×
Ir ao conteúdo
  • Cadastre-se

Marcio Handerson

Membro Pleno
  • Posts

    45
  • Cadastrado em

  • Última visita

  • Qualificações

    0%

Reputação

1

Informações gerais

  • Cidade e Estado
    Recife/PE
  • Sexo
    Masculino
  1. @Elias Pereira Posso desinstalar o RogueKiller? Os demais programas rodam em versão "portable"? Em relação ao WIN7 tem alguns programas que só consigo rodar nele. Vou tentar atualizar sim fico com receio de incompatibilidade, tenho um Acer Aspire 5750-6631.
  2. Boa tarde@Elias Pereira Procedimento efetuado, criado o ponto de restauração e desativei os programas. Até agora OK
  3. @Elias Pereira RogueKiller Anti-Malware V15.0.9.0 (x64) [Aug 5 2021] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64-bit Started in : Normal mode User : Marcio [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210809_120810, Driver : Loaded Mode : Standard Scan, Delete -- Date : 2021/08/12 20:47:01 (Duration : 00:08:27) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Adw.Gen (Malicious)] Wondershare Helper Compact -- %programfiles(x86)%\Common Files\Wondershare\Wondershare Helper Compact -> Deleted [PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword -- google.com_ -> Deleted
  4. @Elias Pereira RogueKiller Anti-Malware V15.0.9.0 (x64) [Aug 5 2021] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64-bit Started in : Normal mode User : Marcio [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210809_120810, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2021/08/11 22:23:42 (Duration : 00:08:29) Switches : -minimize ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Adw.Gen (Malicious)] (folder) Wondershare Helper Compact -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> Chrome Config [PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- google.com_ -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  5. @Elias Pereira # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-08-05.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 08-06-2021 # Duration: 00:00:17 # OS: Windows 7 Home Basic # Scanned: 31996 # Detected: 30 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.AcerArcadeDeluxe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2637C347-9DAD-11D6-9EA2-00055D0CA761} Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD Preinstalled.AcerIdentityCard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER EPOWER MANAGEMENT Preinstalled.AcerRegistration Folder C:\Program Files (x86)\ACER\REGISTRATION Preinstalled.AcerRegistration Folder C:\Program Files\ACER\REGISTRATION Preinstalled.AcerRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Acer Registration Preinstalled.AcerUpdater Folder C:\Program Files\ACER\ACER UPDATER Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MEDIAESPRESSO Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MOVIE Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MVP Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DADE325-51A7-4B6F-9C87-B6D38678B18D} Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52E0C135-3451-45CB-B31B-2494A1D66E65} Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8FD40D1-A424-4B72-80BA-3A754DECF7D2} Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DMREngine Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\clear.fi Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\clear.fiAgent Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C} Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B906C11A-D193-4143-9FA7-E2EE8A5A8F21} Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\CLEAR.FI Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\CLEAR.FIAGENT Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\DMRENGINE Preinstalled.GatewayMyBackup Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D} Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964} Preinstalled.SamsungSmartSwitch Folder C:\Users\Marcio\AppData\Roaming\SAMSUNG\SMART SWITCH PC AdwCleaner[S00].txt - [4973 octets] - [06/08/2021 06:55:44] AdwCleaner[S01].txt - [5034 octets] - [06/08/2021 06:57:21] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ########## =========================================================############################################################################ ~ ZHPCleaner v2021.8.2.316 by Nicolas Coolman (2021/08/02) ~ Run by Marcio (Administrator) (06/08/2021 07:39:14) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : ~ Type : Repair ~ Report : C:\Users\Marcio\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Marcio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;*.local] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is legitimate (1) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (301) MOVED file: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\Marcio\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Windows\Installer\wix{16044E2C-5ADC-4C34-B2FB-5A2E0B6908F6}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{2E2C5B04-0539-43B0-BC16-EF1B7DFF03A5}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{536BCB9B-9D3F-493F-9236-8D50A93B70F9}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{714A536C-BF60-4341-A69C-8797F07DCA8F}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{9750FA29-18AB-41C9-B997-D7FBF7B790D6}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{D37959D7-227D-481D-95E1-F28C556215AA}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{DCB455E3-2BE8-477C-A006-AE83446EED46}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\%%%3FDD.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\%%%6B40.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\%%%D608.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI1DB1.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI1EEC.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI2191.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI27A5.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI3A9A.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI4DB2.