WoodStockz

Oi Elias, Agradeço a ajuda ! Realmente estava com um problema no HD. Levei em um técnico q conseguiu resolver. Muito obrigado pela ajuda.

@Elias Pereira estou tentando fazer o procedimento e não consegui ainda. Estava dando erro na instalação do RogueKiller no modo normal. E até agora não consegui reiniciar o notebook em modo de segurança pra testar se conseguiria instalar dessa forma Acontece o mesmo erro no modo de segurança ..ilustrado na foto abaixo !

@Elias Pereira Bom dia, fiz o procedimento anterior no modo normal !

Olá Elias, obrigado pela ajuda ! Fiquei mais de 15 horas pra conseguir fazer esse procedimento =( Está bem difícil de trabalhar e fazer qualquer atividade no notebook. Foram gerados 4 logs q colo abaixo. # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-06-29.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 07-05-2021 # Duration: 00:22:29 # OS: Windows 8.1 Single Language # Scanned: 31986 # Detected: 24 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.InstallCore HKCU\Software\csastats PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{518b33ae-375d-712d-6742-d1fe0400268d} PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F ***** [ Chromium (and derivatives) ] ***** PUP.Optional.SearchManager Search Manager - nahhmpbckpgdidfnmfkfgiflpjijilce PUP.Optional.SearchManager Search Manager - pilplloabdedfmialnfchjomjmpjcoej ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10 Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10 Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} Preinstalled.SamsungEasyDisplayManager Folder C:\ProgramData\SAMSUNG\EASY DISPLAY MANAGER Preinstalled.SamsungSAgent Folder C:\Program Files\SAMSUNG\S AGENT Preinstalled.SamsungSAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CE5214-0543-430F-BA91-5C94C4EF7281} Preinstalled.SamsungSAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SAgent Preinstalled.SamsungSAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8} Preinstalled.SamsungSAgent Task C:\Windows\System32\Tasks\SAGENT Preinstalled.SamsungSettings Folder C:\Program Files (x86)\SAMSUNG\SETTINGS Preinstalled.SamsungSettings Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE525979-92A6-4F50-ACEB-039AB774C35D} Preinstalled.SamsungSettings Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Settings Preinstalled.SamsungSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9} Preinstalled.SamsungSettings Task C:\Windows\System32\Tasks\SETTINGS Preinstalled.SamsungUpdate Folder C:\Program Files (x86)\SAMSUNG\SW UPDATE Preinstalled.SamsungUpdate Folder C:\ProgramData\SAMSUNG\SW UPDATE ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## ______________________________________________________________________________________ # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-06-29.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-05-2021 # Duration: 00:00:11 # OS: Windows 8.1 Single Language # Cleaned: 24 # Awaiting reboot:2 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{518b33ae-375d-712d-6742-d1fe0400268d} Deleted HKCU\Software\PRODUCTSETUP Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F Deleted HKCU\Software\csastats ***** [ Chromium (and derivatives) ] ***** Deleted Search Manager - nahhmpbckpgdidfnmfkfgiflpjijilce Deleted Search Manager - pilplloabdedfmialnfchjomjmpjcoej ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10 Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10 Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} Deleted Preinstalled.SamsungEasyDisplayManager Folder C:\ProgramData\SAMSUNG\EASY DISPLAY MANAGER Deleted Preinstalled.SamsungSAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CE5214-0543-430F-BA91-5C94C4EF7281} Deleted Preinstalled.SamsungSAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SAgent Deleted Preinstalled.SamsungSAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8} Deleted Preinstalled.SamsungSAgent Task C:\Windows\System32\Tasks\SAGENT Deleted Preinstalled.SamsungSettings Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE525979-92A6-4F50-ACEB-039AB774C35D} Deleted Preinstalled.SamsungSettings Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Settings Deleted Preinstalled.SamsungSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9} Deleted Preinstalled.SamsungSettings Task C:\Windows\System32\Tasks\SETTINGS Deleted Preinstalled.SamsungUpdate Folder C:\Program Files (x86)\SAMSUNG\SW UPDATE Deleted Preinstalled.SamsungUpdate Folder C:\ProgramData\SAMSUNG\SW UPDATE Needs Reboot Preinstalled.SamsungSAgent Folder C:\Program Files\SAMSUNG\S AGENT Needs Reboot Preinstalled.SamsungSettings Folder C:\Program Files (x86)\SAMSUNG\SETTINGS ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ***** Reboot Required to Complete ***** ***** [ Folders ] ***** Cleaning failed C:\Program Files (x86)\SAMSUNG\SETTINGS Cleaning failed C:\Program Files\SAMSUNG\S AGENT ************************* AdwCleaner[S00].txt - [3923 octets] - [05/07/2021 14:26:56] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## _______________________________________________________________________________________ ~ ZHPCleaner v2021.7.3.308 by Nicolas Coolman (2021/07/03) ~ Run by Iuri (Administrator) (05/07/2021 16:46:09) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Users\Iuri\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\Iuri\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Single Language, 64-bit (Build 9600) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (1) FOUND task: [Adobe Flash Player Updater] [C:\WINDOWS\Tasks\Adobe Flash Player Updater.job] =>Riskware.FlashPlayer ---\\ Explorer ( File, Folder) (89) FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce =>SUP.Optional.SearchManager FOUND file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Preferences =>ChromiumPreference FOUND file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>ChromiumPreference FOUND file: C:\Windows\Tasks\Adobe Flash Player Updater.job =>Riskware.FlashPlayer FOUND file: C:\Users\Iuri\AppData\Local\winzipper.bak =>.SUP.TaiwanShuiMu FOUND file: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico] =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar] =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\KMSELDI.exe [@ByELDI - KMS GUI ELDI] =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS] =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\unins000.dat =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\unins000.exe [ - Setup/Uninstall] =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib] =>HackTool.KMSpico FOUND file: C:\Program Files\KMSpico\WinDivert.dll =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\cert =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\driver =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\icons =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\logs =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\scripts =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\sounds =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico\TokensBackup =>HackTool.KMSpico FOUND folder: C:\Program Files\KMSpico =>HackTool.KMSpico FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0220ea8d7a914515 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0838efc6f832f82c =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0c2a2f52c9600c56 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1b49f3fc915f04f1 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bde5b6e3efb2000 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bf91bbd51f058cf =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1e1d4abc159cf512 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign211c241aa481c5c5 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign30705b68034b5d93 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3392a19f3c2c7188 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign36e28cf847f3d37e =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3841bbd91c319d79 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign39648ad5d742d776 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3d5e8ed0e13f21cd =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52bd8f10631b1b69 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52eb84d2e43f78a0 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign56c8297f1e4907ad =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign5c6b9a1386a58075 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6748377ec59221cf =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign69103d2ed17f19e5 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6e93aba834f86fe4 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign71b6b47790ce8457 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7550caa7e410419c =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign772902d1bc029718 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7765b1f9cceb0183 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign776d3f7ccdd1d808 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign798caa2d94b46d08 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign830e4d67810aaa42 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign92cc9b8272b6a8fa =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign96922b6ee3f86cf6 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9d10fbe0e16076a5 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9dc921772016eea6 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna0bacca210ec24d5 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna2a624feff94aa98 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna3ed2ace7e91c05a =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna45c81899703956a =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna8b20a0c1af4af61 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignaf50d54c38609187 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb308cb22db5ef61f =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb76c0e63b576c5cb =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb93e0e2f34a4b414 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignc4e145ea9643d0fa =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignd845cf5fc3fda09a =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne7299cb0dac1806b =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne914a2d7012e1c02 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf073f38956d24389 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf2381d0c41869696 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf6aaf55dc527f679 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfb560bf984d08714 =>.SUP.Temporary FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfec171a2fad3c62e =>.SUP.Temporary FOUND folder: C:\Program Files (x86)\QuickTime =>Riskware.QuickTime FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0 =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\_metadata =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin\icons =>SUP.Optional.SearchManager FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor =>SUP.Optional.SearchManager ---\\ Registry ( Key, Value, Data) (7) FOUND key: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>SUP.Optional.SearchManager FOUND key: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>SUP.Optional.SearchManager FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5E89C403-F5FF-48DF-9CAB-DAB9E92AC702}\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6] =>Hijacker.Browser FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6] =>Hijacker.Browser FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater [] =>Riskware.FlashPlayer FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe Systems Incorporated] =>Riskware.FlashPlayer ---\\ Summary of the elements found (8) https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/ =>Riskware.FlashPlayer https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>SUP.Optional.SearchManager https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/ =>ChromiumPreference https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.TaiwanShuiMu https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser ---\\ Result of repair ~ Any repair made ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 185635 ~ Items found : 167 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of search in 05h14mn16s ---\\ Reports (0) ZHPCleaner-[S]-05072021-22_00_25.txt _____________________________________________________________________________________ ~ ZHPCleaner v2021.7.3.308 by Nicolas Coolman (2021/07/03) ~ Run by Iuri (Administrator) (05/07/2021 22:22:30) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Iuri\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Iuri\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Single Language, 64-bit (Build 9600) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (1) DELETED task: [Adobe Flash Player Updater] [C:\WINDOWS\Tasks\Adobe Flash Player Updater.job (Not File) ] =>Riskware.FlashPlayer ---\\ Explorer ( File, Folder) (235) MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium MOVED file: C:\Windows\Tasks\Adobe Flash Player Updater.job =>Riskware.FlashPlayer MOVED file: C:\Users\Iuri\AppData\Local\winzipper.bak =>.SUP.TaiwanShuiMu MOVED file: C:\Windows\SECOH-QAD.dll =>HackTool.KMSpico MOVED file: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\2bfc185be71f44cd73ac81511fc1f5a5.woff =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\AmpSearchServiceLocalList.json =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\b495e340f4ef8924fea0284c1bf9e7ac.woff =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\background.html =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\background.v0.0.1.min.js =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\client.v0.0.1.min.js =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\common.js.v0.0.1.min.js =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\e_.json =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\e5d3501d500d07b0a1e952b0f8a81d78.woff =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\index.html =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\manifest.json =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\responseConfig.json =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\_metadata\verified_contents.json =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\bundle.v0.0.1.min.css =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\HelveticaNeueLT-Roman.woff =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\HelveticaNeue-Thin.otf =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\neue.woff =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\neue-bold.woff =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\_enhanced_google.