459F4405BFB4C42C4385B668094110 356 ----a-w- C:\Windows\Tasks\HPCeeScheduleForEdja Talita.job
    2013-08-23 02:33:19 44A0F391766DEA9E93A349FE35806C17 3222 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForEdja Talita
    2013-08-05 00:50:27 71432E9826D4C0DC874F40F3237BF915 3924 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    ======= C:\Program Files (x86) =====
    2013-08-23 12:48:42 -------- d-----w- C:\Program Files (x86)\ZHPDiag
    ======= C: =====
    2013-08-23 12:53:58 4C06F3A93937CA843129B21886D98653 512 ----a-w- C:\PhysicalDisk0_MBR.bin
    2013-08-16 02:54:37 2F7AB4777DB29347292CB99D9C51AA9A 3288 ------w- C:\bootsqm.dat
    ====== C:\Users\Edja Talita\AppData\Roaming ======
    ====== C:\Users\Edja Talita ======
    2013-08-23 12:28:41 ACF3F39DDE0B05F1DCCB7A791F55A707 1021434 ----a-w- C:\Users\Edja Talita\Desktop\JRT.exe
    2013-08-23 12:23:06 583AF618F49B77824627A7B45CCF9FF9 975858 ----a-w- C:\Users\Edja Talita\Desktop\adwcleaner.exe
    2013-08-23 12:21:58 83D174BA9A71077EBAF769B2E1C8F594 5076117 ----a-w- C:\Users\Edja Talita\Desktop\ZHPDiag2.exe
    2013-08-17 23:27:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
    2013-08-17 23:25:35 A0346BEA58F94EE31B029A50DCF80F28 14965064 ----a-w- C:\Users\Edja Talita\Desktop\picasa39-setup-1-.exe
    ====== C: exe-files ==
    2013-08-23 12:48:45 F3A37421DBD1AAA36558C97572C91C5A 147456 ----a-w- C:\Program Files (x86)\ZHPDiag\catchme.exe
    2013-08-23 12:48:45 CB2D120A4B72422A8141192831B1F500 80384 ----a-w- C:\Program Files (x86)\ZHPDiag\mbrcheck.exe
    2013-08-23 12:48:45 5DAF7081A4BB112FA3F1915819330A3E 61440 ----a-w- C:\Program Files (x86)\ZHPDiag\pv.exe
    2013-08-23 12:48:45 5BBF2A0351E336646022D09009560CEF 143360 ----a-w- C:\Program Files (x86)\ZHPDiag\FileInfos.exe
    2013-08-23 12:48:45 2312A38B8B003330DB919FA818C48449 231048 ----a-w- C:\Program Files (x86)\ZHPDiag\sigcheck.exe
    2013-08-23 12:48:44 BAA8BB58716390463298661281662E21 2727936 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPFix.exe
    2013-08-23 12:48:44 9DAA7218961710008D7385B01BD3F386 89088 ----a-w- C:\Program Files (x86)\ZHPDiag\mbr.exe
    2013-08-23 12:48:44 6B8AF3A2A3D9059008B55C444461CA00 61952 ----a-w- C:\Program Files (x86)\ZHPDiag\Lads.exe
    2013-08-23 12:48:44 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Program Files (x86)\ZHPDiag\subinacl.exe
    2013-08-23 12:48:44 451AE03D3C92777F09840CA56F08AB62 454056 ----a-w- C:\Program Files (x86)\ZHPDiag\setacl32.exe
    2013-08-23 12:48:44 3E350EB5DF15C06DEC400A39DD1C6F29 559528 ----a-w- C:\Program Files (x86)\ZHPDiag\setacl64.exe
    2013-08-23 12:48:43 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
    2013-08-23 12:48:43 4ADFF37E77F0ABD1D886B07F3A021C5A 7857664 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe
    2013-08-23 12:48:42 C155A13687144076286989EF078112C2 1917440 ----a-w- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
    2013-08-23 12:48:42 8AE13B97BFCAD6C7D3B8C8A1C298EFB4 694736 ----a-w- C:\Program Files (x86)\ZHPDiag\unins000.exe
    2013-08-23 12:28:41 ACF3F39DDE0B05F1DCCB7A791F55A707 1021434 ----a-w- C:\Users\Edja Talita\Desktop\JRT.exe
    2013-08-23 12:23:06 583AF618F49B77824627A7B45CCF9FF9 975858 ----a-w- C:\Users\Edja Talita\Desktop\adwcleaner.exe
    2013-08-23 12:21:58 83D174BA9A71077EBAF769B2E1C8F594 5076117 ----a-w- C:\Users\Edja Talita\Desktop\ZHPDiag2.exe
    2013-08-17 23:27:54 A0346BEA58F94EE31B029A50DCF80F28 14965064 ---ha-w- C:\Program Files (x86)\Google\Picasa3\setup.exe
    2013-08-17 23:27:41 3A84E46897EA16D0EF2FAE3B9E4C9B07 170772 ----a-w- C:\Program Files (x86)\Google\Picasa3\Uninstall.exe
    2013-08-17 23:25:35 A0346BEA58F94EE31B029A50DCF80F28 14965064 ----a-w- C:\Users\Edja Talita\Desktop\picasa39-setup-1-.exe
    === C: other files ==
    ==== Startup Registry Enabled ======================
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Run]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
    "Facebook Update"="C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
    "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
    "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
    "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
    "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
    "NBKeyScan"="C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
    "Facebook Update"="C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
    "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
    ==== Startup Registry Enabled x64 ======================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="C:\Windows\system32\igfxtray.exe"
    "HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
    "Persistence"="C:\Windows\system32\igfxpers.exe"
    "SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe"
    "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
    ==== Startup Folders ======================
    2012-08-31 18:28:44 836 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    ==== Task Scheduler Jobs ======================
    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
    C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4008277714-1982511058-2057936887-1000Core.job --a------ C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe [22/02/2013 21:50]
    C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4008277714-1982511058-2057936887-1000UA.job --a------ C:\Users\Edja Talita\AppData\Local\Facebook\Update\FacebookUpdate.exe [22/02/2013 21:50]
    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/09/2012 10:31]
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/09/2012 10:31]
    C:\Windows\tasks\HPCeeScheduleForEdja Talita.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 03:43]
    C:\Windows\tasks\HPCeeScheduleForEDJATALITA-HP$.job --a------ [Undetermined Task]
    ==== Set IE to Default ======================
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Start Page Restore"="[Você precisa estar registrado e conectado para ver este link.]"
    "Search Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Search Bar"="[Você precisa estar registrado e conectado para ver este link.]"
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    @="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "SearchAssistant"="[Você precisa estar registrado e conectado para ver este link.]"
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Search Bar"="[Você precisa estar registrado e conectado para ver este link.]"
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    "Start Page Restore"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Start Page"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="[Você precisa estar registrado e conectado para ver este link.]"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="[Você precisa estar registrado e conectado para ver este link.]"
    "SearchAssistant"="[Você precisa estar registrado e conectado para ver este link.]"
    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="[Você precisa estar registrado e conectado para ver este link.]"
    {4E5070CC-270D-423B-B775-8D1C88AC3DA6} Google  Url="[Você precisa estar registrado e conectado para ver este link.]"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="[Você precisa estar registrado e conectado para ver este link.]}"
    ==== Deleting CLSID Registry Keys ======================
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_USERS\S-1-5-21-4008277714-1982511058-2057936887-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
    ==== Deleting CLSID Registry Values ======================
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully
    ==== Empty IE Cache ======================
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Edja Talita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Edja Talita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HU0VNE6 will be deleted at reboot
    ==== Empty FireFox Cache ======================
    No FireFox Profiles found
    ==== Empty Chrome Cache ======================
    No Chrome Cache found
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    No Java Cache Found
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\Windows\Temp successfully emptied
    C:\Users\EDJATA~1\AppData\Local\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\$RECYCLE.BIN successfully emptied
    ==== Deleting Files / Folders ======================
    "C:\Users\Edja Talita\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1HU0VNE6" not found
    ==== EOF on 23/08/2013 at 11:04:16,27 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 10:18 am