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI7086.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI75EA.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMI8027.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIAB4C.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMID5C5.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMID5D1.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMID89F.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIDE21.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIE707.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIEAFD.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIEC17.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIEF98.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIF02D.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\DMIF433.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\FXSTIFFDebugLogFile.txt =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\nulrilsh.err =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\officec2rclient.exe_c2ruidll(20210323044955D64).log =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\RES2687.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\tmp240D.tmp =>.SUP.Temporary.Other MOVED file: C:\Users\Marcio\AppData\Local\Temp\{03A05353-C94D-41C4-9A65-69770BE5CF7C} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{05417129-B611-4F24-9D59-379247A61428} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{05B7AA4E-6B29-4511-98D1-D684F2077CA6} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0665C232-19AC-4571-AE67-8D43AD47499C} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0803890F-077A-4F2A-9960-5A589CB1D838} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0C48A345-2E73-427A-AFF2-8F79C716EDC7} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{0CD18474-23FB-48A9-8757-3BF47B723D65} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{106D8573-8EF0-4F68-BC7D-D93A75EB3E33} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{173B7ED1-BC0F-4E7A-AF6E-8C5BD5498803} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{18073F3D-BC48-4996-B4FB-8F67D3729C0D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{1E145ED5-AF32-4200-A6A9-E1C20BE61B96} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{1F2452FA-CC79-464C-BA88-F3245476174C} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{21FFCE5E-67F3-4FDE-8B31-61D25B5EF25A} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{23CE5164-1A2F-487C-834F-EE2EF30F3712} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{277D5AFB-8251-4213-97E5-FA7D4F57DE7E} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{2C698115-6162-48D5-BE95-03FE359D2AC5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{2DCDDF82-0505-4D73-8442-C4DA39398153} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{33096550-4FA8-43E3-9C30-5070942ACE6D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{331D38D5-34DA-42D3-9106-C6870F7D3DD3} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{34C1F5DB-22E4-430C-A083-0F89F8E55FA6} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3688CEED-F6E0-43BF-AC74-48B2125A8F7F} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{38120CFC-C92F-491D-98AB-B071A0B675F2} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{391AB40F-E6E5-4AA9-9BF7-62051381EDF1} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3A7E694F-D7A8-413D-B425-C989C943F1C8} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3AC96421-FA1E-4F11-9970-1A0019AEF1EE} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3B74ACDE-E9DE-45F1-A489-EB3BCCB855BC} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3BC3B2C5-AD11-4AA4-A2C1-EF332CC8CAA6} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3F49D161-F2F7-4CE3-82E6-14FC36094642} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{3FFD132D-13A0-4535-9734-5331D70961C5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{402576FA-1730-49DD-ADAD-E922A0F5C362} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{407F5C72-C680-45C8-AA0F-ED50C7EEE2BA} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{41046B5F-A0FA-4D89-A220-544078281CA6} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{41F50507-4697-4551-9FCB-2D87FFD72DCB} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{446AF86C-EA50-47DE-86C1-6A3A3F784A94} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4C07F985-42B4-4050-AEC3-1365FE63BD83} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4D4FDB3E-B8BA-405C-9F7C-D68B0692156B} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4D823C2C-5F57-4118-9448-CFA4313F1F6A} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{4E35CE9C-5E4C-4EBE-9661-0AA169D748C4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{515AC867-2711-4E52-B00E-0BECC4B47306} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5368F356-F290-428F-9AE3-E6002736DD96} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{55752121-E22F-4125-8428-8C2F107EAC47} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{599F8909-3400-44D7-82E6-0C681BE9AD4D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5C29490F-6B38-45AA-B0FB-0F212EAADDE1} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5D4B316C-2947-4C7A-8F09-2651FBE85A45} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5D8F6D7A-12F6-49E0-B94A-D3C59E29823C} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5E25BC16-A858-4E90-BF41-A2A1CB4719A8} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{5F763A3E-2ABE-46D4-8215-2C919782DC88} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6344CEE8-C75D-447C-9A8E-2651E4B95DCE} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{650A6CCE-0052-4FA5-94C2-A1DC901F4101} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{66B22B61-E82F-4F41-8F88-CF9BEC494093} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6977381C-DDA2-471E-A7AE-53714AD763D4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6DCBB724-E550-4D6A-97F0-925D397381F5