Suspeita Malware ou virus - Mouse travando e alto consumo de CPU

Marcio Handerson · 6 de agosto de 2021

Bom dia,

Podem me ajudar tenho percebido uma lentidão na resposta do mouse e percebi um aumento do consumo da CPU.

Tenho um Acer Aspire 5750-6631 com 6Gb RAM.

Se puderem me ajudar a fazer um checkup agradeço!

Segue em anexo ADW e ZHP

AdwCleaner[S02].txt

~ ZHPCleaner - After Repair.txt

Elias Pereira · 9 de agosto de 2021

@Marcio Handerson

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do Windows ou de compartilhamento p2p/toŕŕent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e Windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Marcio Handerson · 10 de agosto de 2021

@Elias Pereira

# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-05.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-06-2021
# Duration: 00:00:17
# OS: Windows 7 Home Basic
# Scanned: 31996
# Detected: 30

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerArcadeDeluxe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2637C347-9DAD-11D6-9EA2-00055D0CA761}
Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD
Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER EPOWER MANAGEMENT
Preinstalled.AcerRegistration Folder C:\Program Files (x86)\ACER\REGISTRATION
Preinstalled.AcerRegistration Folder C:\Program Files\ACER\REGISTRATION
Preinstalled.AcerRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Acer Registration
Preinstalled.AcerUpdater Folder C:\Program Files\ACER\ACER UPDATER
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MEDIAESPRESSO
Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MOVIE
Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MVP
Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DADE325-51A7-4B6F-9C87-B6D38678B18D}
Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52E0C135-3451-45CB-B31B-2494A1D66E65}
Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8FD40D1-A424-4B72-80BA-3A754DECF7D2}
Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DMREngine
Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\clear.fi
Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\clear.fiAgent
Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}
Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}
Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}
Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\CLEAR.FI
Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\CLEAR.FIAGENT
Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\DMRENGINE
Preinstalled.GatewayMyBackup Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}
Preinstalled.SamsungSmartSwitch Folder C:\Users\Marcio\AppData\Roaming\SAMSUNG\SMART SWITCH PC

AdwCleaner[S00].txt - [4973 octets] - [06/08/2021 06:55:44]
AdwCleaner[S01].txt - [5034 octets] - [06/08/2021 06:57:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

=========================================================############################################################################

~ ZHPCleaner v2021.8.2.316 by Nicolas Coolman (2021/08/02)
~ Run by Marcio (Administrator) (06/08/2021 07:39:14)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Type : Repair
~ Report : C:\Users\Marcio\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Marcio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point :
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (1)
DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;*.local] =>Hijacker.Proxy

