[Resolvido] computador chega a 100% de uso de CPU e reinicia.

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-09-2017
Executado por RODRIGO (22-09-2017 18:00:05) Run:1
Executando a partir de C:\Users\RODRIGO\Desktop
Perfis Carregados: RODRIGO (Perfis Disponíveis: RODRIGO)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/web?fr=avira-ds
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.yahoo.com/web?fr=avira-hp
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.yahoo.com/web?fr=avira-ds
HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\...\Run: [Chromium] => c:\users\rodrigo\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
GroupPolicy: Restri��o <==== ATEN��O
CHR HKLM\SOFTWARE\Policies\Google: Restri��o <==== ATEN��O
HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.yahoo.com/web?fr=avira-ds
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2569912285-2516486697-1191534479-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx
CHR HKLM-x32\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx
S3 cpuz141; C:\Users\RODRIGO\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [46400 2017-09-18] (CPUID) <==== ATEN��O
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]
2017-09-18 19:10 - 2017-09-18 19:10 - 008182736 _____ (Malwarebytes) C:\Users\RODRIGO\Downloads\adwcleaner_7.0.2.1.exe
2017-09-18 19:09 - 2017-09-18 19:09 - 000002313 _____ C:\Users\RODRIGO\Desktop\JRT.txt
2017-09-18 19:06 - 2017-09-18 19:06 - 000002768 _____ C:\Users\RODRIGO\Desktop\Rkill.txt
2017-09-18 18:55 - 2017-09-18 18:55 - 000010993 _____ C:\ComboFix.txt
2017-09-18 19:12 - 2016-05-19 20:34 - 000000000 ____D C:\AdwCleaner
2017-09-18 19:07 - 2017-03-12 22:04 - 000000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2017-09-18 18:55 - 2016-05-19 20:17 - 000000000 ____D C:\Qoobox
2017-09-18 18:46 - 2017-05-28 16:32 - 005660248 ____R (Swearware) C:\Users\RODRIGO\Desktop\ComboFix.exe
Task: {32C3C618-27EA-42A4-8269-8BDA50E9EB4B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-10] (@ByELDI)
Task: {61D7A018-AD1B-4BED-88C7-2A8FAF6067C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
EmptyTemp:
Hosts:
Reboot:
end
*****************

Processos fechados com sucesso.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => valor removido (a) com sucesso.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Chromium => valor removido (a) com sucesso.
C:\Windows\system32\GroupPolicy\Machine => movido com sucesso
C:\Windows\system32\GroupPolicy\GPT.ini => movido com sucesso
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso
HKLM\SOFTWARE\Policies\Google => chave removido (a) com sucesso.
HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
HKU\S-1-5-21-2569912285-2516486697-1191534479-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
HKLM\SOFTWARE\Google\Chrome\Extensions\fhnobihfdnklhoilcilfogdcegekpgfn => chave removido (a) com sucesso.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fhnobihfdnklhoilcilfogdcegekpgfn => chave removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\cpuz141 => chave removido (a) com sucesso.
cpuz141 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\catchme => chave removido (a) com sucesso.
catchme => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\VGPU => chave removido (a) com sucesso.
VGPU => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\xhunter1 => chave removido (a) com sucesso.
xhunter1 => serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\xspirit => chave removido (a) com sucesso.
xspirit => serviço removido (a) com sucesso.
C:\Users\RODRIGO\Downloads\adwcleaner_7.0.2.1.exe => movido com sucesso
C:\Users\RODRIGO\Desktop\JRT.txt => movido com sucesso
C:\Users\RODRIGO\Desktop\Rkill.txt => movido com sucesso
C:\ComboFix.txt => movido com sucesso
C:\AdwCleaner => movido com sucesso
C:\Program Files (x86)\AskPartnerNetwork => movido com sucesso
C:\Qoobox => movido com sucesso
C:\Users\RODRIGO\Desktop\ComboFix.exe => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32C3C618-27EA-42A4-8269-8BDA50E9EB4B} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32C3C618-27EA-42A4-8269-8BDA50E9EB4B} => chave removido (a) com sucesso.
C:\Windows\System32\Tasks\AutoPico Daily Restart => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{61D7A018-AD1B-4BED-88C7-2A8FAF6067C1} => chave removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61D7A018-AD1B-4BED-88C7-2A8FAF6067C1} => chave removido (a) com sucesso.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => chave removido (a) com sucesso.
Não pode ser movido "C:\Windows\System32\Drivers\etc\hosts" => Agendado para ser movido na reinicialização.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 165410712 B
Java, Flash, Steam htmlcache => 596 B
Windows/system/drivers => 1920939 B
Edge => 0 B
Chrome => 871537499 B
Firefox => 50190063 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 135900 B
systemprofile32 => 82344 B
LocalService => 132244 B
NetworkService => 66228 B
RODRIGO => 12044541 B

RecycleBin => 0 B
EmptyTemp: => 1 GB de dados temporários Removidos.