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{6E4C60B2-4127-4551-9925-A24CFDE87AF3} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{717F5923-350F-4DA4-BA98-58B9EF462B80} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{73A38394-9B88-4483-8203-40FD051E4446} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{758035DA-AD60-4008-A4FF-88CBBD215B53} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{774E38BA-50E9-41D6-A96B-CC4AE6A52643} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7830C844-6EC1-426C-B0C1-EBB90B2248A4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7984F6AE-4DF6-4802-B525-319418F80383} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{799D1F6E-BEA1-4BB4-BF01-4D65A0939F8D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7D375BE1-A1A3-46F5-8DDC-F4B92B2FC233} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7E8D4EFC-E5FF-4569-BD11-FB0681C337FA} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7E9785C0-08E4-4E58-92D7-72DBB27E8477} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{7F25382A-D4B8-41CB-9CDC-5CA688C8A364} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{818F83C6-1761-4869-B8F0-CF525F663A41} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{830E64D5-C771-42BF-88BA-D481F2AFE450} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{84964B53-8AE1-44B6-81C0-53A1624D1EB5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8739710A-399E-4B75-85B1-053F7CB7B1BA} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8819F970-3413-4DCF-A524-B5112C92AECC} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8A232139-4A11-4F96-BEE8-4FE0D08786BF} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8AD906E9-D9AC-4A0C-BB43-8357E1636794} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8CD4EA86-A6CB-45F8-B59A-746795DD6346} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8D8D28C8-4503-4631-B720-416108D6FC02} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{8D9733C8-6135-4A63-8217-30292DC39107} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{904E783C-9795-4EC6-983A-F3D2C91DDA32} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9056E0B4-2EF2-41FC-B0F8-48EF05DAD4F5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{934B2E31-1CB5-4829-A9C4-BE5275978A55} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9663D2CC-7977-4170-998A-81537DCCB22E} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{975719C6-A0C0-4132-AB6D-C09116ECC88A} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{97F8C437-81DF-4E49-B43F-BBACC8F62942} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{99425E3C-F9F2-4E0A-896C-2E07A7BEF140} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9A5F6368-F8D8-4728-81F8-E1817225C9EC} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9A626E37-448C-4680-A681-FE1DA9208EED} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9AFD869D-B55E-4136-AA4F-6C31146A73FD} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{9BD999DF-1BB8-4CBB-94E6-3F4E7C6EA76B} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A0E67B15-C026-4407-867F-DED1D3B0FE36} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A1242D9C-8DE8-40E8-9975-5BF61811BFFE} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A1346F80-C556-46DE-97BB-6D873B184731} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A19A926A-7EB2-4564-A2BC-7510FDCCA594} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A2E68FAC-9815-4C29-9A08-414317AFA1EB} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A41C8423-D2E3-4632-9FFE-9BE145F4F238} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A4245B7B-761F-45F1-9F76-ECC780F72C11} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A4A1882A-B00C-4595-8B7B-ADD5A0177367} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A7386324-22C2-4A51-8B1E-0CD6E096EB81} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A7667C30-1432-4335-91AC-720585D08115} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A77366BD-688B-415F-8C6E-3161499B2184} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A9750521-68E8-4EBE-ABC8-6981CB6B0DB2} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{A9BB6648-C692-4EF3-95F1-B38E2252D4EE} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AA1850A4-142A-4D25-B491-65D8E31B06D6} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{ABC903F1-2BBD-4796-9316-0A217DA263DB} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AC0CC69C-751C-4DA3-A887-D1690126271A} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{ACDC5AD7-85B2-465C-A63B-D9C2F06BCF87} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AEE17BDC-EA0C-4EC1-A3D5-C528605486AD} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{AF71D3C3-258A-4E96-BA2B-6FC1CED918E0} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B062BB24-EF7B-4F85-BAF1-E877259939A3} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B1C68E57-7712-4DB5-8313-F5561A525ED4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B3A20215-19A2-4B22-AD55-598331B97770} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B76E9774-E90F-4534-B03E-5A45FB801932} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B7B664A8-6BC3-4D3C-8B19-2F81A113AED5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B7E8564E-5A06-4A4C-A0F9-BD9A7678EE12} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{B8ED4017-41CD-4787-A888-2AB6A14F97F2} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BA059D88-08A0-4BB1-A207-6EF3C3A975ED} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BA0998B3-F4B6-4B8F-B1BA-A51F085C04FA} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BA8EFED0-1B0F-40C3-BEE6-1500933DBC91} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BBB59523-4AAC-4B54-9B08-43B77BEB1591} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{BF52E842-70BA-492B-9E30-CAEBA05AAD49} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C117223C-40B9-4306-A3EA-B37526248AC5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C2E6A1F2-5626-4354-A2D3-D860B6D1A0D3} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