---\\ Hosts file (1)
~ The hosts file is legitimate (1)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (301)
MOVED file: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Users\Marcio\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Windows\Installer\wix{16044E2C-5ADC-4C34-B2FB-5A2E0B6908F6}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{536BCB9B-9D3F-493F-9236-8D50A93B70F9}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{714A536C-BF60-4341-A69C-8797F07DCA8F}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{9750FA29-18AB-41C9-B997-D7FBF7B790D6}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{D37959D7-227D-481D-95E1-F28C556215AA}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Windows\Installer\wix{DCB455E3-2BE8-477C-A006-AE83446EED46}.SchedServiceConfig.rmi =>.SUP.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\%%%3FDD.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\%%%6B40.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\%%%D608.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI1DB1.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI1EEC.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI2191.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI27A5.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI3A9A.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI4DB2.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI7086.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI75EA.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI8027.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIAB4C.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMID5C5.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMID5D1.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMID89F.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIDE21.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIE707.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIEAFD.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIEC17.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIEF98.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIF02D.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIF433.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\FXSTIFFDebugLogFile.txt =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\nulrilsh.err =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\officec2rclient.exe_c2ruidll(20210323044955D64).log =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\RES2687.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\tmp240D.tmp =>.SUP.Temporary.Other
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{03A05353-C94D-41C4-9A65-69770BE5CF7C} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{05417129-B611-4F24-9D59-379247A61428} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{05B7AA4E-6B29-4511-98D1-D684F2077CA6} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0665C232-19AC-4571-AE67-8D43AD47499C} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0803890F-077A-4F2A-9960-5A589CB1D838} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0C48A345-2E73-427A-AFF2-8F79C716EDC7} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0CD18474-23FB-48A9-8757-3BF47B723D65} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{106D8573-8EF0-4F68-BC7D-D93A75EB3E33} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{173B7ED1-BC0F-4E7A-AF6E-8C5BD5498803} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{18073F3D-BC48-4996-B4FB-8F67D3729C0D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{1E145ED5-AF32-4200-A6A9-E1C20BE61B96} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{1F2452FA-CC79-464C-BA88-F3245476174C} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{21FFCE5E-67F3-4FDE-8B31-61D25B5EF25A} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{23CE5164-1A2F-487C-834F-EE2EF30F3712} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{277D5AFB-8251-4213-97E5-FA7D4F57DE7E} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{2C698115-6162-48D5-BE95-03FE359D2AC5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{2DCDDF82-0505-4D73-8442-C4DA39398153} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{33096550-4FA8-43E3-9C30-5070942ACE6D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{331D38D5-34DA-42D3-9106-C6870F7D3DD3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{34C1F5DB-22E4-430C-A083-0F89F8E55FA6} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3688CEED-F6E0-43BF-AC74-48B2125A8F7F} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{38120CFC-C92F-491D-98AB-B071A0B675F2} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{391AB40F-E6E5-4AA9-9BF7-62051381EDF1} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3A7E694F-D7A8-413D-B425-C989C943F1C8} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3AC96421-FA1E-4F11-9970-1A0019AEF1EE} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3B74ACDE-E9DE-45F1-A489-EB3BCCB855BC} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3BC3B2C5-AD11-4AA4-A2C1-EF332CC8CAA6} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3F49D161-F2F7-4CE3-82E6-14FC36094642} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3FFD132D-13A0-4535-9734-5331D70961C5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{402576FA-1730-49DD-ADAD-E922A0F5C362} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{407F5C72-C680-45C8-AA0F-ED50C7EEE2BA} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{41046B5F-A0FA-4D89-A220-544078281CA6} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{41F50507-4697-4551-9FCB-2D87FFD72DCB} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{446AF86C-EA50-47DE-86C1-6A3A3F784A94} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4C07F985-42B4-4050-AEC3-1365FE63BD83} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4D4FDB3E-B8BA-405C-9F7C-D68B0692156B} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4D823C2C-5F57-4118-9448-CFA4313F1F6A} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4E35CE9C-5E4C-4EBE-9661-0AA169D748C4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{515AC867-2711-4E52-B00E-0BECC4B47306} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5368F356-F290-428F-9AE3-E6002736DD96} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{55752121-E22F-4125-8428-8C2F107EAC47} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{599F8909-3400-44D7-82E6-0C681BE9AD4D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5C29490F-6B38-45AA-B0FB-0F212EAADDE1} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5D4B316C-2947-4C7A-8F09-2651FBE85A45} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5D8F6D7A-12F6-49E0-B94A-D3C59E29823C} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5E25BC16-A858-4E90-BF41-A2A1CB4719A8} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5F763A3E-2ABE-46D4-8215-2C919782DC88} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6344CEE8-C75D-447C-9A8E-2651E4B95DCE} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{650A6CCE-0052-4FA5-94C2-A1DC901F4101} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{66B22B61-E82F-4F41-8F88-CF9BEC494093} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6977381C-DDA2-471E-A7AE-53714AD763D4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6DCBB724-E550-4D6A-97F0-925D397381F5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6E4C60B2-4127-4551-9925-A24CFDE87AF3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{717F5923-350F-4DA4-BA98-58B9EF462B80} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{73A38394-9B88-4483-8203-40FD051E4446} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{758035DA-AD60-4008-A4FF-88CBBD215B53} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{774E38BA-50E9-41D6-A96B-CC4AE6A52643} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7830C844-6EC1-426C-B0C1-EBB90B2248A4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7984F6AE-4DF6-4802-B525-319418F80383} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{799D1F6E-BEA1-4BB4-BF01-4D65A0939F8D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7D375BE1-A1A3-46F5-8DDC-F4B92B2FC233} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7E8D4EFC-E5FF-4569-BD11-FB0681C337FA} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7E9785C0-08E4-4E58-92D7-72DBB27E8477} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7F25382A-D4B8-41CB-9CDC-5CA688C8A364} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{818F83C6-1761-4869-B8F0-CF525F663A41} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{830E64D5-C771-42BF-88BA-D481F2AFE450} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{84964B53-8AE1-44B6-81C0-53A1624D1EB5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8739710A-399E-4B75-85B1-053F7CB7B1BA} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8819F970-3413-4DCF-A524-B5112C92AECC} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8A232139-4A11-4F96-BEE8-4FE0D08786BF} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8AD906E9-D9AC-4A0C-BB43-8357E1636794} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8CD4EA86-A6CB-45F8-B59A-746795DD6346} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8D8D28C8-4503-4631-B720-416108D6FC02} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8D9733C8-6135-4A63-8217-30292DC39107} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{904E783C-9795-4EC6-983A-F3D2C91DDA32} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9056E0B4-2EF2-41FC-B0F8-48EF05DAD4F5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{934B2E31-1CB5-4829-A9C4-BE5275978A55} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9663D2CC-7977-4170-998A-81537DCCB22E} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{975719C6-A0C0-4132-AB6D-C09116ECC88A} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{97F8C437-81DF-4E49-B43F-BBACC8F62942} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{99425E3C-F9F2-4E0A-896C-2E07A7BEF140} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9A5F6368-F8D8-4728-81F8-E1817225C9EC} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9A626E37-448C-4680-A681-FE1DA9208EED} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9AFD869D-B55E-4136-AA4F-6C31146A73FD} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9BD999DF-1BB8-4CBB-94E6-3F4E7C6EA76B} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A0E67B15-C026-4407-867F-DED1D3B0FE36} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A1242D9C-8DE8-40E8-9975-5BF61811BFFE} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A1346F80-C556-46DE-97BB-6D873B184731} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A19A926A-7EB2-4564-A2BC-7510FDCCA594} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A2E68FAC-9815-4C29-9A08-414317AFA1EB} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A41C8423-D2E3-4632-9FFE-9BE145F4F238} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A4245B7B-761F-45F1-9F76-ECC780F72C11} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A4A1882A-B00C-4595-8B7B-ADD5A0177367} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A7386324-22C2-4A51-8B1E-0CD6E096EB81} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A7667C30-1432-4335-91AC-720585D08115} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A77366BD-688B-415F-8C6E-3161499B2184} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A9750521-68E8-4EBE-ABC8-6981CB6B0DB2} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A9BB6648-C692-4EF3-95F1-B38E2252D4EE} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AA1850A4-142A-4D25-B491-65D8E31B06D6} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{ABC903F1-2BBD-4796-9316-0A217DA263DB} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AC0CC69C-751C-4DA3-A887-D1690126271A} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{ACDC5AD7-85B2-465C-A63B-D9C2F06BCF87} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AEE17BDC-EA0C-4EC1-A3D5-C528605486AD} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AF71D3C3-258A-4E96-BA2B-6FC1CED918E0} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B062BB24-EF7B-4F85-BAF1-E877259939A3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B1C68E57-7712-4DB5-8313-F5561A525ED4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B3A20215-19A2-4B22-AD55-598331B97770} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B76E9774-E90F-4534-B03E-5A45FB801932} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B7B664A8-6BC3-4D3C-8B19-2F81A113AED5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B7E8564E-5A06-4A4C-A0F9-BD9A7678EE12} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B8ED4017-41CD-4787-A888-2AB6A14F97F2} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BA059D88-08A0-4BB1-A207-6EF3C3A975ED} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BA0998B3-F4B6-4B8F-B1BA-A51F085C04FA} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BA8EFED0-1B0F-40C3-BEE6-1500933DBC91} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BBB59523-4AAC-4B54-9B08-43B77BEB1591} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BF52E842-70BA-492B-9E30-CAEBA05AAD49} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C117223C-40B9-4306-A3EA-B37526248AC5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C2E6A1F2-5626-4354-A2D3-D860B6D1A0D3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C3A9481E-97DD-497F-B43F-CA8D49C3F8E9} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C8591E93-1EA9-4517-A971-87A2C0C9E564} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C85ECE41-5FFC-41FE-A5B8-38D0D45CB44C} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C938235F-680E-4986-BB34-136D1B8EEA1D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D41B5434-D751-4DF7-864F-95659E3D53F0} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D43EA6DF-E59C-46B7-A3BE-035EC06EC5D8} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D516D9DC-DA91-4A6C-81C1-850DA6F6A526} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D525D2FA-0402-4D9F-8318-50C63681F0A3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D6F3AA24-E536-4FA5-9DE7-AF5253757A87} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D797C721-A8E7-4B36-8EA3-4741CBE563DA} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D7C04349-F175-4EBC-9348-9DA667D6A7F4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D936663C-9B7D-4C6B-8F58-AE73C622114D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{DA2E87D3-A044-4D0A-92F8-6F39FDCE3AC4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{E5D36AD2-3471-4C03-8FE5-36D07C843097} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{E60DA2F4-8C7F-46EC-910A-6410BC0ADAE4} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{E82A36BB-69E6-4409-9514-1798AEB3A4F9} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{ECA54CE3-4114-485B-BCF9-4B545F776720} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F073A4F0-CB5F-421E-9BF9-B3639CF2514D} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F34BABD6-7D60-45BC-B44B-A939D47A6EFE} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F37A7538-3649-4F9D-9A91-967DA96A4B65} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F546DE8E-B349-4050-B8ED-1BCDB40AA03E} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F96FFC69-DA77-4698-BB76-BCC2C13A0460} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{FA8D88F5-A865-40E5-8BB1-A78533614311} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{FE841AD0-300F-46FD-9BB6-4EB93DAB7AC5} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\{FF61E8B4-F341-4519-8419-5F0E597C6FA0} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Marcio\AppData\Local\Temp\~DF1C48FFE4A07CC089.TMP =>.SUP.Temporary.Other
MOVED file: C:\Users\Marcio\AppData\Local\Temp\~DF95CF6604262F582A.TMP =>.SUP.Temporary.Other
MOVED file: C:\Users\Marcio\AppData\Local\Temp\~DFAA096344140F86AB.TMP =>.SUP.Temporary.Other
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\009 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\011 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\014 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\017 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\018 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\022 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\023 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\024 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\025 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\026 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\027 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\028 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\029 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\030 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\031 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\032 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\033 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\034 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\035 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\036 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\037 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\038 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\039 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\040 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\041 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\042 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\043 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\044 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\045 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\046 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\047 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\048 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\049 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\050 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\051 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\052 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\053 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\054 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\055 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\056 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\057 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\058 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\059 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\060 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\061 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\062 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\063 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\064 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\065 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\066 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\067 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\068 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\069 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\070 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\071 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\072 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\073 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\074 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\075 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\076 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\077 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\078 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\079 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\080 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\082 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\083 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\084 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\085 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\086 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\087 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\088 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\089 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\090 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\091 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\092 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\093 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\094 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\095 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\096 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\097 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\098 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\099 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\100 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\101 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\102 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\103 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\104 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\105 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\106 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\107 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\108 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\109 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\110 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\111 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\112 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\113 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\114 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\115 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\116 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\117 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\118 =>.SUP.Temporary.Chrome
MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins =>.SUP.Temporary.Chrome