    Bom Dia! Edvan

    |- Estando tudo Ok,pode rodar a DelFix.

    -/-

    |- Baixe: |[Você precisa estar registrado e conectado para ver este link.]| ( ... de Xplode )

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Estando na página,clique na seta verde para o download.
    |- Salve-a em um local conveniente! ( desktop! )
    |- Feche aplicativos que estejam abertos.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Execute-a!
    |- Com as 3 checkbox marcadas!
    |- Clique "Run".
    |- Poste o relatório!

    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Edvan em Sex Ago 23, 2013 10:24 am

    Esta tudo ok.

    # DelFix v10.4 - Logfile created 23/08/2013 at 11:22:28
    # Updated 19/07/2013 by Xplode
    # Username : Edja Talita - EDJATALITA-HP
    # Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
    ~ Removing disinfection tools ...
    Deleted : C:\ZHP
    Deleted : C:\Program Files (x86)\ZHPDiag
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\Users\Edja Talita\Desktop\adwcleaner.exe
    Deleted : C:\Users\Edja Talita\Desktop\JRT.exe
    Deleted : C:\Users\Edja Talita\Desktop\ZHPDiag2.exe
    Deleted : C:\Users\Edja Talita\Desktop\ZHPFixReport.txt
    Deleted : C:\Users\Edja Talita\Desktop\zoek.zip
    Deleted : C:\Users\Public\Desktop\MBRCheck.lnk
    Deleted : C:\Users\Public\Desktop\ZHPDiag.lnk
    Deleted : C:\Users\Public\Desktop\ZHPFix.lnk
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
    ~ Cleaning system restore ...
    Deleted : RP #89 [Windows Update | 07/24/2013 03:06:22]
    Deleted : RP #90 [Windows Update | 07/30/2013 16:02:16]
    Deleted : RP #91 [Windows Update | 08/01/2013 02:54:16]
    Deleted : RP #92 [Windows Update | 08/07/2013 01:46:47]
    Deleted : RP #93 [Windows Update | 08/14/2013 16:15:42]
    Deleted : RP #94 [Windows Update | 08/16/2013 02:05:01]
    Deleted : RP #95 [Windows Update | 08/16/2013 03:13:14]
    Deleted : RP #96 [Windows Update | 08/20/2013 15:54:59]
    Deleted : RP #97 [Removed Facebook Video Calling 1.2.0.287 | 08/23/2013 13:18:16]
    Deleted : RP #98 [Removed Iminent | 08/23/2013 13:33:39]
    Deleted : RP #99 [zoek.exe restore point | 08/23/2013 13:53:35]
    New restore point created !
    ~ Resetting system settings ... OK
    ########## - EOF - ##########

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por joram em Sex Ago 23, 2013 10:42 am

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

    Conteúdo patrocinado

    Re: Usei algumas vezes pendriver infectado nesse pc, log para analise.

    Mensagem por Conteúdo patrocinado Hoje à(s) 7:01 am


      Data/hora atual: Qua Jan 18, 2017 7:01 am