C3A9481E-97DD-497F-B43F-CA8D49C3F8E9} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C8591E93-1EA9-4517-A971-87A2C0C9E564} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C85ECE41-5FFC-41FE-A5B8-38D0D45CB44C} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{C938235F-680E-4986-BB34-136D1B8EEA1D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D41B5434-D751-4DF7-864F-95659E3D53F0} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D43EA6DF-E59C-46B7-A3BE-035EC06EC5D8} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D516D9DC-DA91-4A6C-81C1-850DA6F6A526} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D525D2FA-0402-4D9F-8318-50C63681F0A3} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D6F3AA24-E536-4FA5-9DE7-AF5253757A87} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D797C721-A8E7-4B36-8EA3-4741CBE563DA} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D7C04349-F175-4EBC-9348-9DA667D6A7F4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{D936663C-9B7D-4C6B-8F58-AE73C622114D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{DA2E87D3-A044-4D0A-92F8-6F39FDCE3AC4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{E5D36AD2-3471-4C03-8FE5-36D07C843097} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{E60DA2F4-8C7F-46EC-910A-6410BC0ADAE4} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{E82A36BB-69E6-4409-9514-1798AEB3A4F9} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{ECA54CE3-4114-485B-BCF9-4B545F776720} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F073A4F0-CB5F-421E-9BF9-B3639CF2514D} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F34BABD6-7D60-45BC-B44B-A939D47A6EFE} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F37A7538-3649-4F9D-9A91-967DA96A4B65} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F546DE8E-B349-4050-B8ED-1BCDB40AA03E} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{F96FFC69-DA77-4698-BB76-BCC2C13A0460} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{FA8D88F5-A865-40E5-8BB1-A78533614311} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{FE841AD0-300F-46FD-9BB6-4EB93DAB7AC5} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\{FF61E8B4-F341-4519-8419-5F0E597C6FA0} - OProcSessId.dat =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\~DF1C48FFE4A07CC089.TMP =>.SUP.Temporary.Other MOVED file: C:\Users\Marcio\AppData\Local\Temp\~DF95CF6604262F582A.TMP =>.SUP.Temporary.Other MOVED file: C:\Users\Marcio\AppData\Local\Temp\~DFAA096344140F86AB.TMP =>.SUP.Temporary.Other MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\009 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\011 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\014 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\017 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\018 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\022 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\023 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\024 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\025 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\026 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\027 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\028 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\029 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\030 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\031 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\032 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\033 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\034 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\035 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\036 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\037 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\038 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\039 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\040 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\041 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\042 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\043 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\044 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\045 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\046 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\047 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\048 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\049 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\050 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\051 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\052 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\053 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\054 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\055 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\056 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\057 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\058 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\059 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\060 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\061 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\062 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\063 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\064 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\065 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\066 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\067 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\068 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\069 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\070 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\071 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\072 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\073 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\074 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\075 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\076 