---\\ Registry ( Key, Value, Data) (44)
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\CrystalDiskInfo\DiskInfo64.exe [CrystalDiskInfo] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Google Chrome] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXIT READER.EXE [Foxit Reader 6.1, Best Reader for Everyday Use!] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Google\Drive\googledrivesync.exe [googledrivesync] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\AppData\Local\modaltrader\modaltrader.exe [modaltrader] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [Windows Live Photo Gallery] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [Windows Live Movie Maker] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [clear.fi] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Firefox] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\videolan\vlc\vlc.exe [VLC media player] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Tryd5\trader.exe [trader] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [Dropbox] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE [Word] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE [Excel] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\7-Zip\7zFM.exe [7-Zip File Manager] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE [Office XML Handler] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Windows Media Player] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows NT\Accessories\WORDPAD.EXE [WordPad] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Downloads\uTorrent.exe [µTorrent] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\POWERPNT.EXE [PowerPoint] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Wondershare\Wondershare Filmora Scrn\FSRecorder.exe [Wondershare Filmora Scrn] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Wondershare\Wondershare Filmora Scrn\BsSndRpt64.exe [Crash reporting Send Utility, BsSndRpt.exe] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe [µTorrent] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\MPC-HC\mpc-hc64.exe [MPC-HC (x64)] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe [Reproduzir com Potplayer apenas(64-Bit)] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\F:\Imposto de Renda\PROG IR 2020\IRPF2020.exe [IRPF2020] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Arquivos de Programas RFB\LEAO2020\LEAO2020.exe [LEAO2020] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\OP-5T\minimal_adb_fastboot_v1.4.3_setup.exe [Minimal ADB and Fastboot Setup ] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Minimal ADB and Fastboot\cmd-here.exe [cmd-here] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\OP-5T\QDLoader HS-USB Driver_64bit_Setup.exe [QUALCOMM Setup] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [Microsoft Edge] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [Microsoft Office Click-to-Run Client] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Arquivos de Programas RFB\LEAO2019\LEAO2019.exe [LEAO2019] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\F:\Imposto de Renda\PROG IR 2021\IRPF2021.exe [IRPF2021] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Gravador de Tela\CamStudioPortable_2.7.2_English.paf.exe [CamStudio Portable] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\F:\Imposto de Renda\PROG IR 2021\GCAP 2020\GCAP2020.exe [GCAP2020] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Gravador de Tela\ApowerREC 1.4.14.8 Portable\ApowerREC 1.4.14.8.exe [ApowerREC Setup ] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Gravador de Tela\ApowerREC 1.4.14.8 Portable\_Unpack Portable.cmd [_Unpack Portable] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Downloads\scpbradinst.exe [Instalador do Componente de Segurança Bradesco] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Atalhos Progs\Defesa - Combofix e Banker\bankerfix.exe [7z Setup SFX] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\bankerfix.exe [7z Setup SFX] =>.SUP.Orphan.MUICache