================================

Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 22-09-2017 18:02:58)

"C:\Windows\System32\Drivers\etc\hosts" => Não pode ser movido
Não foi possível restaurar Hosts.

==== Fim de Fixlog 18:02:58 ====

~ ZHPCleaner v2017.9.22.166 by Nicolas Coolman (2017/09/22)
~ Run by RODRIGO (Administrator) (23/09/2017 10:12:02)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparo
~ Report : C:\Users\RODRIGO\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\RODRIGO\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\ Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Arquivo hosts (1)
~ O arquivo hosts é legítimo (1)


---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (6)
MOVIDO pasta: C:\Users\RODRIGO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk [Bad : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe](.AB Team.) =>.SUP.ABTeam
MOVIDO pasta: C:\Users\Public\Desktop\BS.Player FREE.lnk [Bad : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe](.AB Team.) =>.SUP.ABTeam
MOVIDO arquivo: C:\Program Files (x86)\Webteh =>.SUP.ABTeam
MOVIDO arquivo: C:\Program Files\KMSpico =>HackTool.KMSpico
MOVIDO arquivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
MOVIDO arquivo: C:\Users\RODRIGO\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>PUP.Optional.DomaIQ


---\\ Registro ( Chaves, Valores, Dados ) (27)
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate
SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-2569912285-2516486697-1191534479-1000\SOFTWARE\Conduit [] =>.SUP.Conduit
SUPRIMIDO chave: HKCU\Software\Conduit [] =>.SUP.Conduit
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\235CDDD4FAA2BCE4C9E578A53866F91E [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\tbnhlpr_x64.exe (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB47487C [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\timeinstalled_cr (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB4748E6 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\timeinstalled (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB477508 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\lastInstallOperation (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB478757 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\Reporting_URL (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB47877E [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\ProductVersion (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB47C77A [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\productguid (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB47F670 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\ (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0850AB67CA07 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Macro\ (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A0CF64469657A [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ATU3-TMG\config.xml (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A7A8684D4677A [02:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\ATU3-TMG\Macro\apnuguid (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007A7B7987A75C7A [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\Browsers (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AA75C6CAD4777 [02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\ATU3-TMG\CmdArgs (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AA75CE8770476 [02:\SOFTWARE\AskPartnerNetwork\PackageService\Register\ApnSetupV6\ATU3-TMG\Version (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AB8640F7C487A [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\ua_cr (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AB8640F7C7477 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\hpr_cr (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AB8640F7CA77A [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\sa_cr (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AB8640FD798E7 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\ProductType (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AB8646F7C7C79 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\Cr_Crx_Ids (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3355451445D274D4007AB8647F787A78 [02:\SOFTWARE\AskPartnerNetwork\Toolbar\ATU3-TMG\Info\SupportedAssets (Not File)] =>PUP.Optional.APNToolBar
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Webteh [] =>.SUP.ABTeam
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{9CEAEE7F-13BD-4235-AB4F-FC2E4FB8909C} [C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe] =>PUP.Optional.APNToolBar


---\\ Resumo dos elementos encontrados na sua estação de trabalho (6)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.ABTeam
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://www.nicolascoolman.com/fr/adware-domaiq/ =>PUP.Optional.DomaIQ
https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate
https://nicolascoolman.eu/2017/02/06/superfluous-conduit/ =>.SUP.Conduit
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.APNToolBar


---\\ Dodatkowe oczyszczenie. (24)
~ Chave de registro Tracing Supprimido (24)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 667
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 33


~ End of clean in 00h00mn40s
~====================
ZHPCleaner-[R]-23092017-10_12_42.txt
ZHPCleaner-[S]-23092017-10_10_59.txt

[/S]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64
Ran by RODRIGO (Administrator) on 24/09/2017 at 17:51:52,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 8

Successfully deleted: C:\Users\RODRIGO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78X0MM1X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\RODRIGO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z7Y2H2GR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\RODRIGO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZEIKZNBB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\RODRIGO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZESI3NYH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78X0MM1X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z7Y2H2GR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZEIKZNBB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZESI3NYH (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/09/2017 at 17:54:09,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~