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\077 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\078 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\079 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\080 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\082 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\083 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\084 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\085 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\086 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\087 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\088 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\089 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\090 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\091 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\092 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\093 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\094 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\095 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\096 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\097 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\098 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\099 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\100 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\101 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\102 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\103 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\104 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\105 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\106 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\107 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\108 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\109 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\110 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\111 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\112 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\113 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\114 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\115 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\116 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\117 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\118 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins =>.SUP.Temporary.Chrome ---\\ Registry ( Key, Value, Data) (44) DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\CrystalDiskInfo\DiskInfo64.exe [CrystalDiskInfo] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Google Chrome] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXIT READER.EXE [Foxit Reader 6.1, Best Reader for Everyday Use!] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Google\Drive\googledrivesync.exe [googledrivesync] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\AppData\Local\modaltrader\modaltrader.exe [modaltrader] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [Windows Live Photo Gallery] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [Windows Live Movie Maker] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [clear.fi] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Firefox] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\videolan\vlc\vlc.exe [VLC media player] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Tryd5\trader.exe [trader] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [Dropbox] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE [Word] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE [Excel] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\7-Zip\7zFM.exe [7-Zip File Manager] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE [Office XML Handler] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de Fotos do Windows] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Windows Media Player] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows NT\Accessories\WORDPAD.EXE [WordPad] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Downloads\uTorrent.exe [µTorrent] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\POWERPNT.EXE [PowerPoint] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Wondershare\Wondershare Filmora Scrn\FSRecorder.exe [Wondershare Filmora Scrn] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Wondershare\Wondershare Filmora Scrn\BsSndRpt64.exe [Crash reporting Send Utility, BsSndRpt.exe] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\AppData\Roaming\uTorrent\uTorrent.exe [µTorrent] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\MPC-HC\mpc-hc64.exe [MPC-HC (x64)] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe [Reproduzir com Potplayer apenas(64-Bit)] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\F:\Imposto de Renda\PROG IR 2020\IRPF2020.exe [IRPF2020] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Arquivos de Programas RFB\LEAO2020\LEAO2020.exe [LEAO2020] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\OP-5T\minimal_adb_fastboot_v1.4.3_setup.exe [Minimal ADB and Fastboot Setup ] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Minimal ADB and Fastboot\cmd-here.exe [cmd-here] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\OP-5T\QDLoader HS-USB Driver_64bit_Setup.exe [QUALCOMM Setup] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [Microsoft Edge] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [Microsoft Office Click-to-Run Client] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Arquivos de Programas RFB\LEAO2019\LEAO2019.exe [LEAO2019] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\F:\Imposto de Renda\PROG IR 2021\IRPF2021.exe [IRPF2021] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Gravador de Tela\CamStudioPortable_2.7.2_English.paf.exe [CamStudio Portable] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\F:\Imposto de Renda\PROG IR 2021\GCAP 