---\\ Summary of the elements found (7)
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Empty
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Empty
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Other
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/ =>.SUP.Orphan.MUICache

---\\ Other deletions. (22)
~ Registry Keys Tracing deleted (19)
~ Remove the old reports ZHPCleaner. (3)

---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK

---\\ Statistics
~ Items scanned : 2162
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 49152
~ Items options : 16/17

---\\ OPTIONS NOT ACTIVES
~ Start browsers with extensions removed

~ End of clean in 00h02mn13s

---\\ Reports (2)
ZHPCleaner-[S]-06082021-07_27_36.txt
ZHPCleaner-[R]-06082021-07_41_27.txt

Elias Pereira · 10 de agosto de 2021

@Marcio Handerson

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop)

roguekiller.exe (x64) << link

Feche todos os programas
Execute o RogueKiller.exe.
** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em
Clique em SCAN
Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
Clique no botão RESULTS
Clique na opção REPORT e em EXPORT e selecione a opção Text file...
Salve o arquivo na area de trabalho com o nome roguekiller_report

Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Marcio Handerson · 12 de agosto de 2021

@Elias Pereira

RogueKiller Anti-Malware V15.0.9.0 (x64) [Aug 5 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64-bit
Started in : Normal mode
User : Marcio [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210809_120810, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/08/11 22:23:42 (Duration : 00:08:29)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Adw.Gen (Malicious)] (folder) Wondershare Helper Compact -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Chrome Config
[PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- google.com_ -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Elias Pereira · 12 de agosto de 2021

@Marcio Handerson

Execute novamente o RogueKiller e após o scan, marque as entradas para remoção.

Abra o relatório gerado, copie e cole o conteúdo na sua próxima resposta.

Marcio Handerson · 12 de agosto de 2021

@Elias Pereira

RogueKiller Anti-Malware V15.0.9.0 (x64) [Aug 5 2021] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64-bit
Started in : Normal mode
User : Marcio [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210809_120810, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2021/08/12 20:47:01 (Duration : 00:08:27)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Adw.Gen (Malicious)] Wondershare Helper Compact -- %programfiles(x86)%\Common Files\Wondershare\Wondershare Helper Compact -> Deleted
[PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword -- google.com_ -> Deleted

Elias Pereira · 13 de agosto de 2021

@Marcio Handerson

Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Meu computador e selecione a opção Propriedades.
Em Propriedades, selecione a opção Configurações avançadas do sistema.
Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.
Depois basta seguir as instruções em tela, para criar seu ponto de restauração.OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows + R e digite: msconfig

- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo

- Clique na guia Inicialização de Programas e clique em Desativar tudo

Siga as mensagens ate que seja solicitado a reiniciar.
Me informe se tudo ok ou se ocorreu algum problema.

Marcio Handerson · 14 de agosto de 2021

Boa tarde@Elias Pereira

Procedimento efetuado, criado o ponto de restauração e desativei os programas.

Até agora OK

Elias Pereira · 15 de agosto de 2021

@Marcio Handerson

Em relação a malwares, não temos mais problemas.

SISTEMA OPERACIONAL SEM ATUALIZAÇÕES:

O suporte para Windows 7 terminou em 14 de janeiro de 2020. Sugiro atualizar seu sistema operacional para o Windows 10.
https://www.microsoft.com/en-US/Windows/Windows-7-end-of-life-support-information

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Marcio Handerson · 15 de agosto de 2021

@Elias Pereira Posso desinstalar o RogueKiller? Os demais programas rodam em versão "portable"?

Em relação ao WIN7 tem alguns programas que só consigo rodar nele.

Vou tentar atualizar sim fico com receio de incompatibilidade, tenho um Acer Aspire 5750-6631.

Elias Pereira · 15 de agosto de 2021

6 horas atrás, Marcio Handerson disse:

Posso desinstalar o RogueKiller? Os demais programas rodam em versão "portable"?

Pode desinstalar. Acredito que tenha a versão portable deles.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

RenatoM · 21 de agosto de 2021

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.