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\_gmx_large.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\alot.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\angle-arrow-down.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bing.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bing_large.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bluesky-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\brush.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bt.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\clock.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\cloud.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\cupcake-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\desk-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\doodle.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\down.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\enhanced_google.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\eyeglass.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\eyeglass_transparent.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\gmx_large.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\google.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\google_large.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\hero-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\just-the-box.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\just-the-box-empty.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\mountain-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\pointer2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\radio-selected.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\radio-unselected.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sea-bg.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\search-D7D7D7.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\search-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\settings.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\smallMagnifier.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\star.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\star-unselected.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\todoc.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\toggle-off.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\toggle-on.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\topdf.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\transparent_img.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yahoo.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yahoo.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yahoo_large.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yandex.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\close-FF8A5A.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\collection-9B9B9B.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\collection-FF691E.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\doc-icon-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\error-FF691E.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\pdf-2-doc-9B9B9B.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\pdf-2-doc-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\pdf-icon-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\success-FF8A5A.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\tab-arrow-FF691E.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\upload-FF691E.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\amazon.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\amazon-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\close.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\enlarge-000000-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\enlarge-FFCA00-000000.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\hulu.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\hulu-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\minimize-000000-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\netflix.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\netflix-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\refresh-FFFFFF-000000.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\shrink-FFCA00-000000.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\shuffle-000000.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\shuffle-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\vudu.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\vudu-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\128.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\16.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\48.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\close.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\favicon.ico =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\trends.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\bing-maps-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\from-to-icon-8881FF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\google-maps-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\location-icon-8881FF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\search-4A4A4A.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\search-8881FF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\switch-8881FF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\tab-arrow-8881FF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\whereto-logo-8881FF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\whereto-logo-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\aliexpress.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\aliexpress_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\amazon.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\amazon_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\booking.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\booking_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\ebay.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\ebay_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\expedia.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\expedia_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\facebook.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\facebook_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\gmail.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\gmail_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\gtranslte.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\pinterest.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\pinterest_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\twitter.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\twitter_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\wix.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\wix_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\yahoo.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\yahoo_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\youtube.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\youtube_tile_v2.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\DOC-to-PDF.