2020\GCAP2020.exe [GCAP2020] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Gravador de Tela\ApowerREC 1.4.14.8 Portable\ApowerREC 1.4.14.8.exe [ApowerREC Setup ] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Gravador de Tela\ApowerREC 1.4.14.8 Portable\_Unpack Portable.cmd [_Unpack Portable] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Downloads\scpbradinst.exe [Instalador do Componente de Segurança Bradesco] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\Atalhos Progs\Defesa - Combofix e Banker\bankerfix.exe [7z Setup SFX] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Marcio\Desktop\bankerfix.exe [7z Setup SFX] =>.SUP.Orphan.MUICache ---\\ Summary of the elements found (7) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Empty https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Empty https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Other https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Chrome https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/ =>.SUP.Orphan.MUICache ---\\ Other deletions. (22) ~ Registry Keys Tracing deleted (19) ~ Remove the old reports ZHPCleaner. (3) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 2162 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 49152 ~ Items options : 16/17 ---\\ OPTIONS NOT ACTIVES ~ Start browsers with extensions removed ~ End of clean in 00h02mn13s ---\\ Reports (2) ZHPCleaner-[S]-06082021-07_27_36.txt ZHPCleaner-[R]-06082021-07_41_27.txt
  6. Bom dia, Podem me ajudar tenho percebido uma lentidão na resposta do mouse e percebi um aumento do consumo da CPU. Tenho um Acer Aspire 5750-6631 com 6Gb RAM. Se puderem me ajudar a fazer um checkup agradeço! Segue em anexo ADW e ZHP AdwCleaner[S02].txt ~ ZHPCleaner - After Repair.txt
  7. @Weslleyyyy consegui não .... rodei e não encontrei uma adaptador no Aliexpress. Se alguém puder dar uma dica agradeço
  8. Boa noite poderiam me ajudar. Existe algum adaptador de M2 NVME para ssd sata 2.5? Procurei que só e não encontrei no ALI. Comprei o SSD porque o Windows 10 esta com frescura depois de uma atualização, não sei o que acontece com o HD da sempre um erro e travava ... troquei o HD pelo SSD normal e funcionou no da irmã da minha cunhada. Acabei inventando de comprar um SSD KingDian m2 NVME 512Gb para o meu Dell Inspiron 14z 5423 visando a velocidade superior. Comprei esse adaptador achando que iria funciona, só que ele não entra no meu notebook ... a case é SATA 3 .... e o note tem SATA 2.5 Pcie 3.0 pci-express ngff ssd x4 x16 intel M-KEY b-key card m.2 a u.2 SFF-8639 conversor de adaptador com u2 caixa https://pt.aliexpress.com/item/33026570569.html?spm=a2g0s.9042311.0.0.1d18b90am0akJZ Se puderem me ajudar agradeço!
  9. @Elias Pereira Bom dia, Fiz o procedimento solicitado. Vou aguardar mais alguns dias, mas o computador deu umas travadas com o Chrome. Como se estivesse consumindo muita memória, podes me dar alguma dica? Tem hora que o computador simplesmente trava. Não sei o que poderia ser. Agradeço desde já!
  10. @Elias Pereira Pode falar procedimentos posteriores. Agradeço desde já!
  11. @Elias Pereira rodei novamente e removi segue o script. O que devo fazer agora? RogueKiller Anti-Malware V13.1.3.0 (x64) [Jan 24 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : Marcio [Administrator] Started from : C:\Users\Marcio\Desktop\RogueKiller_portable64.exe Signatures : 20190121_152739, Driver : Loaded Mode : Standard Scan, Delete -- Date : 2019/01/27 18:04:40 (Duration : 00:37:43) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B} -- [%localappdata%\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayActiveX-x64.dll] -> Deleted [Suspicious.Path (Potentially Malicious)] HKEY_CLASSES_ROOT\CLSID\{FE2EC208-BECF-4E83-8BF4-E35DBA4EB6A1} -- [%localappdata%\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayVersion-x64.exe] -> Deleted [PUP.HackTool (Potentially Malicious)] Keys.lnk -- %_Marcio_appdata%\Microsoft\Windows\Recent\Keys.lnk (lnk => C:\Program Files\KMSpico\TokensBackup\Keys.txt []) -> Deleted [PUP.HackTool (Potentially Malicious)] TokensBackup.lnk -- %_Marcio_appdata%\Microsoft\Windows\Recent\TokensBackup.lnk (lnk => C:\Program Files\KMSpico\TokensBackup []) -> Deleted [PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword -- google.com_ -> Deleted
  12. @Elias Pereira não é para clicar em removal? O programa encontrou algumas ameaças. Segue em abaixo o report. RogueKiller Anti-Malware V13.1.3.0 (x64) [Jan 24 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : Marcio [Administrator] Started from : C:\Users\Marcio\Desktop\RogueKiller_portable64.exe Signatures : 20190121_152739, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/01/25 18:32:14 (Duration : 00:34:42) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> O101 - Clsid [Suspicious.Path (Potentially Malicious)] (X64) HKEY_CLASSES_ROOT\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B} -- (Microsoft Corporation) C:\Users\Marcio\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayActiveX-x64.dll -> Found [Suspicious.Path (Potentially Malicious)] (X64) HKEY_CLASSES_ROOT\CLSID\{FE2EC208-BECF-4E83-8BF4-E35DBA4EB6A1} -- (Microsoft Corporation) C:\Users\Marcio\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayVersion-x64.exe -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.HackTool (Potentially Malicious)] (shortcut) Keys.lnk -- C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Recent\Keys.lnk => C:\Program Files\KMSpico\TokensBackup\Keys.txt -> Found [PUP.HackTool (Potentially Malicious)] (shortcut) TokensBackup.lnk -- C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Recent\TokensBackup.lnk => C:\Program Files\KMSpico\TokensBackup -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> Chrome Config [PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- google.com_ -> Found adicionado 1 minuto depois Segue um print das ameaças encontradas. Aguardo resposta de como proceder. Obrigado pela ajuda!
  13. @Elias Pereira Demorou muito o MBAM acabou agora de madrugada e ele só me deu a opção de deixar em Quarentena. Vou rodar as etapas 2 e 3 agora espero que seja mais rápido. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 21/01/2019 Hora da análise: 13:01 Arquivo de registro: dd8907da-1d95-11e9-8991-00ffe0a96479.json -Informação do software- Versão: 3.6.1.2711 Versão de componentes: 1.0.519 Versão do pacote de definições: 1.0.8878 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: Marcio-PC\Marcio -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 384149 Ameaças detectadas: 8 Ameaças em quarentena: 0 Tempo decorrido: 9 hr, 22 min, 22 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 4 PUP.Optional.DriverPack, HKU\S-1-5-21-2766664585-520136655-3584524175-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, Nenhuma ação do usuário, [980], [472299],1.0.8878 PUP.Optional.IdleKMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoPico Daily Restart, Nenhuma ação do usuário, [9356], [156330],1.0.8878 PUP.Optional.IdleKMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BE9AEF5D-6228-426B-8DAC-9D3F6E9B7ABC}, Nenhuma ação do usuário, [9356], [156330],1.0.8878 PUP.Optional.IdleKMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{BE9AEF5D-6228-426B-8DAC-9D3F6E9B7ABC}, Nenhuma ação do usuário, [9356], [156330],1.0.8878 Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 4 PUP.Optional.IdleKMS, C:\WINDOWS\SYSTEM32\TASKS\AutoPico Daily Restart, Nenhuma ação do usuário, [9356], [156330],1.0.8878 PUP.Optional.IdleKMS, C:\PROGRAM FILES\KMSPICO\AUTOPICO.EXE, Nenhuma ação do usuário, [9356], [156330],1.0.8878 MachineLearning/Anomalous.100%, C:\USERS\MARCIO\DESKTOP\ECO\RTA74771, Nenhuma ação do usuário, [0], [392687],1.0.8878 MachineLearning/Anomalous.100%, C:\USERS\MARCIO\DESKTOP\ECO\SPINB.EXE, Nenhuma ação do usuário, [0], [392687],1.0.8878 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) adicionado 1 minuto depois Sairam esses relatórios Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 22/01/2019 Hora da análise: 03:07 Arquivo de registro: 0a9fb04a-1e0c-11e9-9106-00ffe0a96479.json -Informação do software- Versão: 3.6.1.2711 Versão de componentes: 1.0.519 Versão do pacote de definições: 1.0.8906 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: System -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Agendamento Resultado: Concluído Objetos verificados: 276229 Ameaças detectadas: 6 Ameaças em quarentena: 6 Tempo decorrido: 23 min, 59 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 PUP.Optional.DriverPack, HKU\S-1-5-21-2766664585-520136655-3584524175-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, Quarentena, [981], [472299],1.0.8906 Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 5 PUP.Optional.Funmoods, C:\USERS\MARCIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Substituído, [302], [455241],1.0.8906 PUP.Optional.Funmoods, C:\USERS\MARCIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Substituído, [302], [455241],1.0.8906 PUP.Optional.Funmoods, C:\USERS\MARCIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Substituído, [302], [455241],1.0.8906 PUP.Optional.ASK, C:\USERS\MARCIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Substituído, [2], [454827],1.0.8906 PUP.Optional.ASK, C:\USERS\MARCIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Substituído, [2], [454827],1.0.8906 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) adicionado 31 minutos depois # ------------------------------- # Malwarebytes AdwCleaner 7.2.6.0 # ------------------------------- # Build: 12-18-2018 # Database: 2019-01-21.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-22-2019 # Duration: 00:00:17 # OS: Windows 7 Home Basic # Cleaned: 5 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\Marcio\AppData\LocalLow\IObit\Advanced SystemCare V8 Deleted C:\Users\Marcio\AppData\Roaming\IObit\Advanced SystemCare V8 ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted banggood.com Not Deleted AVG Secure Search Deleted Softonic BR ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1602 octets] - [22/01/2019 04:20:52] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## adicionado 55 minutos depois @Elias Pereira ~ ZHPCleaner v2019.1.21.10 by Nicolas Coolman (2019/01/21) ~ Run by Marcio (Administrator) (22/01/2019 04:54:35) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Marcio\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Marcio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;*.local;<local>;192.168.