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\PDF-to-DOC.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\Translation.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\View-PDF.jpg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\01d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\01n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\02d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\02n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\03d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\03n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\04d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\04n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\09d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\09n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\10d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\10n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\11d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\11n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\13d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\13n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\50d.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\50n.svg =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin\icons\16.png =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor\md5.min.js =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor\react-dom.min.js =>SUP.Optional.SearchManager MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor\react-with-addons.min.js =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce =>SUP.Optional.SearchManager MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0220ea8d7a914515 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0838efc6f832f82c =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0c2a2f52c9600c56 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1b49f3fc915f04f1 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bde5b6e3efb2000 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bf91bbd51f058cf =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1e1d4abc159cf512 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign211c241aa481c5c5 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign30705b68034b5d93 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3392a19f3c2c7188 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign36e28cf847f3d37e =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3841bbd91c319d79 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign39648ad5d742d776 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3d5e8ed0e13f21cd =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52bd8f10631b1b69 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52eb84d2e43f78a0 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign56c8297f1e4907ad =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign5c6b9a1386a58075 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6748377ec59221cf =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign69103d2ed17f19e5 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6e93aba834f86fe4 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign71b6b47790ce8457 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7550caa7e410419c =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign772902d1bc029718 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7765b1f9cceb0183 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign776d3f7ccdd1d808 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign798caa2d94b46d08 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign830e4d67810aaa42 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign92cc9b8272b6a8fa =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign96922b6ee3f86cf6 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9d10fbe0e16076a5 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9dc921772016eea6 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna0bacca210ec24d5 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna2a624feff94aa98 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna3ed2ace7e91c05a =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna45c81899703956a =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna8b20a0c1af4af61 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignaf50d54c38609187 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb308cb22db5ef61f =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb76c0e63b576c5cb =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb93e0e2f34a4b414 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignc4e145ea9643d0fa =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignd845cf5fc3fda09a =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne7299cb0dac1806b =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne914a2d7012e1c02 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf073f38956d24389 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf2381d0c41869696 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf6aaf55dc527f679 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfb560bf984d08714 =>.SUP.Temporary MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfec171a2fad3c62e =>.SUP.Temporary MOVED folder: C:\Program Files (x86)\QuickTime =>Riskware.QuickTime MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0 =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\_metadata =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin\icons =>SUP.Optional.SearchManager MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor =>SUP.Optional.SearchManager ---\\ Registry ( Key, Value, Data) (7) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5E89C403-F5FF-48DF-9CAB-DAB9E92AC702}\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6] =>Hijacker.Browser DELETED key*: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>SUP.Optional.SearchManager DELETED key*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [] =>SUP.Optional.SearchManager DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater [] =>Riskware.FlashPlayer DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe Systems Incorporated] =>Riskware.FlashPlayer ---\\ Summary of the elements found (8) https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/ =>Riskware.FlashPlayer https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.TaiwanShuiMu https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>SUP.Optional.SearchManager https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser ---\\ Other deletions. (1) ~ Registry Keys Tracing deleted (1) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 1925 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h03mn43s ---\\ Reports (2) ZHPCleaner-[S]-05072021-22_00_25.txt ZHPCleaner-[R]-05072021-22_26_13.txt

Pessoal, meu notebook está muito lento e travando rotineiramente ... fica parecendo q ele está executando alguma operação de processamento de dados muito pesada ! Demorei cerca de 4 horas apenas para conseguir fazer esse post. Também esta demorando muito para inicializar e algumas vezes trava nesse processo. Ontem depois de umas 3-4 horas de insistência ele até começou fluir melhor com alguns congelamentos esporádicos. Acredito q tenha algum vírus q esteja comprometendo o processamento de dados e travando o sistema ... Agradeço a ajuda ! Abraços ZA-Scan.txt