*.*] =>Hijacker.Proxy ---\\ Hosts file (1) ~ The hosts file is legitimate (1) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (53) MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-2280.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-2484.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-3400.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-3932.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-4508.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-4612.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-5212.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-5236.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-5292.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-5732.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6204.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6240.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6420.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6460.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6560.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6680.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-6900.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-7028.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\aria-debug-7116.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Marcio\AppData\Local\Temp\PCWA5D0.tmp =>.SUP.Temporary.Empty MOVED file: C:\Users\Marcio\AppData\Local\Temp\PCWB71E.tmp =>.SUP.Temporary.Empty MOVED folder: C:\Users\Marcio\AppData\Roaming\DRPNano =>.SUP.DriverPack MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\009 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\011 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\014 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\017 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\018 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Marcio\AppData\Local\{581C338B-1D41-445F-A2D5-EAA20C0ADCDA} =>.SUP.Empty MOVED folder: C:\Users\Marcio\AppData\Local\{D1D7A705-192B-4DB2-8474-5A342019EA77} =>.SUP.Empty MOVED folder: C:\Users\Marcio\AppData\Local\Temp\chrome_BITS_2240_10050 =>.SUP.Empty MOVED folder: C:\Users\Marcio\AppData\LocalLow\BAVData =>.SUP.Empty MOVED folder: C:\Users\Marcio\AppData\LocalLow\EmieBrowserModeList =>.SUP.Empty MOVED folder: C:\Users\Marcio\AppData\LocalLow\EmieSiteList =>.SUP.Empty MOVED folder: C:\Users\Marcio\AppData\LocalLow\EmieUserList =>.SUP.Empty ---\\ Registry ( Key, Value, Data) (2) DELETED key*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec ---\\ Summary of the elements found (8) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Empty https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec ---\\ Other deletions. (12) ~ Registry Keys Tracing deleted (10) ~ Remove the old reports ZHPCleaner. (2) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 2096 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 25459 ~ End of clean in 00h01mn52s ---\\ Reports (2) ZHPCleaner--22012019-04_51_03.txt ZHPCleaner-[R]-22012019-04_56_27.txt # ------------------------------- # Malwarebytes AdwCleaner 7.2.6.0 # ------------------------------- # Build: 12-18-2018 # Database: 2019-01-21.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-22-2019 # Duration: 00:00:17 # OS: Windows 7 Home Basic # Cleaned: 5 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\Marcio\AppData\LocalLow\IObit\Advanced SystemCare V8 Deleted C:\Users\Marcio\AppData\Roaming\IObit\Advanced SystemCare V8 ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted banggood.com Not Deleted AVG Secure Search Deleted Softonic BR ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1602 octets] - [22/01/2019 04:20:52] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
  14. Boa tarde Elias, Segue abaixo os resultados solicitados. Agradeço desde já a ajuda! Addition.txt FRST.txt

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Ebook grátis: Aprenda a ler resistores e capacitores!

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!